Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please help me be sure my computer is clean


  • Please log in to reply

#46
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
You really are lucky enough. What a wonderful environment and I understand why when the wife speaks, you listen.
She's beautiful.

This Iminent thing has been hogging my CPU resources and keeps opening the firefox browser to it's homepage. That's one reason it took so long to run OTL. I see it is shown in add/remove programs.

Another strange thing. While OTL was running an error box came up "cmd.exe the application failed to initialize properly (0xc000014z) click on ok to terminate the application. I closed it from task manager where I was watching OTL run.

Temp is 57 C now

I am going to run the iso disk I hope I burned correctly. I will leave both chips in for now. In order to open computer and check chips individually I have to move it to kitchen. Not enough space to do it here.




Here is OTL log

OTL logfile created on: 1/26/2013 3:34:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.44 Gb Total Physical Memory | 0.10 Gb Available Physical Memory | 7.24% Memory free
3.29 Gb Paging File | 1.36 Gb Available in Paging File | 41.17% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.50 Gb Total Space | 91.31 Gb Free Space | 85.74% Space Free | Partition Type: NTFS
Drive D: | 5.29 Gb Total Space | 0.96 Gb Free Space | 18.14% Space Free | Partition Type: FAT32

Computer Name: YOUR-XHTR8HVC4P | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/26 12:58:45 | 000,890,376 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\Iminent\MinibarFirefox.exe
PRC - [2013/01/26 12:58:00 | 000,832,392 | ---- | M] (Iminent) -- C:\Documents and Settings\Owner\Local Settings\temp\nsx68.tmp\10\iminent.exe
PRC - [2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/01/16 09:54:02 | 000,688,704 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\RarSFX0\Binaries\FirefoxInstaller.exe
PRC - [2012/12/19 10:05:40 | 001,074,888 | ---- | M] (Iminent) -- C:\Program Files\Iminent\Iminent.exe
PRC - [2012/12/19 10:05:40 | 000,884,936 | ---- | M] (Iminent) -- C:\Program Files\Iminent\Iminent.Messengers.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/14 09:57:16 | 002,620,016 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/11/01 14:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/09/12 02:32:32 | 004,679,672 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/23 22:34:34 | 000,016,384 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
PRC - [2003/08/09 11:27:16 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe
PRC - [2003/06/14 01:53:34 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2003/06/13 06:08:16 | 000,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/05/23 04:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/03/21 19:52:06 | 000,552,960 | ---- | M] (interMute, Inc.) -- C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
PRC - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
PRC - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/26 13:23:52 | 006,754,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\92cccedc7cda413ff6fc6492cb256b58\System.Data.ni.dll
MOD - [2013/01/26 13:23:29 | 000,656,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\016f9a150fce0e0a4c93532d8fa4c749\PresentationFramework.Luna.ni.dll
MOD - [2013/01/26 13:23:12 | 017,629,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
MOD - [2013/01/26 13:22:37 | 011,057,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2013/01/26 13:22:03 | 013,006,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2013/01/26 13:21:44 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2013/01/26 13:21:37 | 003,779,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2013/01/26 13:20:41 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2013/01/26 13:20:25 | 000,973,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
MOD - [2013/01/26 13:19:33 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2013/01/26 13:19:04 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2013/01/26 13:18:30 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2013/01/26 12:58:45 | 000,890,376 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\Iminent\MinibarFirefox.exe
MOD - [2013/01/26 11:52:31 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\sfamcc00003.dll
MOD - [2013/01/26 11:52:31 | 000,158,720 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\sfareca00003.dll
MOD - [2013/01/26 11:50:02 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\sfamcc00002.dll
MOD - [2013/01/26 11:50:02 | 000,158,720 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\sfareca00002.dll
MOD - [2013/01/26 11:14:36 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\sfamcc00001.dll
MOD - [2013/01/26 11:14:35 | 000,158,720 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\sfareca00001.dll
MOD - [2013/01/23 08:51:25 | 014,586,888 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2013/01/16 15:10:52 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/01/16 09:54:02 | 000,688,704 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\RarSFX0\Binaries\FirefoxInstaller.exe
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/08/23 22:34:34 | 000,143,360 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\bwfiles.dll
MOD - [2003/08/23 22:34:34 | 000,094,208 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\FrExt.dll
MOD - [2003/08/23 22:34:34 | 000,053,248 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\clntutil.dll
MOD - [2003/08/23 22:34:34 | 000,020,480 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\frext-137903.dll
MOD - [2003/08/23 22:34:34 | 000,020,480 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BWfiles-137903.dll
MOD - [2003/08/23 22:34:34 | 000,016,384 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
MOD - [2003/08/23 22:34:32 | 000,053,248 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\HPClientExt.dll
MOD - [2003/06/17 01:57:56 | 000,163,840 | ---- | M] () -- c:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqUtil.dll
MOD - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
MOD - [2003/02/21 05:50:12 | 000,040,960 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPGina.dll
MOD - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
MOD - [2003/02/21 05:49:54 | 000,172,032 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPComm.dll
MOD - [2003/02/21 05:49:44 | 000,061,440 | ---- | M] () -- C:\Program Files\Softex\OmniPass\ginastub.dll
MOD - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/16 15:10:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/14 09:57:16 | 002,620,016 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Softex\OmniPass\omniServ.exe -- (omniserv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (mrtRate)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2008/04/13 22:04:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003/08/11 12:22:54 | 000,040,228 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/21 23:18:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/03/31 23:29:42 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/03/20 00:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/12/27 13:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/10/01 09:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/06/04 16:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminen...9E-DA1961C8F593
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20130104,6902,0,64,0"
FF - prefs.js..browser.search.selectedEngine: "SearchTheWeb"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.iminen...E-DA1961C8F593"
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: extension21804%40extension21804.com:0.87.11
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.netassistant.keyword.url: "http://syndaneta.net...94&searchterm="
FF - prefs.js..keyword.URL: "http://search.yahoo....6902,0,64,0&p="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/22 01:09:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/01/22 01:10:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2013/01/26 13:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions
[2012/11/16 10:02:33 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2013/01/26 12:58:53 | 000,000,000 | ---D | M] ("Coupon Companion Plugin") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]
[2013/01/23 12:13:00 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]
[2013/01/26 12:58:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\chrome
[2013/01/26 12:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\defaults
[2013/01/26 12:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\locale
[2013/01/26 12:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\skin
[2013/01/26 12:58:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\chrome\content\extensionCode
[2013/01/24 20:51:13 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/22 01:09:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/16 15:11:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/16 15:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/12/14 09:57:14 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://search.iminen...9E-DA1961C8F593
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.iminen...9E-DA1961C8F593
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/01/24 20:19:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Reg Error: Value error.) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE (Novell, Inc., c/o Corel Corporation Limited)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [StorageGuard] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\BackupNotify.exe ( )
O4 - HKCU..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe (interMute, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\mswsock.dll File not found
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71E0B485-8793-4C90-B0BB-4E041D1C2FBB}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - (C:\Program Files\Softex\OmniPass\opxpgina.dll) - C:\Program Files\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/23 07:53:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/26 13:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2013/01/26 13:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Iminent
[2013/01/26 13:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/01/26 13:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/26 13:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/01/26 13:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/26 13:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2013/01/26 13:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Temp
[2013/01/26 12:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Iminent
[2013/01/26 12:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2013/01/26 12:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2013/01/26 12:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Updater21804
[2013/01/26 12:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2013/01/26 12:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Coupon Companion Plugin
[2013/01/26 11:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\SpeedFan
[2013/01/26 11:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2013/01/26 08:01:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/01/25 15:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\minidump unzipped
[2013/01/25 15:17:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/25 14:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Minidump
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\NirSoft BlueScreenView
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/01/24 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
[2013/01/24 20:24:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/01/24 01:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\CC Support
[2013/01/24 01:13:13 | 002,712,200 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/23 22:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/01/23 22:49:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/01/23 22:49:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/01/23 22:49:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/01/23 22:49:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/01/23 22:49:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/23 22:49:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/01/23 22:41:22 | 005,026,656 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/23 22:22:27 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 22:19:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Shortcut to 7-Zip
[2013/01/23 22:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\7-Zip
[2013/01/23 22:00:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2013/01/23 18:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2013/01/23 17:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/23 13:24:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/23 12:09:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 09:47:34 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 09:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2013/01/23 08:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2013/01/22 23:33:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2013/01/22 23:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google
[2013/01/22 23:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/22 23:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/22 13:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/01/22 13:04:53 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2013/01/22 08:12:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\WordPerfect Office 11
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013/01/22 08:00:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/01/22 07:07:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2013/01/22 03:11:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/01/22 03:08:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/01/22 02:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/01/22 02:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013
[2013/01/22 01:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2013/01/22 01:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/22 01:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/01/22 01:38:26 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/22 01:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/22 01:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/01/22 01:25:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/01/22 01:20:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/01/22 01:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Identities
[2013/01/22 01:12:51 | 000,000,000 | ---D | C] -- C:\I386
[2013/01/22 01:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2013/01/22 01:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/01/22 01:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/22 01:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/22 01:03:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2013/01/22 01:03:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/01/22 01:03:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/01/22 01:03:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/01/22 01:02:48 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/01/22 01:01:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/01/22 01:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013
[2013/01/22 01:01:19 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/01/22 01:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/01/22 01:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\$AVG
[2013/01/22 00:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/01/22 00:57:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2013
[2013/01/22 00:40:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/01/22 00:39:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/01/22 00:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/01/22 00:33:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/01/22 00:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/01/22 00:29:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/01/22 00:29:29 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/01/22 00:26:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/01/22 00:26:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/01/22 00:26:12 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2013/01/21 23:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\UserData
[2013/01/21 23:37:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2013/01/21 23:36:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/01/21 23:35:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013/01/21 23:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/01/21 23:31:25 | 001,675,264 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2013/01/21 23:31:25 | 001,630,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2013/01/21 23:31:25 | 000,106,496 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgspl.ax
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2013/01/21 23:31:25 | 000,047,104 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2013/01/21 23:31:24 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2013/01/21 23:31:24 | 001,150,976 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2013/01/21 23:31:24 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2013/01/21 23:30:54 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2013/01/21 23:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Encarta Online
[2013/01/21 23:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Multimedia Card Reader
[2013/01/21 23:29:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/26 15:25:18 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/26 13:45:06 | 000,000,596 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/26 13:24:16 | 000,423,410 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/26 13:24:16 | 000,062,442 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/26 11:44:31 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/26 11:13:38 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:36 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/26 08:03:35 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2013/01/26 07:37:20 | 000,001,393 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/26 07:36:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/26 07:36:04 | 1542,901,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/25 15:00:23 | 000,026,911 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:34 | 000,140,608 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 20:19:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/01/24 20:07:26 | 005,026,656 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/24 13:45:12 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:40 | 004,009,167 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:48 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 01:13:15 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/24 00:29:48 | 000,000,431 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to IMG_0387.JPG.lnk
[2013/01/24 00:15:51 | 000,000,368 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/24 00:04:55 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBR.dat
[2013/01/23 23:48:36 | 000,003,489 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\attach.zip
[2013/01/23 23:07:48 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:54:11 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/23 22:23:23 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 16:04:13 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 13:30:48 | 001,531,090 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/23 13:24:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:30:10 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 12:08:06 | 002,053,105 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 12:07:54 | 001,653,739 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 09:47:36 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 02:00:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 23:19:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/22 13:04:53 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:40:36 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/22 08:13:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/01/22 08:13:07 | 000,001,079 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2013/01/22 08:13:07 | 000,000,258 | ---- | M] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 08:08:31 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/22 01:38:32 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:09:59 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/22 00:29:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/01/22 00:29:38 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2013/01/21 23:36:28 | 000,001,865 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | M] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:32:38 | 000,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/01/21 23:27:45 | 000,000,196 | RHS- | M] () -- C:\BOOT.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/26 13:44:45 | 000,000,596 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/26 11:13:38 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:33 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/25 20:38:23 | 1542,901,760 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/25 15:04:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/25 15:00:23 | 000,026,911 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:39 | 000,140,608 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 13:45:10 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:25 | 004,009,167 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:47 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 00:30:04 | 001,531,090 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/24 00:29:48 | 000,000,431 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to IMG_0387.JPG.lnk
[2013/01/24 00:15:51 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:48:36 | 000,003,489 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\attach.zip
[2013/01/23 23:10:54 | 002,053,105 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 23:10:38 | 001,653,739 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 23:06:55 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:49:36 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/01/23 22:49:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/01/23 22:49:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/01/23 22:49:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/01/23 22:49:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/01/23 22:35:24 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MBR.dat
[2013/01/23 16:04:12 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 12:30:09 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:30:06 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/22 23:25:38 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/22 23:25:37 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 09:54:00 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/22 08:13:07 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 01:38:32 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/01/22 01:20:27 | 000,001,393 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/22 01:09:59 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:31 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2013/01/22 00:40:29 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2013/01/22 00:40:25 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2013/01/22 00:33:36 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/01/22 00:33:36 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/01/22 00:33:36 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/01/22 00:33:36 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/01/22 00:33:36 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/01/22 00:33:36 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/01/22 00:33:36 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/01/22 00:33:35 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/01/22 00:33:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/01/22 00:33:35 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/01/22 00:33:35 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/01/22 00:33:35 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/01/22 00:33:35 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/01/22 00:33:35 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/01/22 00:33:35 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/01/22 00:33:35 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/01/22 00:33:35 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/01/22 00:33:35 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/01/22 00:33:35 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/01/22 00:33:35 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/01/22 00:33:35 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/01/22 00:33:35 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/01/22 00:33:35 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/01/22 00:33:34 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/01/22 00:33:34 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/01/22 00:33:34 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/01/22 00:33:34 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/01/22 00:33:34 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/01/22 00:33:34 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/01/22 00:33:34 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/01/22 00:33:34 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/01/22 00:33:34 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/01/22 00:33:34 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/01/22 00:33:34 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/01/22 00:33:34 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/01/22 00:33:34 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/01/22 00:33:34 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/01/22 00:33:34 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/01/22 00:33:34 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/01/22 00:33:34 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/01/22 00:33:34 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/01/22 00:33:34 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/01/22 00:33:34 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/01/22 00:33:34 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/01/22 00:33:34 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/01/22 00:33:34 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/01/22 00:33:34 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/01/22 00:33:34 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/01/22 00:33:34 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/01/22 00:33:34 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/01/22 00:33:34 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/01/22 00:33:34 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/01/22 00:33:34 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/01/22 00:33:34 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/01/22 00:33:33 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/01/22 00:33:33 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/01/22 00:33:33 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/01/22 00:33:33 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/01/22 00:33:33 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/01/22 00:33:33 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/01/22 00:33:33 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/01/22 00:33:33 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/01/22 00:33:33 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/01/22 00:33:33 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/01/22 00:33:33 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/01/22 00:33:33 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/01/22 00:33:33 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/01/22 00:33:33 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/01/22 00:29:57 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/01/22 00:29:57 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/01/22 00:29:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/01/22 00:29:57 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2013/01/22 00:29:55 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/01/22 00:29:55 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2013/01/22 00:29:50 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/01/22 00:29:41 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2013/01/22 00:29:39 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2013/01/22 00:29:39 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2013/01/22 00:29:38 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2013/01/22 00:29:38 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2013/01/22 00:29:37 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2013/01/22 00:29:37 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2013/01/22 00:29:37 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2013/01/22 00:29:37 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2013/01/22 00:29:37 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2013/01/22 00:29:36 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2013/01/22 00:29:34 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2013/01/22 00:29:34 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/01/22 00:29:31 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2013/01/22 00:29:26 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2013/01/22 00:29:25 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2013/01/22 00:29:25 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2013/01/22 00:29:22 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/01/22 00:29:21 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2013/01/22 00:29:11 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2013/01/22 00:29:10 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2013/01/22 00:29:08 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/01/22 00:29:08 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/01/22 00:29:07 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2013/01/22 00:29:04 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2013/01/22 00:29:02 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2013/01/22 00:28:56 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/01/22 00:28:56 | 000,058,273 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2013/01/22 00:28:56 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/01/22 00:28:55 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2013/01/22 00:28:52 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2013/01/22 00:28:46 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2013/01/22 00:28:43 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2013/01/22 00:28:43 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2013/01/22 00:28:42 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2013/01/22 00:28:42 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2013/01/22 00:28:42 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2013/01/22 00:28:42 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2013/01/22 00:28:41 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/01/22 00:28:40 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2013/01/22 00:28:40 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2013/01/22 00:28:40 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2013/01/22 00:28:40 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2013/01/22 00:28:40 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2013/01/22 00:28:40 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2013/01/22 00:28:40 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2013/01/22 00:28:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2013/01/22 00:28:40 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2013/01/22 00:28:39 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/01/22 00:28:36 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/01/22 00:28:27 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2013/01/22 00:28:24 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2013/01/22 00:28:23 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2013/01/22 00:28:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/01/22 00:28:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2013/01/22 00:28:16 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2013/01/22 00:28:15 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/01/22 00:28:14 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/01/22 00:28:14 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2013/01/22 00:27:24 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2013/01/22 00:27:24 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2013/01/22 00:27:21 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2013/01/22 00:27:18 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/01/22 00:27:18 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/01/22 00:27:17 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2013/01/22 00:27:15 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2013/01/22 00:27:13 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2013/01/22 00:27:12 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2013/01/22 00:27:11 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2013/01/22 00:27:11 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2013/01/22 00:27:10 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2013/01/22 00:27:10 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2013/01/22 00:27:09 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2013/01/22 00:27:09 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2013/01/22 00:27:08 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2013/01/22 00:27:08 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2013/01/22 00:27:08 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2013/01/22 00:27:06 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2013/01/22 00:27:06 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/01/22 00:27:06 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2013/01/22 00:27:05 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2013/01/22 00:26:27 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2013/01/22 00:26:26 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2013/01/22 00:26:26 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2013/01/22 00:26:26 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2013/01/22 00:26:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2013/01/22 00:26:24 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2013/01/22 00:26:21 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2013/01/22 00:26:20 | 000,038,302 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2013/01/22 00:26:15 | 000,082,944 | ---- | C] () -- C:\WINDOWS\clock.avi
[2013/01/22 00:26:15 | 000,071,859 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2013/01/22 00:26:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2013/01/22 00:26:14 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2013/01/22 00:26:13 | 000,042,339 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2013/01/22 00:26:13 | 000,041,762 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2013/01/22 00:26:11 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2013/01/22 00:26:11 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2013/01/22 00:25:59 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2013/01/22 00:25:59 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
[2013/01/21 23:36:43 | 000,000,196 | RHS- | C] () -- C:\BOOT.BAK
[2013/01/21 23:36:35 | 000,245,920 | RHS- | C] () -- C:\cmldr
[2013/01/21 23:36:28 | 000,001,865 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | C] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:31:41 | 000,001,488 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Recovery.lnk
[2013/01/21 23:31:41 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealOne Player.lnk
[2013/01/21 23:31:41 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Help and Support.lnk
[2003/08/23 09:12:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2003/08/23 08:08:30 | 000,012,159 | ---- | C] () -- C:\Documents and Settings\Owner\ml1.srt
[2003/08/23 08:08:30 | 000,011,847 | ---- | C] () -- C:\Documents and Settings\Owner\ml2.srt

========== ZeroAccess Check ==========

[2003/08/23 08:16:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/31 06:33:26 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/22 01:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 00:57:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/26 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Iminent
[2013/01/26 13:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/26 14:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/26 13:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/01/22 01:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/01/26 13:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2003/08/28 22:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\interMute
[2013/01/23 18:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2003/08/23 22:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2013/01/26 13:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/22 01:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#47
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Hey, just checked your profile. I was born and raised on a farm near Augusta, BA from Emory, MBA from GA State Univ.
Always pulled for Tech since Emory had no intercollegiate sports. Was USAF pilot, 2 tours in Vietnam, and later Postmaster for 26 years here in Henderson NC.
  • 0

#48
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
I have the memtest86+-4.20.iso file on my windows 7 desktop. I read instructions o burn this file as image to the cd as it is without opening, which I did.

I inserted the burned image file cd in both my cd-rw drive and in my dvd-rom drive on the xp, but I only heard the disk spinning trying to open, but nothing on the screen. What did I do wrong? Should I have opened the .iso file before burning image to disk.
  • 0

#49
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c

:Services
mrtRate
catchme
Sunkfiltp

:OTL
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}
FF - prefs.js..browser.startup.homepage: "http://search.iminent.com/?appId=DCE3956F-2BCF-4F4A-AD9E-DA1961C8F593"
FF - prefs.js..extensions.netassistant.keyword.url: "http://syndaneta.net/?Programid=132&Elementname=Keyword&Applicationid={2AF6E42C-A5E3-434D-9944-53B5A47DCCD1}&Version=3.6.5&Vintage=20130104&Defaultbrowserid=64&Productid=2957&Vendorid=6944&Offerid=6894&searchterm="
[2012/12/14 09:57:14 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/11/16 10:02:33 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminen...9E-DA1961C8F593
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}
[2013/01/26 13:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2013/01/26 13:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Iminent
[2013/01/26 13:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/26 13:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/26 13:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2013/01/26 12:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Iminent
[2013/01/26 12:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2013/01/26 12:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2013/01/26 12:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Updater21804

:files
C:\Program Files\Iminent
C:\Documents and Settings\Owner\Local Settings\temp\nsx68.tmp
C:\Program Files\Common Files\Umbrella
C:\Documents and Settings\Owner\Local Settings\temp\RarSFX0
C:\Documents and Settings\Owner\Local Settings\Application Data\Temp\*.*

:Commands
[EMPTYTEMP]
[Reboot]


then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.

No you don't open it. You just save it then point free Iso Burner at it. The problem may be with your boot order. When you see the PC makers' logo there should be instructions on what key to press to get into BIOS or CMOS setup. You go into the setup and then you change the boot order so that it looks at the CD/DVD first. http://helpdeskgeek....order-xp-vista/

If you get it right you should see the message: Hit any key to boot from cd/dvd or words to that effect.
  • 0

#50
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
I pasted the text in the custom scan/fixes and clicked run fix. The OTL started to run over 30 minutes ago and it is frozen at Killing processes. Do not interrupt.

The computer seems to be frozen also. I am only getting very intermittent flashes on the HD light. I can't do anything. The mouse pointer doesn't make anything happen. control, alt, delete doesn't do anything. I may have screwed up. I copied the text with control + c but by force of habit I pasted the text by right clicking and clicking left to paste instead of using control + v as instructed. I did make sure that it was the exact text you provided that got copied before I clicked run fix.

I am afraid that the only way I am going of get out of this is by shutting off power, but I will wait to see if you have time to reply before I pull power
  • 0

#51
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Go ahead and shut it down. Try it again with:

:OTL
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}
FF - prefs.js..browser.startup.homepage: "http://search.iminen...E-DA1961C8F593"
FF - prefs.js..extensions.netassistant.keyword.url: "http://syndaneta.net...94&searchterm="
[2012/12/14 09:57:14 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/11/16 10:02:33 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminen...9E-DA1961C8F593
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}
[2013/01/26 13:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2013/01/26 13:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Iminent
[2013/01/26 13:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/26 13:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/26 13:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2013/01/26 12:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Iminent
[2013/01/26 12:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2013/01/26 12:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2013/01/26 12:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Updater21804

:files
C:\Program Files\Iminent
C:\Documents and Settings\Owner\Local Settings\temp\nsx68.tmp
C:\Program Files\Common Files\Umbrella
C:\Documents and Settings\Owner\Local Settings\temp\RarSFX0
C:\Documents and Settings\Owner\Local Settings\Application Data\Temp\*.*

:Commands
[EMPTYTEMP]
[Reboot]
  • 0

#52
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Wouldn't shut down with on/off button
Pulled power plug in back
Plugged back in
Pressed power button
computer booted nicely in normal
Copied your text with control c
Opened OTL
pasted text with control v
clicked run fix
everything froze immediately
OTL didn't even get started as far as I could tell and computer is completely locked
  • 0

#53
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Can you run OTL quickscan?
  • 0

#54
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
OTL ran fine in quick scan.

I am having trouble getting rid of IMinent. Got Foxfire homepage back, but addon is still showing although grayed out and disabled. IMinent and iminent toolbar for IE is still showing in add/remove. It won't uninstall from add/remove although it give option and says it uninstalls, it's still there

Here is the OTL log
have a good trip off island

OTL logfile created on: 1/27/2013 8:41:46 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.44 Gb Total Physical Memory | 0.66 Gb Available Physical Memory | 45.60% Memory free
3.29 Gb Paging File | 2.50 Gb Available in Paging File | 75.97% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.50 Gb Total Space | 90.09 Gb Free Space | 84.59% Space Free | Partition Type: NTFS
Drive D: | 5.29 Gb Total Space | 0.96 Gb Free Space | 18.14% Space Free | Partition Type: FAT32

Computer Name: YOUR-XHTR8HVC4P | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/12/19 10:05:40 | 001,074,888 | ---- | M] (Iminent) -- C:\Program Files\Iminent\Iminent.exe
PRC - [2012/12/19 10:05:40 | 000,884,936 | ---- | M] (Iminent) -- C:\Program Files\Iminent\Iminent.Messengers.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/14 09:57:16 | 002,620,016 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/09 11:27:16 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe
PRC - [2003/06/14 01:53:34 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2003/06/13 06:08:16 | 000,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/05/23 04:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/03/21 19:52:06 | 000,552,960 | ---- | M] (interMute, Inc.) -- C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
PRC - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
PRC - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/27 08:29:47 | 000,148,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\566d9af33f357fb8b8133927dc5f0ce2\System.Configuration.Install.ni.dll
MOD - [2013/01/27 08:28:45 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\578e2c661908dea0af10151bc199f347\System.EnterpriseServices.ni.dll
MOD - [2013/01/27 08:28:45 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\578e2c661908dea0af10151bc199f347\System.EnterpriseServices.Wrapper.dll
MOD - [2013/01/27 08:28:43 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\6e903ce8719e50acd783f8726b11249f\System.Transactions.ni.dll
MOD - [2013/01/27 08:28:41 | 001,020,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f616e6911a3d461193cd0e6e003adca5\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/01/27 08:28:37 | 000,142,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3b7f418545abc074940776fea9ad635e\SMDiagnostics.ni.dll
MOD - [2013/01/27 08:28:36 | 002,637,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fe0d8dda05b9d38bbb664432300b4f42\System.Runtime.Serialization.ni.dll
MOD - [2013/01/27 08:28:29 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\7256e28382f57416b828a0cc143b67b3\System.Xaml.ni.dll
MOD - [2013/01/27 08:26:26 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\65e520f98f7674d462d26671c1ce97a7\PresentationFramework.Luna.ni.dll
MOD - [2013/01/27 08:26:12 | 018,000,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\25884c52a01d74137ffacdb51d8f2d04\PresentationFramework.ni.dll
MOD - [2013/01/27 08:25:41 | 011,451,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3ca69d589c23a0be94f3858f72e7a595\PresentationCore.ni.dll
MOD - [2013/01/27 08:25:20 | 003,856,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\6133e360071a2fa7ba7deb483816e585\WindowsBase.ni.dll
MOD - [2013/01/27 08:14:07 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\9a75548aa508a2645318308885b3eee0\System.Data.ni.dll
MOD - [2013/01/27 08:13:33 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\197761bb3230bf9d4f540305dcf6717c\System.Configuration.ni.dll
MOD - [2013/01/27 08:13:28 | 013,198,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\12f94ec43a0160ab9ddd755b0e1be881\System.Windows.Forms.ni.dll
MOD - [2013/01/27 08:13:09 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8ba0620535aa28d509b9397500b7d530\System.Drawing.ni.dll
MOD - [2013/01/27 08:11:29 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a0db56351a1589e44868456609b01737\System.Core.ni.dll
MOD - [2013/01/27 08:11:12 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6d9da56c9f607615b55d6742d8427d\System.Xml.ni.dll
MOD - [2013/01/27 08:11:01 | 009,093,120 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c182d7a0bd88caf2cddccb7491a5fa6e\System.ni.dll
MOD - [2013/01/27 08:10:39 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2013/01/16 15:10:52 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/06/17 01:57:56 | 000,163,840 | ---- | M] () -- c:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqUtil.dll
MOD - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
MOD - [2003/02/21 05:50:12 | 000,040,960 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPGina.dll
MOD - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
MOD - [2003/02/21 05:49:44 | 000,061,440 | ---- | M] () -- C:\Program Files\Softex\OmniPass\ginastub.dll
MOD - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/16 15:10:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/14 09:57:16 | 002,620,016 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Softex\OmniPass\omniServ.exe -- (omniserv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (mrtRate)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/01/26 22:19:00 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2008/04/13 22:04:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003/08/11 12:22:54 | 000,040,228 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/21 23:18:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/03/31 23:29:42 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/03/20 00:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/12/27 13:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/10/01 09:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/06/04 16:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminen...9E-DA1961C8F593
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20130104,6902,0,64,0"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://finance.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: extension21804%40extension21804.com:0.87.11
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.netassistant.keyword.url: "http://syndaneta.net...94&searchterm="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Iminent\[email protected] [2013/01/26 13:03:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/22 01:09:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/01/22 01:10:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2013/01/27 08:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions
[2013/01/26 12:58:53 | 000,000,000 | ---D | M] ("Coupon Companion Plugin") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]
[2013/01/23 12:13:00 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]
[2013/01/27 08:43:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\staged
[2013/01/26 12:58:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\chrome
[2013/01/26 12:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\defaults
[2013/01/26 12:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\locale
[2013/01/26 12:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\skin
[2013/01/26 12:58:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\chrome\content\extensionCode
[2013/01/27 08:43:12 | 000,000,000 | ---D | M] ("Coupon Companion Plugin") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\staged\[email protected]
[2013/01/27 08:43:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\staged\[email protected]\chrome
[2013/01/27 08:43:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\staged\[email protected]\defaults
[2013/01/27 08:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\staged\[email protected]\locale
[2013/01/27 08:43:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\staged\[email protected]\skin
[2013/01/27 08:43:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\staged\[email protected]\chrome\content\extensionCode
[2013/01/24 20:51:13 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/22 01:09:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/16 15:11:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/16 15:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/12/14 09:57:14 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://search.iminen...9E-DA1961C8F593
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.iminen...9E-DA1961C8F593
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/01/24 20:19:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Reg Error: Value error.) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE (Novell, Inc., c/o Corel Corporation Limited)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\BackupNotify.exe ( )
O4 - HKCU..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe (interMute, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\mswsock.dll File not found
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71E0B485-8793-4C90-B0BB-4E041D1C2FBB}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - (C:\Program Files\Softex\OmniPass\opxpgina.dll) - C:\Program Files\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/23 07:53:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/27 07:38:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/01/27 07:06:08 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Owner\Desktop\spybotsd162.exe
[2013/01/26 23:53:31 | 000,000,000 | ---D | C] -- C:\Temp
[2013/01/26 22:19:00 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/01/26 18:20:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/26 13:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2013/01/26 13:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Iminent
[2013/01/26 13:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/01/26 13:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/26 13:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/01/26 13:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/26 13:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2013/01/26 13:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Temp
[2013/01/26 12:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Iminent
[2013/01/26 12:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2013/01/26 12:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2013/01/26 12:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Updater21804
[2013/01/26 12:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2013/01/26 12:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Coupon Companion Plugin
[2013/01/26 11:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\SpeedFan
[2013/01/26 11:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2013/01/26 08:01:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/01/25 15:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\minidump unzipped
[2013/01/25 15:17:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/25 14:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Minidump
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\NirSoft BlueScreenView
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/01/24 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
[2013/01/24 20:24:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/01/24 01:13:13 | 002,712,200 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/23 22:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/01/23 22:49:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/01/23 22:49:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/01/23 22:49:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/01/23 22:49:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/01/23 22:49:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/23 22:49:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/01/23 22:41:22 | 005,026,656 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/23 22:22:27 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 22:19:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Shortcut to 7-Zip
[2013/01/23 22:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\7-Zip
[2013/01/23 22:00:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2013/01/23 18:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2013/01/23 17:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/23 13:24:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/23 12:09:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 09:47:34 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 09:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2013/01/23 08:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2013/01/22 23:33:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2013/01/22 23:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google
[2013/01/22 23:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/22 23:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/22 13:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/01/22 13:04:53 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2013/01/22 08:12:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\WordPerfect Office 11
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013/01/22 08:00:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/01/22 07:07:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2013/01/22 03:11:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/01/22 03:08:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/01/22 02:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/01/22 02:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013
[2013/01/22 01:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2013/01/22 01:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/22 01:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/01/22 01:38:26 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/22 01:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/22 01:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/01/22 01:25:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/01/22 01:20:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/01/22 01:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Identities
[2013/01/22 01:12:51 | 000,000,000 | ---D | C] -- C:\I386
[2013/01/22 01:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2013/01/22 01:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/01/22 01:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/22 01:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/22 01:03:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2013/01/22 01:03:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/01/22 01:03:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/01/22 01:03:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/01/22 01:02:48 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/01/22 01:01:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/01/22 01:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013
[2013/01/22 01:01:19 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/01/22 01:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/01/22 01:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\$AVG
[2013/01/22 00:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/01/22 00:57:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2013
[2013/01/22 00:40:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/01/22 00:39:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/01/22 00:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/01/22 00:33:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/01/22 00:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/01/22 00:29:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/01/22 00:29:29 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/01/22 00:26:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/01/22 00:26:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/01/22 00:26:12 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2013/01/21 23:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\UserData
[2013/01/21 23:37:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2013/01/21 23:36:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/01/21 23:35:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013/01/21 23:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/01/21 23:31:25 | 001,675,264 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2013/01/21 23:31:25 | 001,630,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2013/01/21 23:31:25 | 000,106,496 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgspl.ax
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2013/01/21 23:31:25 | 000,047,104 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2013/01/21 23:31:24 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2013/01/21 23:31:24 | 001,150,976 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2013/01/21 23:31:24 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2013/01/21 23:30:54 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2013/01/21 23:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Encarta Online
[2013/01/21 23:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Multimedia Card Reader
[2013/01/21 23:29:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/27 08:34:37 | 000,001,393 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/27 08:32:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/27 08:32:58 | 1542,901,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/27 08:19:13 | 000,423,410 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/27 08:19:12 | 000,062,442 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/27 07:25:01 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/27 07:06:16 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Owner\Desktop\spybotsd162.exe
[2013/01/26 23:31:57 | 000,821,248 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FreeISOBurner.exe
[2013/01/26 22:19:00 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/01/26 13:45:06 | 000,000,596 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/26 11:44:31 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/26 11:13:38 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:36 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/26 08:03:35 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2013/01/25 15:00:23 | 000,026,911 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:34 | 000,140,608 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 20:19:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/01/24 20:07:26 | 005,026,656 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/24 13:45:12 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:40 | 004,009,167 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:48 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 01:13:15 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/24 00:15:51 | 000,000,368 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:07:48 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:54:11 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/23 22:23:23 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 16:04:13 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 13:30:48 | 001,531,090 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/23 13:24:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:30:10 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 12:08:06 | 002,053,105 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 12:07:54 | 001,653,739 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 09:47:36 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 02:00:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 23:19:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/22 13:04:53 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:40:36 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/22 08:13:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/01/22 08:13:07 | 000,001,079 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2013/01/22 08:13:07 | 000,000,258 | ---- | M] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 08:08:31 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/22 01:38:32 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:09:59 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/22 00:29:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/01/22 00:29:38 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2013/01/21 23:36:28 | 000,001,865 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | M] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:32:38 | 000,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/01/21 23:27:45 | 000,000,196 | RHS- | M] () -- C:\BOOT.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/26 23:53:32 | 000,165,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/01/26 23:31:56 | 000,821,248 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FreeISOBurner.exe
[2013/01/26 13:44:45 | 000,000,596 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/26 11:13:38 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:33 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/25 20:38:23 | 1542,901,760 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/25 15:04:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/25 15:00:23 | 000,026,911 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:39 | 000,140,608 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 13:45:10 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:25 | 004,009,167 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:47 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 00:30:04 | 001,531,090 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/24 00:15:51 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:10:54 | 002,053,105 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 23:10:38 | 001,653,739 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 23:06:55 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:49:36 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/01/23 22:49:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/01/23 22:49:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/01/23 22:49:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/01/23 22:49:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/01/23 16:04:12 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 12:30:09 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:30:06 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/22 23:25:38 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/22 23:25:37 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 09:54:00 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/22 08:13:07 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 01:38:32 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/01/22 01:20:27 | 000,001,393 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/22 01:09:59 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:31 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2013/01/22 00:40:29 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2013/01/22 00:40:25 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2013/01/22 00:33:36 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/01/22 00:33:36 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/01/22 00:33:36 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/01/22 00:33:36 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/01/22 00:33:36 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/01/22 00:33:36 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/01/22 00:33:36 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/01/22 00:33:35 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/01/22 00:33:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/01/22 00:33:35 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/01/22 00:33:35 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/01/22 00:33:35 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/01/22 00:33:35 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/01/22 00:33:35 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/01/22 00:33:35 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/01/22 00:33:35 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/01/22 00:33:35 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/01/22 00:33:35 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/01/22 00:33:35 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/01/22 00:33:35 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/01/22 00:33:35 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/01/22 00:33:35 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/01/22 00:33:35 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/01/22 00:33:34 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/01/22 00:33:34 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/01/22 00:33:34 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/01/22 00:33:34 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/01/22 00:33:34 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/01/22 00:33:34 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/01/22 00:33:34 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/01/22 00:33:34 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/01/22 00:33:34 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/01/22 00:33:34 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/01/22 00:33:34 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/01/22 00:33:34 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/01/22 00:33:34 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/01/22 00:33:34 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/01/22 00:33:34 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/01/22 00:33:34 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/01/22 00:33:34 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/01/22 00:33:34 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/01/22 00:33:34 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/01/22 00:33:34 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/01/22 00:33:34 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/01/22 00:33:34 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/01/22 00:33:34 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/01/22 00:33:34 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/01/22 00:33:34 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/01/22 00:33:34 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/01/22 00:33:34 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/01/22 00:33:34 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/01/22 00:33:34 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/01/22 00:33:34 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/01/22 00:33:34 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/01/22 00:33:33 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/01/22 00:33:33 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/01/22 00:33:33 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/01/22 00:33:33 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/01/22 00:33:33 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/01/22 00:33:33 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/01/22 00:33:33 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/01/22 00:33:33 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/01/22 00:33:33 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/01/22 00:33:33 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/01/22 00:33:33 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/01/22 00:33:33 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/01/22 00:33:33 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/01/22 00:33:33 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/01/22 00:29:57 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/01/22 00:29:57 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/01/22 00:29:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/01/22 00:29:57 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2013/01/22 00:29:55 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/01/22 00:29:55 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2013/01/22 00:29:50 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/01/22 00:29:41 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2013/01/22 00:29:39 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2013/01/22 00:29:39 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2013/01/22 00:29:38 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2013/01/22 00:29:38 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2013/01/22 00:29:37 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2013/01/22 00:29:37 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2013/01/22 00:29:37 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2013/01/22 00:29:37 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2013/01/22 00:29:37 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2013/01/22 00:29:36 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2013/01/22 00:29:34 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2013/01/22 00:29:34 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/01/22 00:29:31 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2013/01/22 00:29:26 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2013/01/22 00:29:25 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2013/01/22 00:29:25 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2013/01/22 00:29:22 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/01/22 00:29:21 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2013/01/22 00:29:11 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2013/01/22 00:29:10 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2013/01/22 00:29:08 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/01/22 00:29:08 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/01/22 00:29:07 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2013/01/22 00:29:04 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2013/01/22 00:29:02 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2013/01/22 00:28:56 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/01/22 00:28:56 | 000,058,273 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2013/01/22 00:28:56 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/01/22 00:28:55 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2013/01/22 00:28:52 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2013/01/22 00:28:46 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2013/01/22 00:28:43 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2013/01/22 00:28:43 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2013/01/22 00:28:42 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2013/01/22 00:28:42 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2013/01/22 00:28:42 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2013/01/22 00:28:42 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2013/01/22 00:28:41 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/01/22 00:28:40 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2013/01/22 00:28:40 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2013/01/22 00:28:40 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2013/01/22 00:28:40 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2013/01/22 00:28:40 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2013/01/22 00:28:40 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2013/01/22 00:28:40 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2013/01/22 00:28:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2013/01/22 00:28:40 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2013/01/22 00:28:39 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/01/22 00:28:36 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/01/22 00:28:27 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2013/01/22 00:28:24 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2013/01/22 00:28:23 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2013/01/22 00:28:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/01/22 00:28:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2013/01/22 00:28:16 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2013/01/22 00:28:15 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/01/22 00:28:14 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/01/22 00:28:14 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2013/01/22 00:27:24 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2013/01/22 00:27:24 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2013/01/22 00:27:21 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2013/01/22 00:27:18 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/01/22 00:27:18 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/01/22 00:27:17 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2013/01/22 00:27:15 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2013/01/22 00:27:13 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2013/01/22 00:27:12 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2013/01/22 00:27:11 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2013/01/22 00:27:11 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2013/01/22 00:27:10 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2013/01/22 00:27:10 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2013/01/22 00:27:09 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2013/01/22 00:27:09 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2013/01/22 00:27:08 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2013/01/22 00:27:08 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2013/01/22 00:27:08 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2013/01/22 00:27:06 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2013/01/22 00:27:06 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/01/22 00:27:06 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2013/01/22 00:27:05 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2013/01/22 00:26:27 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2013/01/22 00:26:26 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2013/01/22 00:26:26 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2013/01/22 00:26:26 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2013/01/22 00:26:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2013/01/22 00:26:24 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2013/01/22 00:26:21 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2013/01/22 00:26:20 | 000,038,302 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2013/01/22 00:26:15 | 000,082,944 | ---- | C] () -- C:\WINDOWS\clock.avi
[2013/01/22 00:26:15 | 000,071,859 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2013/01/22 00:26:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2013/01/22 00:26:14 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2013/01/22 00:26:13 | 000,042,339 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2013/01/22 00:26:13 | 000,041,762 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2013/01/22 00:26:11 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2013/01/22 00:26:11 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2013/01/22 00:25:59 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2013/01/22 00:25:59 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
[2013/01/21 23:36:43 | 000,000,196 | RHS- | C] () -- C:\BOOT.BAK
[2013/01/21 23:36:35 | 000,245,920 | RHS- | C] () -- C:\cmldr
[2013/01/21 23:36:28 | 000,001,865 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | C] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:31:41 | 000,001,488 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Recovery.lnk
[2013/01/21 23:31:41 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealOne Player.lnk
[2013/01/21 23:31:41 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Help and Support.lnk
[2003/08/23 09:12:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2003/08/23 08:08:30 | 000,012,159 | ---- | C] () -- C:\Documents and Settings\Owner\ml1.srt
[2003/08/23 08:08:30 | 000,011,847 | ---- | C] () -- C:\Documents and Settings\Owner\ml2.srt

========== ZeroAccess Check ==========

[2003/08/23 08:16:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/31 06:33:26 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/22 01:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 00:57:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/26 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Iminent
[2013/01/26 13:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/27 06:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/26 13:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/01/22 01:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/01/26 13:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2003/08/28 22:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\interMute
[2013/01/23 18:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2003/08/23 22:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2013/01/26 13:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/22 01:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software

========== Purity Check ==========



< End of report >
  • 0

#55
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
See if the free revo installer will help:

http://www.revounins...e_download.html

If it can't help, boot into Safe Mode and delete the folders

C:\Program Files\Iminent

C:\Program Files\Common Files\Umbrella

C:\Documents and Settings\Owner\Application Data\Toolbar4
C:\Program Files\IMinent Toolbar
C:\Documents and Settings\All Users\Start Menu\Programs\Iminent
C:\Documents and Settings\Owner\Application Data\Iminent
C:\Documents and Settings\All Users\Application Data\Iminent
C:\Documents and Settings\All Users\Application Data\install_clap
Also see if you can delete any files in C:\Documents and Settings\Owner\Local Settings\Application Data\Temp\ and C:\Documents and Settings\All Users\Application Data\Temp

the boot into regular mode. You may get some complaints because the file can't be found but at least it can't run.

If you can get Combofix to run it should fix the complaints.
  • 0

Advertisements


#56
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Thank you for the reply after a long day for you.
That IMinent is sneaky and self preserving. It hijacks your browser to their search page. I found I could change my homepage back to what I normally use in Firefox and could keep it even with opening and closing the browser until I rebooted and then I had to reclaim the browser. I was able to disable the add on in Firefox, but in IE the add on couldn't be disabled and every time IE was closed and opened IMnent took back the homepage from where I had set it previously.

I had deleted the IMnent program and the Imnent toolbar program for IE in the add/remove and it pretended to uninstall and you didn't see the 2 programs in add/remove anymore, but they still were in C/programs/Imnent. I had tried to manually delete all the files in normal mode, but was denied access. I didn't know you could maybe do it in Safe mode.

I had scanned with AVG, MBAM, Spybot Search and Destroy, SuperAntiSpyware, and Microsoft Support Emergency Response Tool, but not one of them recognized it as any threat, not even adware or browser hijacker.

The Revolution Pro Uninstaller was awesome. It looked in the add/remove programs and didn't find it there but when I entered "Imnent" in search it went straight to Program files and made short work of deleting INment and then cleaning up all the remnant files. Imnent is gone. thank you. It has been frustrating to figure out to get it done by myself. I must have gotten it from a website downloading one of the free programs we have been using. It may have been an "installer" I downloaded that appeared to be necessary to download the file I was trying to get. I am learning how careful you have to be nowadays, somebody trying to get into your computer at every opportunity.

I think this computer is probably in pretty good shape software wise (so far as I know at this point.) I have just been using it to try to get everything cleaned up and I greatly appreciate your dedication and persistence in getting this done.

I watched several videos on cleaning and pasting the CPU. I ordered some Artic Silver 5 today from Walmart and I think I know which Heatsink and fan will fit my AMD Athlon 2800+ CPU. If removal, a really good cleaning and pasting doesn't keep the temp down, I guess I should replace the heatsink and fan. The temp gets up to 67 C sometimes if Speedfan is right and then it can drop to 38 C within a few seconds. All day today it was showing O RPM on my fan, but I could hear it running and feel hot air coming out the exhaust vent.

Thank you very much for your help, If you can think of anything else. I will certainly do it. I am flying to Park City UT on Wed 1/30 for skiing and will be back on 2/14, if I don't hurt myself. My friends tell me I shouldn't be skiing at my age. (a young 73)
  • 0

#57
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Could you run OTL, quickscan again? There was something strange in your O10 entries. Hopefully it went away when you removed IMinent.

For future reference: To get into Safe Mode: Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.

I'm 66 so keep it up. I have a friend who is 84 and his wife 74. They live in Stateline NV on Lake Tahoe and ski almost every day. They can walk to the ski lift from their house and has high as they are they have snow most of the year.
  • 0

#58
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Ran OTL log is below
Should I be pasting the open test here or should it be zipped or something?

Those 010 entries look strange to me. I have no idea what they mean. Could they have come from when I immunized Spybot on the Spybot installation?

2 strange things I just noticed.

1. IE explorer won't load the webpage. When I first opened it, just now for the first time after running Uninstaller, a popup appeared, indicated I should get IE8 but under help in the menu bar it shows IE8 installed. The address bar shows my homepage, the toolbar and all at the top looks OK, but all white is showing where the webpage should be. Refreshing didn't help. In the search bar Live Search is showing. I put in a search query and IE opened to the search results. I clicked on one of those URLs and IE went to it also in what I think was a normal appearance. I hardly ever use IE so I am not sure how it supposed to look.

2. Firefox seems to be working fine, but I looked in the add ons and "Coupon Companion Plugin by 215 add ons" was showing enabled in Firefox, not in IE though. I disabled it. Don't know where that could have come from.

OTL logfile created on: 1/28/2013 8:17:45 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.44 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 32.98% Memory free
3.29 Gb Paging File | 2.29 Gb Available in Paging File | 69.70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.50 Gb Total Space | 89.82 Gb Free Space | 84.34% Space Free | Partition Type: NTFS
Drive D: | 5.29 Gb Total Space | 0.96 Gb Free Space | 18.14% Space Free | Partition Type: FAT32

Computer Name: YOUR-XHTR8HVC4P | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/11/01 14:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/09/12 02:32:32 | 004,679,672 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/09 11:27:16 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe
PRC - [2003/06/14 01:53:34 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2003/06/13 06:08:16 | 000,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/05/23 04:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/03/21 19:52:06 | 000,552,960 | ---- | M] (interMute, Inc.) -- C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
PRC - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
PRC - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/28 08:09:21 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\sfamcc00001.dll
MOD - [2013/01/28 08:09:21 | 000,158,720 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\temp\sfareca00001.dll
MOD - [2013/01/16 15:10:52 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/06/17 01:57:56 | 000,163,840 | ---- | M] () -- c:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqUtil.dll
MOD - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
MOD - [2003/02/21 05:50:12 | 000,040,960 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPGina.dll
MOD - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
MOD - [2003/02/21 05:49:44 | 000,061,440 | ---- | M] () -- C:\Program Files\Softex\OmniPass\ginastub.dll
MOD - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/16 15:10:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Softex\OmniPass\omniServ.exe -- (omniserv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (mrtRate)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2008/04/13 22:04:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003/08/11 12:22:54 | 000,040,228 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/21 23:18:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/03/31 23:29:42 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/03/20 00:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/12/27 13:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/10/01 09:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/06/04 16:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.finance.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20130104,6902,0,64,0"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://finance.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: extension21804%40extension21804.com:0.86.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.netassistant.keyword.url: "http://syndaneta.net...94&searchterm="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/22 01:09:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/01/22 01:10:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2013/01/27 12:56:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions
[2013/01/27 12:56:17 | 000,000,000 | ---D | M] ("Coupon Companion Plugin") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]
[2013/01/23 12:13:00 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]
[2013/01/27 12:56:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\chrome
[2013/01/27 12:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\defaults
[2013/01/27 12:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\locale
[2013/01/27 12:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\skin
[2013/01/27 12:56:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\chrome\content\extensionCode
[2013/01/24 20:51:13 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/22 01:09:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/16 15:11:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/16 15:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/12/14 09:57:14 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/01/27 10:36:55 | 000,444,602 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15296 more lines...
O2 - BHO: (Reg Error: Value error.) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE (Novell, Inc., c/o Corel Corporation Limited)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\BackupNotify.exe ( )
O4 - HKCU..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe (interMute, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\mswsock.dll File not found
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71E0B485-8793-4C90-B0BB-4E041D1C2FBB}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - (C:\Program Files\Softex\OmniPass\opxpgina.dll) - C:\Program Files\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/23 07:53:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/27 23:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\VS Revo Group
[2013/01/27 23:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2013/01/27 23:05:41 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2013/01/27 23:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/01/27 10:17:19 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013/01/27 10:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2013/01/27 07:38:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/01/26 23:53:31 | 000,000,000 | ---D | C] -- C:\Temp
[2013/01/26 18:20:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/26 13:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2013/01/26 13:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/01/26 13:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/26 13:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/01/26 13:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/26 13:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Temp
[2013/01/26 12:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Updater21804
[2013/01/26 12:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2013/01/26 12:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Coupon Companion Plugin
[2013/01/26 11:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\SpeedFan
[2013/01/26 11:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2013/01/26 08:01:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/01/25 15:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\minidump unzipped
[2013/01/25 15:17:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/25 14:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Minidump
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\NirSoft BlueScreenView
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/01/24 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
[2013/01/24 20:24:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/01/24 01:13:13 | 002,712,200 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/23 22:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/01/23 22:49:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/01/23 22:49:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/01/23 22:49:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/01/23 22:49:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/01/23 22:49:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/23 22:49:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/01/23 22:41:22 | 005,026,656 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/23 22:22:27 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 22:19:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Shortcut to 7-Zip
[2013/01/23 22:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\7-Zip
[2013/01/23 22:00:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2013/01/23 18:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2013/01/23 17:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/23 13:24:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/23 12:09:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 09:47:34 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 09:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2013/01/23 08:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2013/01/22 23:33:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2013/01/22 23:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google
[2013/01/22 23:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/22 23:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/22 13:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/01/22 13:04:53 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2013/01/22 08:12:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\WordPerfect Office 11
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013/01/22 08:00:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/01/22 07:07:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2013/01/22 03:11:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/01/22 03:08:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/01/22 02:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/01/22 02:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013
[2013/01/22 01:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2013/01/22 01:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/22 01:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/01/22 01:38:26 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/22 01:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/22 01:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/01/22 01:25:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/01/22 01:20:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/01/22 01:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Identities
[2013/01/22 01:12:51 | 000,000,000 | ---D | C] -- C:\I386
[2013/01/22 01:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2013/01/22 01:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/01/22 01:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/22 01:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/22 01:03:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2013/01/22 01:03:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/01/22 01:03:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/01/22 01:03:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/01/22 01:02:48 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/01/22 01:01:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/01/22 01:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013
[2013/01/22 01:01:19 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/01/22 01:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/01/22 01:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\$AVG
[2013/01/22 00:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/01/22 00:57:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2013
[2013/01/22 00:40:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/01/22 00:39:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/01/22 00:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/01/22 00:33:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/01/22 00:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/01/22 00:29:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/01/22 00:29:29 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/01/22 00:26:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/01/22 00:26:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/01/22 00:26:12 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2013/01/21 23:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\UserData
[2013/01/21 23:37:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2013/01/21 23:36:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/01/21 23:35:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013/01/21 23:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/01/21 23:31:25 | 001,675,264 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2013/01/21 23:31:25 | 001,630,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2013/01/21 23:31:25 | 000,106,496 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgspl.ax
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2013/01/21 23:31:25 | 000,047,104 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2013/01/21 23:31:24 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2013/01/21 23:31:24 | 001,150,976 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2013/01/21 23:31:24 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2013/01/21 23:30:54 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2013/01/21 23:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Encarta Online
[2013/01/21 23:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Multimedia Card Reader
[2013/01/21 23:29:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/28 07:38:16 | 000,001,394 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/28 07:37:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/28 07:37:16 | 1542,901,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/27 23:25:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/27 23:18:43 | 000,000,830 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/27 23:05:44 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2013/01/27 13:34:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2013/01/27 10:36:55 | 000,444,602 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/01/27 10:17:45 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2013/01/27 08:19:13 | 000,423,410 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/27 08:19:12 | 000,062,442 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/26 23:31:57 | 000,821,248 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FreeISOBurner.exe
[2013/01/26 11:44:31 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/26 11:13:38 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:36 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/25 15:00:23 | 000,026,911 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:34 | 000,140,608 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 20:19:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130127-103655.backup
[2013/01/24 20:07:26 | 005,026,656 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/24 13:45:12 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:40 | 004,009,167 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:48 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 01:13:15 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/24 00:15:51 | 000,000,368 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:07:48 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:54:11 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/23 22:23:23 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 16:04:13 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 13:30:48 | 001,531,090 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/23 13:24:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:30:10 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 12:08:06 | 002,053,105 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 12:07:54 | 001,653,739 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 09:47:36 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 02:00:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 23:19:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/22 13:04:53 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:40:36 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/22 08:13:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/01/22 08:13:07 | 000,001,079 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2013/01/22 08:13:07 | 000,000,258 | ---- | M] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 08:08:31 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/22 01:38:32 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:09:59 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/22 00:29:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/01/22 00:29:38 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2013/01/21 23:36:28 | 000,001,865 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | M] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:32:38 | 000,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/01/21 23:27:45 | 000,000,196 | RHS- | M] () -- C:\BOOT.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/27 23:05:44 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2013/01/27 10:17:45 | 000,000,944 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2013/01/27 09:32:05 | 000,165,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-4098188977-3005115923-3956672664-1003-0.dat
[2013/01/26 23:53:32 | 000,165,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/01/26 23:31:56 | 000,821,248 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FreeISOBurner.exe
[2013/01/26 13:44:45 | 000,000,830 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/26 11:13:38 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:33 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/25 20:38:23 | 1542,901,760 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/25 15:04:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/25 15:00:23 | 000,026,911 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:39 | 000,140,608 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 13:45:10 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:25 | 004,009,167 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:47 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 00:30:04 | 001,531,090 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/24 00:15:51 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:10:54 | 002,053,105 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 23:10:38 | 001,653,739 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 23:06:55 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:49:36 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/01/23 22:49:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/01/23 22:49:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/01/23 22:49:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/01/23 22:49:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/01/23 16:04:12 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 12:30:09 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:30:06 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/22 23:25:38 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/22 23:25:37 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 09:54:00 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/22 08:13:07 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 01:38:32 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/01/22 01:20:27 | 000,001,394 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/22 01:09:59 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:31 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2013/01/22 00:40:29 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2013/01/22 00:40:25 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2013/01/22 00:33:36 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/01/22 00:33:36 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/01/22 00:33:36 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/01/22 00:33:36 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/01/22 00:33:36 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/01/22 00:33:36 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/01/22 00:33:36 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/01/22 00:33:35 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/01/22 00:33:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/01/22 00:33:35 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/01/22 00:33:35 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/01/22 00:33:35 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/01/22 00:33:35 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/01/22 00:33:35 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/01/22 00:33:35 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/01/22 00:33:35 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/01/22 00:33:35 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/01/22 00:33:35 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/01/22 00:33:35 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/01/22 00:33:35 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/01/22 00:33:35 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/01/22 00:33:35 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/01/22 00:33:35 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/01/22 00:33:34 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/01/22 00:33:34 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/01/22 00:33:34 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/01/22 00:33:34 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/01/22 00:33:34 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/01/22 00:33:34 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/01/22 00:33:34 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/01/22 00:33:34 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/01/22 00:33:34 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/01/22 00:33:34 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/01/22 00:33:34 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/01/22 00:33:34 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/01/22 00:33:34 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/01/22 00:33:34 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/01/22 00:33:34 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/01/22 00:33:34 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/01/22 00:33:34 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/01/22 00:33:34 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/01/22 00:33:34 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/01/22 00:33:34 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/01/22 00:33:34 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/01/22 00:33:34 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/01/22 00:33:34 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/01/22 00:33:34 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/01/22 00:33:34 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/01/22 00:33:34 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/01/22 00:33:34 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/01/22 00:33:34 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/01/22 00:33:34 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/01/22 00:33:34 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/01/22 00:33:34 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/01/22 00:33:33 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/01/22 00:33:33 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/01/22 00:33:33 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/01/22 00:33:33 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/01/22 00:33:33 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/01/22 00:33:33 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/01/22 00:33:33 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/01/22 00:33:33 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/01/22 00:33:33 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/01/22 00:33:33 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/01/22 00:33:33 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/01/22 00:33:33 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/01/22 00:33:33 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/01/22 00:33:33 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/01/22 00:29:57 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/01/22 00:29:57 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/01/22 00:29:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/01/22 00:29:57 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2013/01/22 00:29:55 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/01/22 00:29:55 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2013/01/22 00:29:50 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/01/22 00:29:41 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2013/01/22 00:29:39 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2013/01/22 00:29:39 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2013/01/22 00:29:38 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2013/01/22 00:29:38 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2013/01/22 00:29:37 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2013/01/22 00:29:37 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2013/01/22 00:29:37 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2013/01/22 00:29:37 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2013/01/22 00:29:37 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2013/01/22 00:29:36 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2013/01/22 00:29:34 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2013/01/22 00:29:34 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/01/22 00:29:31 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2013/01/22 00:29:26 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2013/01/22 00:29:25 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2013/01/22 00:29:25 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2013/01/22 00:29:22 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/01/22 00:29:21 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2013/01/22 00:29:11 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2013/01/22 00:29:10 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2013/01/22 00:29:08 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/01/22 00:29:08 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/01/22 00:29:07 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2013/01/22 00:29:04 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2013/01/22 00:29:02 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2013/01/22 00:28:56 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/01/22 00:28:56 | 000,058,273 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2013/01/22 00:28:56 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/01/22 00:28:55 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2013/01/22 00:28:52 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2013/01/22 00:28:46 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2013/01/22 00:28:43 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2013/01/22 00:28:43 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2013/01/22 00:28:42 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2013/01/22 00:28:42 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2013/01/22 00:28:42 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2013/01/22 00:28:42 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2013/01/22 00:28:41 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/01/22 00:28:40 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2013/01/22 00:28:40 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2013/01/22 00:28:40 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2013/01/22 00:28:40 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2013/01/22 00:28:40 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2013/01/22 00:28:40 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2013/01/22 00:28:40 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2013/01/22 00:28:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2013/01/22 00:28:40 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2013/01/22 00:28:39 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/01/22 00:28:36 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/01/22 00:28:27 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2013/01/22 00:28:24 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2013/01/22 00:28:23 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2013/01/22 00:28:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/01/22 00:28:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2013/01/22 00:28:16 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2013/01/22 00:28:15 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/01/22 00:28:14 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/01/22 00:28:14 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2013/01/22 00:27:24 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2013/01/22 00:27:24 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2013/01/22 00:27:21 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2013/01/22 00:27:18 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/01/22 00:27:18 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/01/22 00:27:17 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2013/01/22 00:27:15 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2013/01/22 00:27:13 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2013/01/22 00:27:12 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2013/01/22 00:27:11 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2013/01/22 00:27:11 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2013/01/22 00:27:10 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2013/01/22 00:27:10 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2013/01/22 00:27:09 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2013/01/22 00:27:09 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2013/01/22 00:27:08 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2013/01/22 00:27:08 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2013/01/22 00:27:08 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2013/01/22 00:27:06 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2013/01/22 00:27:06 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/01/22 00:27:06 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2013/01/22 00:27:05 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2013/01/22 00:26:27 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2013/01/22 00:26:26 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2013/01/22 00:26:26 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2013/01/22 00:26:26 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2013/01/22 00:26:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2013/01/22 00:26:24 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2013/01/22 00:26:21 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2013/01/22 00:26:20 | 000,038,302 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2013/01/22 00:26:15 | 000,082,944 | ---- | C] () -- C:\WINDOWS\clock.avi
[2013/01/22 00:26:15 | 000,071,859 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2013/01/22 00:26:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2013/01/22 00:26:14 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2013/01/22 00:26:13 | 000,042,339 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2013/01/22 00:26:13 | 000,041,762 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2013/01/22 00:26:11 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2013/01/22 00:26:11 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2013/01/22 00:25:59 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2013/01/22 00:25:59 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
[2013/01/21 23:36:43 | 000,000,196 | RHS- | C] () -- C:\BOOT.BAK
[2013/01/21 23:36:35 | 000,245,920 | RHS- | C] () -- C:\cmldr
[2013/01/21 23:36:28 | 000,001,865 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | C] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:31:41 | 000,001,488 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Recovery.lnk
[2013/01/21 23:31:41 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealOne Player.lnk
[2013/01/21 23:31:41 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Help and Support.lnk
[2003/08/23 09:12:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2003/08/23 08:08:30 | 000,012,159 | ---- | C] () -- C:\Documents and Settings\Owner\ml1.srt
[2003/08/23 08:08:30 | 000,011,847 | ---- | C] () -- C:\Documents and Settings\Owner\ml2.srt

========== ZeroAccess Check ==========

[2003/08/23 08:16:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/31 06:33:26 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/22 01:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 00:57:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/26 13:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/28 07:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/26 13:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/01/22 01:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/01/26 13:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2003/08/28 22:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\interMute
[2013/01/23 18:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2003/08/23 22:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2013/01/27 09:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/22 01:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software

========== Purity Check ==========



< End of report >
  • 0

#59
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
It's not from Spybot but we do need to turn off the immunize stuff for now as it makes it hard to make changes:

Disable Spybot's TeaTimer to make sure it won't interfere with fixes. You can re-enable it when you're clean again:

* Run Spybot-S&D in Advanced Mode
* If it is not already set to do this, go to the Mode menu
select
Advanced Mode
* On the left hand side, click on Tools
* Then click on the Resident icon in the list
* Uncheck
Resident TeaTimer
and OK any prompts.
* Restart your computer

These folders were created at the same time as Iminent so should be remove. Revo might help with install_clap Toolbar4 Cyberlink and Updater21904.

[2013/01/26 13:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Iminent
[2013/01/26 13:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\install_clap
[2013/01/26 13:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Toolbar4
[2013/01/26 12:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Updater21804
[2013/01/26 12:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink

These two had something added to them. Delete any files in the folders that let themselves be deleted. Leave the folder.

[2013/01/26 13:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/01/26 13:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Temp

This next folder also had something added to it. If you right click on the Start button and select Explore then navigate to the folder and tell it to do an advanced search for (hidden & system including Sub folders) files created on search 2013/01/26 and then look at the time of the result it should tell you which files were added. Any file created at 13:00 +/- 10 minutes should be deleted.


[2013/01/26 13:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

Go into IE, Tools, Internet Options, Advanced and click on the Reset button near the bottom of the page. Then close and reopen. That might help IE or it may be broken because of the missing file in in the O10 entries which are still there.

Let's see if we can do a custom OLT scan:

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
C:\Program Files\Microsoft.NET\*.*
C:\Program Files\Microsoft.NET\* /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%ProgramFiles%\WINDOWS NT\*.* /s
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp 
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.
  • 0

#60
wharriss

wharriss

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Disabled Tea Timer

Deleted all 7 files. Screwed up and deleted the entire temp folder in the last 2 files

Found the Microsoft.NET file that was created 1/26/2013 and deleted it

Reset IE and restarted it, but it was the same. It shows that it is version 6 now. I thought I had looked under help before and read it was version 8, but maybe I was mistaken. Anyway, it loads the address but doesn't bring up the webpage. I deleted the IE downloaded IE 8 and tried to install it, but got error message that "the version you are installing does not match version that you have on computer"

I screwed up running OTL. I pasted some of your instructions in the scan box with the text code you provided
Started the scan before I realized what I had done. Couldn't stop it. It ran through.

I ran it again correctly and here are the results of the 2 scans. Sorry, I seem to be having a problem following very clear instructions.

OTL logfile created on: 1/28/2013 2:30:31 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.44 Gb Total Physical Memory | 0.49 Gb Available Physical Memory | 33.86% Memory free
3.29 Gb Paging File | 2.29 Gb Available in Paging File | 69.60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.50 Gb Total Space | 89.80 Gb Free Space | 84.31% Space Free | Partition Type: NTFS
Drive D: | 5.29 Gb Total Space | 0.96 Gb Free Space | 18.14% Space Free | Partition Type: FAT32

Computer Name: YOUR-XHTR8HVC4P | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/23 13:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
PRC - [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/11/01 14:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/23 22:34:34 | 000,016,384 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
PRC - [2003/08/09 11:27:16 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe
PRC - [2003/06/14 01:53:34 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2003/06/13 06:08:16 | 000,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/05/23 04:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/03/21 19:52:06 | 000,552,960 | ---- | M] (interMute, Inc.) -- C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
PRC - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
PRC - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/16 15:10:52 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/08/23 22:34:34 | 000,143,360 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\bwfiles.dll
MOD - [2003/08/23 22:34:34 | 000,094,208 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\FrExt.dll
MOD - [2003/08/23 22:34:34 | 000,053,248 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\clntutil.dll
MOD - [2003/08/23 22:34:34 | 000,020,480 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\frext-137903.dll
MOD - [2003/08/23 22:34:34 | 000,020,480 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BWfiles-137903.dll
MOD - [2003/08/23 22:34:34 | 000,016,384 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
MOD - [2003/08/23 22:34:32 | 000,053,248 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\HPClientExt.dll
MOD - [2003/06/17 01:57:56 | 000,163,840 | ---- | M] () -- c:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqUtil.dll
MOD - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
MOD - [2003/02/21 05:50:12 | 000,040,960 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPGina.dll
MOD - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
MOD - [2003/02/21 05:49:44 | 000,061,440 | ---- | M] () -- C:\Program Files\Softex\OmniPass\ginastub.dll
MOD - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/16 15:10:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Softex\OmniPass\omniServ.exe -- (omniserv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (mrtRate)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2008/04/13 22:04:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003/08/11 12:22:54 | 000,040,228 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/21 23:18:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/03/31 23:29:42 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/03/20 00:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/12/27 13:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/10/01 09:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/06/04 16:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.finance.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20130104,6902,0,64,0"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://finance.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: extension21804%40extension21804.com:0.87.24
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.netassistant.keyword.url: "http://syndaneta.net...94&searchterm="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/22 01:09:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/01/22 01:10:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2013/01/28 13:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions
[2013/01/28 13:24:22 | 000,000,000 | ---D | M] ("Coupon Companion Plugin") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]
[2013/01/23 12:13:00 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\chrome
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\defaults
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\locale
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\skin
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\[email protected]\chrome\content\extensionCode
[2013/01/24 20:51:13 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/22 01:09:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/16 15:11:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/16 15:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/12/14 09:57:14 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/01/27 10:36:55 | 000,444,602 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15296 more lines...
O2 - BHO: (Reg Error: Value error.) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE (Novell, Inc., c/o Corel Corporation Limited)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\BackupNotify.exe ( )
O4 - HKCU..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe (interMute, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\mswsock.dll File not found
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71E0B485-8793-4C90-B0BB-4E041D1C2FBB}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - (C:\Program Files\Softex\OmniPass\opxpgina.dll) - C:\Program Files\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/23 07:53:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597)
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/01/27 23:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\VS Revo Group
[2013/01/27 23:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2013/01/27 23:05:41 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2013/01/27 23:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/01/27 10:17:19 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013/01/27 10:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2013/01/27 07:38:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/01/26 23:53:31 | 000,000,000 | ---D | C] -- C:\Temp
[2013/01/26 22:27:27 | 077,890,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\msert.exe
[2013/01/26 18:20:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/26 12:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2013/01/26 12:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Coupon Companion Plugin
[2013/01/26 11:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\SpeedFan
[2013/01/26 11:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2013/01/26 08:01:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/01/25 15:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\minidump unzipped
[2013/01/25 15:17:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/25 14:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Minidump
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\NirSoft BlueScreenView
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/01/24 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
[2013/01/24 20:24:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/01/24 01:13:13 | 002,712,200 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/23 22:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/01/23 22:49:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/01/23 22:49:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/01/23 22:49:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/01/23 22:49:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/01/23 22:49:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/23 22:49:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/01/23 22:41:22 | 005,026,656 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/23 22:22:27 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 22:19:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Shortcut to 7-Zip
[2013/01/23 22:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\7-Zip
[2013/01/23 22:00:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2013/01/23 18:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2013/01/23 17:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/23 13:24:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/23 12:09:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 09:47:34 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 09:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2013/01/23 08:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2013/01/22 23:33:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2013/01/22 23:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google
[2013/01/22 23:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/22 23:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/22 13:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/01/22 13:04:53 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2013/01/22 08:12:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\WordPerfect Office 11
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013/01/22 08:00:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/01/22 07:07:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2013/01/22 03:15:14 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/01/22 03:11:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/01/22 03:10:08 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/01/22 03:10:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/01/22 03:10:07 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/01/22 03:10:04 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/01/22 03:10:04 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/01/22 03:08:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/01/22 02:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/01/22 02:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013
[2013/01/22 02:02:09 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2013/01/22 02:01:37 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2013/01/22 02:00:15 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013/01/22 01:59:25 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2013/01/22 01:58:43 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2013/01/22 01:58:27 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2013/01/22 01:58:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2013/01/22 01:58:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2013/01/22 01:58:01 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2013/01/22 01:56:11 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2013/01/22 01:55:13 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013/01/22 01:54:54 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2013/01/22 01:54:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2013/01/22 01:45:53 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2013/01/22 01:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2013/01/22 01:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/22 01:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/01/22 01:38:26 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013/01/22 01:38:26 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/22 01:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/22 01:37:25 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2013/01/22 01:34:35 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/01/22 01:33:50 | 002,192,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/01/22 01:33:50 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/01/22 01:33:49 | 002,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013/01/22 01:33:49 | 002,027,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/01/22 01:32:38 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013/01/22 01:27:46 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013/01/22 01:27:34 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2013/01/22 01:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/01/22 01:25:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/01/22 01:20:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/01/22 01:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Identities
[2013/01/22 01:18:03 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys
[2013/01/22 01:18:03 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2013/01/22 01:12:51 | 000,000,000 | ---D | C] -- C:\I386
[2013/01/22 01:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2013/01/22 01:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/01/22 01:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/22 01:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/22 01:03:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2013/01/22 01:03:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/01/22 01:03:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/01/22 01:03:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/01/22 01:02:48 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/01/22 01:01:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/01/22 01:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013
[2013/01/22 01:01:19 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/01/22 01:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/01/22 01:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\$AVG
[2013/01/22 00:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/01/22 00:57:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2013
[2013/01/22 00:40:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/01/22 00:39:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/01/22 00:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/01/22 00:33:38 | 001,371,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2013/01/22 00:33:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2013/01/22 00:33:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2013/01/22 00:33:37 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2013/01/22 00:33:36 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2013/01/22 00:33:36 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2013/01/22 00:33:36 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2013/01/22 00:33:36 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2013/01/22 00:33:36 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2013/01/22 00:33:36 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2013/01/22 00:33:35 | 004,886,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2013/01/22 00:33:35 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2013/01/22 00:33:35 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2013/01/22 00:33:35 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2013/01/22 00:33:34 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2013/01/22 00:33:34 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2013/01/22 00:33:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2013/01/22 00:33:33 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2013/01/22 00:33:33 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2013/01/22 00:33:33 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2013/01/22 00:33:33 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2013/01/22 00:33:33 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2013/01/22 00:33:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2013/01/22 00:33:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2013/01/22 00:33:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2013/01/22 00:33:28 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2013/01/22 00:33:28 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013/01/22 00:33:28 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013/01/22 00:33:28 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013/01/22 00:33:28 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2013/01/22 00:33:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013/01/22 00:33:28 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013/01/22 00:33:28 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013/01/22 00:33:28 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013/01/22 00:33:27 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2013/01/22 00:33:27 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013/01/22 00:33:27 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2013/01/22 00:33:27 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2013/01/22 00:33:27 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2013/01/22 00:33:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2013/01/22 00:33:27 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2013/01/22 00:33:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2013/01/22 00:33:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2013/01/22 00:33:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2013/01/22 00:33:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2013/01/22 00:33:27 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2013/01/22 00:33:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2013/01/22 00:33:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2013/01/22 00:33:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2013/01/22 00:33:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2013/01/22 00:33:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2013/01/22 00:33:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2013/01/22 00:33:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013/01/22 00:33:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013/01/22 00:33:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013/01/22 00:33:26 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013/01/22 00:33:26 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2013/01/22 00:33:26 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2013/01/22 00:33:26 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2013/01/22 00:33:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2013/01/22 00:33:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2013/01/22 00:33:26 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013/01/22 00:33:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2013/01/22 00:33:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2013/01/22 00:33:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2013/01/22 00:33:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2013/01/22 00:33:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2013/01/22 00:33:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2013/01/22 00:33:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2013/01/22 00:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2013/01/22 00:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2013/01/22 00:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2013/01/22 00:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2013/01/22 00:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2013/01/22 00:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2013/01/22 00:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2013/01/22 00:33:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2013/01/22 00:33:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2013/01/22 00:33:25 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013/01/22 00:33:25 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2013/01/22 00:33:25 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2013/01/22 00:33:25 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2013/01/22 00:33:25 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013/01/22 00:33:25 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2013/01/22 00:33:25 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2013/01/22 00:33:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2013/01/22 00:33:25 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2013/01/22 00:33:25 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2013/01/22 00:33:25 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2013/01/22 00:33:25 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2013/01/22 00:33:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2013/01/22 00:33:25 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2013/01/22 00:33:25 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2013/01/22 00:33:25 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013/01/22 00:33:25 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2013/01/22 00:33:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2013/01/22 00:33:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2013/01/22 00:33:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2013/01/22 00:33:25 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2013/01/22 00:33:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2013/01/22 00:33:24 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013/01/22 00:33:24 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2013/01/22 00:33:24 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2013/01/22 00:33:24 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013/01/22 00:33:24 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2013/01/22 00:33:24 | 000,219,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2013/01/22 00:33:24 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013/01/22 00:33:24 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013/01/22 00:33:24 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2013/01/22 00:33:24 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013/01/22 00:33:24 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013/01/22 00:33:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2013/01/22 00:33:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013/01/22 00:33:24 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013/01/22 00:33:24 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2013/01/22 00:33:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2013/01/22 00:33:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013/01/22 00:33:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2013/01/22 00:33:24 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2013/01/22 00:33:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2013/01/22 00:33:23 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2013/01/22 00:33:23 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013/01/22 00:33:23 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2013/01/22 00:33:23 | 000,210,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2013/01/22 00:33:23 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013/01/22 00:33:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2013/01/22 00:33:23 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013/01/22 00:33:23 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2013/01/22 00:33:23 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013/01/22 00:33:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/01/22 00:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/01/22 00:29:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/01/22 00:29:58 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013/01/22 00:29:58 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013/01/22 00:29:58 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013/01/22 00:29:58 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013/01/22 00:29:58 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013/01/22 00:29:58 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013/01/22 00:29:58 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013/01/22 00:29:58 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013/01/22 00:29:58 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013/01/22 00:29:58 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013/01/22 00:29:58 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013/01/22 00:29:58 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013/01/22 00:29:58 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013/01/22 00:29:58 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013/01/22 00:29:58 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013/01/22 00:29:58 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013/01/22 00:29:58 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013/01/22 00:29:57 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2013/01/22 00:29:57 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013/01/22 00:29:57 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2013/01/22 00:29:57 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013/01/22 00:29:57 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013/01/22 00:29:57 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013/01/22 00:29:57 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013/01/22 00:29:57 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013/01/22 00:29:57 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2013/01/22 00:29:57 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2013/01/22 00:29:57 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2013/01/22 00:29:57 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013/01/22 00:29:57 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2013/01/22 00:29:57 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013/01/22 00:29:57 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013/01/22 00:29:57 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013/01/22 00:29:57 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013/01/22 00:29:57 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013/01/22 00:29:57 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013/01/22 00:29:57 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013/01/22 00:29:57 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2013/01/22 00:29:57 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013/01/22 00:29:57 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013/01/22 00:29:57 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013/01/22 00:29:57 | 000,008,261 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneoc.dll
[2013/01/22 00:29:57 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2013/01/22 00:29:56 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013/01/22 00:29:56 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013/01/22 00:29:55 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013/01/22 00:29:55 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013/01/22 00:29:55 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2013/01/22 00:29:55 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013/01/22 00:29:55 | 000,174,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xenroll.dll
[2013/01/22 00:29:55 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013/01/22 00:29:55 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013/01/22 00:29:55 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013/01/22 00:29:55 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013/01/22 00:29:55 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013/01/22 00:29:55 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013/01/22 00:29:55 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013/01/22 00:29:55 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2013/01/22 00:29:55 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013/01/22 00:29:54 | 001,933,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2013/01/22 00:29:54 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe.dll
[2013/01/22 00:29:54 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe.dll
[2013/01/22 00:29:54 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcdlg.dll
[2013/01/22 00:29:54 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wow32.dll
[2013/01/22 00:29:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactsrv.dll
[2013/01/22 00:29:54 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ws2_32.dll
[2013/01/22 00:29:54 | 000,053,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2013/01/22 00:29:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsnmp32.dll
[2013/01/22 00:29:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshcon.dll
[2013/01/22 00:29:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wupdmgr.exe
[2013/01/22 00:29:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2013/01/22 00:29:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2013/01/22 00:29:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2013/01/22 00:29:54 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013/01/22 00:29:54 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013/01/22 00:29:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wship6.dll
[2013/01/22 00:29:54 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ws2ifsl.sys
[2013/01/22 00:29:54 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013/01/22 00:29:54 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013/01/22 00:29:54 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013/01/22 00:29:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshisn.dll
[2013/01/22 00:29:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshisn.dll
[2013/01/22 00:29:54 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013/01/22 00:29:54 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013/01/22 00:29:54 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshrm.dll
[2013/01/22 00:29:54 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2013/01/22 00:29:54 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wowexec.exe
[2013/01/22 00:29:54 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wowexec.exe
[2013/01/22 00:29:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshatm.dll
[2013/01/22 00:29:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshatm.dll
[2013/01/22 00:29:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshnetbs.dll
[2013/01/22 00:29:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshnetbs.dll
[2013/01/22 00:29:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013/01/22 00:29:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013/01/22 00:29:54 | 000,002,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wowdeb.exe
[2013/01/22 00:29:54 | 000,002,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wowdeb.exe
[2013/01/22 00:29:53 | 001,677,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvcore2.dll
[2013/01/22 00:29:53 | 001,677,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvcore2.dll
[2013/01/22 00:29:53 | 000,311,327 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2013/01/22 00:29:53 | 000,311,327 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8dmod.dll
[2013/01/22 00:29:53 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmstream.dll
[2013/01/22 00:29:53 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2013/01/22 00:29:53 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe.dll
[2013/01/22 00:29:53 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2013/01/22 00:29:52 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpstub.exe
[2013/01/22 00:29:52 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpstub.exe
[2013/01/22 00:29:50 | 000,319,542 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2013/01/22 00:29:50 | 000,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2013/01/22 00:29:50 | 000,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2013/01/22 00:29:50 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.ocx
[2013/01/22 00:29:50 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.ocx
[2013/01/22 00:29:50 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013/01/22 00:29:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013/01/22 00:29:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013/01/22 00:29:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerrenu.dll
[2013/01/22 00:29:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerrenu.dll
[2013/01/22 00:29:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013/01/22 00:29:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmiprop.dll
[2013/01/22 00:29:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprop.dll
[2013/01/22 00:29:50 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys
[2013/01/22 00:29:50 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmilib.sys
[2013/01/22 00:29:49 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2013/01/22 00:29:49 | 000,171,549 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wjview.exe
[2013/01/22 00:29:49 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2013/01/22 00:29:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsta.dll
[2013/01/22 00:29:49 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2013/01/22 00:29:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winstrm.dll
[2013/01/22 00:29:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winstrm.dll
[2013/01/22 00:29:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2013/01/22 00:29:49 | 000,002,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsock.dll
[2013/01/22 00:29:49 | 000,002,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winspool.exe
[2013/01/22 00:29:49 | 000,002,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winspool.exe
[2013/01/22 00:29:49 | 000,002,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winoldap.mod
[2013/01/22 00:29:44 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winntbbu.dll
[2013/01/22 00:29:42 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2013/01/22 00:29:42 | 000,256,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhelp.exe
[2013/01/22 00:29:42 | 000,256,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhelp.exe
[2013/01/22 00:29:42 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013/01/22 00:29:42 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013/01/22 00:29:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013/01/22 00:29:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013/01/22 00:29:42 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmsd.exe
[2013/01/22 00:29:42 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2013/01/22 00:29:42 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winfax.dll
[2013/01/22 00:29:42 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winfax.dll
[2013/01/22 00:29:42 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2013/01/22 00:29:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winnls.dll
[2013/01/22 00:29:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winnls.dll
[2013/01/22 00:29:41 | 001,647,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2013/01/22 00:29:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013/01/22 00:29:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013/01/22 00:29:40 | 001,866,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013/01/22 00:29:40 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadefui.dll
[2013/01/22 00:29:40 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2013/01/22 00:29:40 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiavusd.dll
[2013/01/22 00:29:40 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiavusd.dll
[2013/01/22 00:29:40 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadss.dll
[2013/01/22 00:29:40 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiavideo.dll
[2013/01/22 00:29:40 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win.com
[2013/01/22 00:29:40 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wfwnet.drv
[2013/01/22 00:29:40 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2013/01/22 00:29:40 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013/01/22 00:29:40 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wifeman.dll
[2013/01/22 00:29:40 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wifeman.dll
[2013/01/22 00:29:39 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webvw.dll
[2013/01/22 00:29:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2013/01/22 00:29:39 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013/01/22 00:29:39 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webhits.dll
[2013/01/22 00:29:39 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webhits.dll
[2013/01/22 00:29:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013/01/22 00:29:38 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013/01/22 00:29:38 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013/01/22 00:29:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013/01/22 00:29:36 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wavemsp.dll
[2013/01/22 00:29:36 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w32tm.exe
[2013/01/22 00:29:36 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2013/01/22 00:29:36 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013/01/22 00:29:36 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w32topl.dll
[2013/01/22 00:29:36 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32topl.dll
[2013/01/22 00:29:36 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\watchdog.sys
[2013/01/22 00:29:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vss_ps.dll
[2013/01/22 00:29:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vss_ps.dll
[2013/01/22 00:29:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2013/01/22 00:29:35 | 000,287,263 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vmhelper.dll
[2013/01/22 00:29:35 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.exe
[2013/01/22 00:29:35 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2013/01/22 00:29:35 | 000,081,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys
[2013/01/22 00:29:35 | 000,051,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga256.dll
[2013/01/22 00:29:35 | 000,051,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga256.dll
[2013/01/22 00:29:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vssadmin.exe
[2013/01/22 00:29:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2013/01/22 00:29:35 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.dll
[2013/01/22 00:29:35 | 000,020,535 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfpodbc.dll
[2013/01/22 00:29:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\vmmreg32.dll
[2013/01/22 00:29:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vmmreg32.dll
[2013/01/22 00:29:35 | 000,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga64k.dll
[2013/01/22 00:29:35 | 000,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga64k.dll
[2013/01/22 00:29:35 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga.dll
[2013/01/22 00:29:35 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.dll
[2013/01/22 00:29:35 | 000,005,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgaoem.fon
[2013/01/22 00:29:35 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vjoy.dll
[2013/01/22 00:29:35 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vjoy.dll
[2013/01/22 00:29:35 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga.drv
[2013/01/22 00:29:35 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2013/01/22 00:29:35 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013/01/22 00:29:34 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.dll
[2013/01/22 00:29:34 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmredir.dll
[2013/01/22 00:29:34 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2013/01/22 00:29:34 | 000,030,749 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbajet32.dll
[2013/01/22 00:29:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmdbg.dll
[2013/01/22 00:29:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\utildll.dll
[2013/01/22 00:29:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utildll.dll
[2013/01/22 00:29:34 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ver.dll
[2013/01/22 00:29:34 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2013/01/22 00:29:34 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013/01/22 00:29:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vcdex.dll
[2013/01/22 00:29:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vcdex.dll
[2013/01/22 00:29:33 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2013/01/22 00:29:33 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013/01/22 00:29:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/01/22 00:29:33 | 000,047,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\user.exe
[2013/01/22 00:29:33 | 000,047,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user.exe
[2013/01/22 00:29:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2013/01/22 00:29:33 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ureg.dll
[2013/01/22 00:29:33 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ureg.dll
[2013/01/22 00:29:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2013/01/22 00:29:33 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2013/01/22 00:29:33 | 000,004,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys
[2013/01/22 00:29:32 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2013/01/22 00:29:32 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ulib.dll
[2013/01/22 00:29:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdmat.dll
[2013/01/22 00:29:32 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umandlg.dll
[2013/01/22 00:29:32 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2013/01/22 00:29:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013/01/22 00:29:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umdmxfrm.dll
[2013/01/22 00:29:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umdmxfrm.dll
[2013/01/22 00:29:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unlodctr.exe
[2013/01/22 00:29:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2013/01/22 00:29:31 | 000,177,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\typelib.dll
[2013/01/22 00:29:31 | 000,177,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\typelib.dll
[2013/01/22 00:29:31 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\txflog.dll
[2013/01/22 00:29:31 | 000,094,784 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twain.dll
[2013/01/22 00:29:31 | 000,094,784 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twain.dll
[2013/01/22 00:29:31 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ufat.dll
[2013/01/22 00:29:31 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ufat.dll
[2013/01/22 00:29:31 | 000,050,688 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twain_32.dll
[2013/01/22 00:29:31 | 000,049,680 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twunk_16.exe
[2013/01/22 00:29:31 | 000,049,680 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_16.exe
[2013/01/22 00:29:31 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2013/01/22 00:29:31 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2013/01/22 00:29:31 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\udhisapi.dll
[2013/01/22 00:29:31 | 000,025,600 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twunk_32.exe
[2013/01/22 00:29:31 | 000,025,600 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2013/01/22 00:29:31 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013/01/22 00:29:31 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013/01/22 00:29:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013/01/22 00:29:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013/01/22 00:29:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013/01/22 00:29:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013/01/22 00:29:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013/01/22 00:29:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013/01/22 00:29:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013/01/22 00:29:31 | 000,012,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsddd.dll
[2013/01/22 00:29:31 | 000,008,192 | ---- | C] (DSP GROUP, INC.) -- C:\WINDOWS\System32\tssoft32.acm
[2013/01/22 00:29:30 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013/01/22 00:29:30 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013/01/22 00:29:30 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsappcmp.dll
[2013/01/22 00:29:30 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsappcmp.dll
[2013/01/22 00:29:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2013/01/22 00:29:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert6.exe
[2013/01/22 00:29:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2013/01/22 00:29:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\traffic.dll
[2013/01/22 00:29:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\traffic.dll
[2013/01/22 00:29:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tree.com
[2013/01/22 00:29:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2013/01/22 00:29:29 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2013/01/22 00:29:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013/01/22 00:29:29 | 000,013,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\toolhelp.dll
[2013/01/22 00:29:29 | 000,013,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toolhelp.dll
[2013/01/22 00:29:27 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\timedate.cpl
[2013/01/22 00:29:27 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\timer.drv
[2013/01/22 00:29:27 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2013/01/22 00:29:27 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013/01/22 00:29:26 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termmgr.dll
[2013/01/22 00:29:26 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2013/01/22 00:29:26 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013/01/22 00:29:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmonui.dll
[2013/01/22 00:29:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\telephon.cpl
[2013/01/22 00:29:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telephon.cpl
[2013/01/22 00:29:26 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013/01/22 00:29:26 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013/01/22 00:29:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2013/01/22 00:29:26 | 000,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys
[2013/01/22 00:29:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tftp.exe
[2013/01/22 00:29:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2013/01/22 00:29:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmib.dll
[2013/01/22 00:29:26 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013/01/22 00:29:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcmsetup.exe
[2013/01/22 00:29:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2013/01/22 00:29:25 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2013/01/22 00:29:25 | 000,858,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi3.dll
[2013/01/22 00:29:25 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2013/01/22 00:29:25 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapiui.dll
[2013/01/22 00:29:25 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapiui.dll
[2013/01/22 00:29:25 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi.dll
[2013/01/22 00:29:25 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2013/01/22 00:29:25 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013/01/22 00:29:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013/01/22 00:29:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe
[2013/01/22 00:29:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2013/01/22 00:29:25 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys
[2013/01/22 00:29:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapiperf.dll
[2013/01/22 00:29:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapiperf.dll
[2013/01/22 00:29:25 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\system.drv
[2013/01/22 00:29:25 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2013/01/22 00:29:25 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013/01/22 00:29:25 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.exe
[2013/01/22 00:29:25 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2013/01/22 00:29:24 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysmon.ocx
[2013/01/22 00:29:24 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swprv.dll
[2013/01/22 00:29:24 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysmod_a.dll
[2013/01/22 00:29:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2013/01/22 00:29:24 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2013/01/22 00:29:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syncapp.exe
[2013/01/22 00:29:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncapp.exe
[2013/01/22 00:29:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syskey.exe
[2013/01/22 00:29:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2013/01/22 00:29:24 | 000,018,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysedit.exe
[2013/01/22 00:29:24 | 000,018,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysedit.exe
[2013/01/22 00:29:24 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysinv.dll
[2013/01/22 00:29:24 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinv.dll
[2013/01/22 00:29:23 | 000,679,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2013/01/22 00:29:23 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll
[2013/01/22 00:29:23 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2013/01/22 00:29:23 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti_ci.dll
[2013/01/22 00:29:23 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti.dll
[2013/01/22 00:29:23 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013/01/22 00:29:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole2.tlb
[2013/01/22 00:29:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2013/01/22 00:29:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2013/01/22 00:29:23 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\subst.exe
[2013/01/22 00:29:23 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2013/01/22 00:29:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole32.tlb
[2013/01/22 00:29:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole32.tlb
[2013/01/22 00:29:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\svcpack.dll
[2013/01/22 00:29:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcpack.dll
[2013/01/22 00:29:23 | 000,005,532 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole.tlb
[2013/01/22 00:29:23 | 000,005,532 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\stdole.tlb
[2013/01/22 00:29:23 | 000,004,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storage.dll
[2013/01/22 00:29:23 | 000,004,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\storage.dll
[2013/01/22 00:29:22 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2013/01/22 00:29:22 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2013/01/22 00:29:22 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2013/01/22 00:29:22 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013/01/22 00:29:22 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013/01/22 00:29:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2013/01/22 00:29:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013/01/22 00:29:22 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2013/01/22 00:29:22 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2013/01/22 00:29:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2013/01/22 00:29:21 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2013/01/22 00:29:21 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013/01/22 00:29:21 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.dll
[2013/01/22 00:29:21 | 000,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlunirl.dll
[2013/01/22 00:29:21 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.rll
[2013/01/22 00:29:21 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2013/01/22 00:29:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2013/01/22 00:29:21 | 000,049,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlwoa.dll
[2013/01/22 00:29:21 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013/01/22 00:29:21 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013/01/22 00:29:21 | 000,024,603 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlwid.dll
[2013/01/22 00:29:21 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sprestrt.exe
[2013/01/22 00:29:21 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprestrt.exe
[2013/01/22 00:29:15 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpsnap.dll
[2013/01/22 00:29:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013/01/22 00:29:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013/01/22 00:29:15 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013/01/22 00:29:15 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013/01/22 00:29:15 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013/01/22 00:29:15 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2013/01/22 00:29:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpapi.dll
[2013/01/22 00:29:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013/01/22 00:29:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\softpub.dll
[2013/01/22 00:29:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softpub.dll
[2013/01/22 00:29:15 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sound.drv
[2013/01/22 00:29:15 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2013/01/22 00:29:15 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013/01/22 00:29:14 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogcfg.dll
[2013/01/22 00:29:14 | 000,306,176 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbcsp.dll
[2013/01/22 00:29:14 | 000,098,304 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbiop.dll
[2013/01/22 00:29:14 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\sl_anet.acm
[2013/01/22 00:29:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013/01/22 00:29:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013/01/22 00:29:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013/01/22 00:29:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013/01/22 00:29:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013/01/22 00:29:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013/01/22 00:29:14 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013/01/22 00:29:14 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013/01/22 00:29:14 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013/01/22 00:29:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013/01/22 00:29:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013/01/22 00:29:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013/01/22 00:29:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013/01/22 00:29:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2013/01/22 00:29:14 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013/01/22 00:29:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013/01/22 00:29:14 | 000,014,848 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbrccsp.dll
[2013/01/22 00:29:14 | 000,014,848 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\dllcache\slbrccsp.dll
[2013/01/22 00:29:14 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys
[2013/01/22 00:29:14 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smclib.sys
[2013/01/22 00:29:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013/01/22 00:29:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013/01/22 00:29:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skdll.dll
[2013/01/22 00:29:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skdll.dll
[2013/01/22 00:29:13 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2013/01/22 00:29:13 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2013/01/22 00:29:13 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2013/01/22 00:29:13 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2013/01/22 00:29:13 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2013/01/22 00:29:13 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2013/01/22 00:29:13 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2013/01/22 00:29:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shfolder.dll
[2013/01/22 00:29:13 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2013/01/22 00:29:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013/01/22 00:29:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simpdata.tlb
[2013/01/22 00:29:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sisbkup.dll
[2013/01/22 00:29:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sisbkup.dll
[2013/01/22 00:29:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigtab.dll
[2013/01/22 00:29:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shell.dll
[2013/01/22 00:29:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2013/01/22 00:29:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013/01/22 00:29:11 | 001,614,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll
[2013/01/22 00:29:11 | 001,510,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2013/01/22 00:29:11 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupdll.dll
[2013/01/22 00:29:11 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setupdll.dll
[2013/01/22 00:29:11 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfmapi.dll
[2013/01/22 00:29:11 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfmapi.dll
[2013/01/22 00:29:11 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013/01/22 00:29:11 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013/01/22 00:29:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.exe
[2013/01/22 00:29:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2013/01/22 00:29:10 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrobj.dll
[2013/01/22 00:29:10 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\script_a.dll
[2013/01/22 00:29:10 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdpblb.dll
[2013/01/22 00:29:10 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdpblb.dll
[2013/01/22 00:29:10 | 000,096,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys
[2013/01/22 00:29:10 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2013/01/22 00:29:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scripto.dll
[2013/01/22 00:29:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scripto.dll
[2013/01/22 00:29:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013/01/22 00:29:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2013/01/22 00:29:10 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sendcmsg.dll
[2013/01/22 00:29:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scredir.dll
[2013/01/22 00:29:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scredir.dll
[2013/01/22 00:29:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2013/01/22 00:29:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\serwvdrv.dll
[2013/01/22 00:29:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serwvdrv.dll
[2013/01/22 00:29:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\serialui.dll
[2013/01/22 00:29:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serialui.dll
[2013/01/22 00:29:10 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\senscfg.dll
[2013/01/22 00:29:10 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\senscfg.dll
[2013/01/22 00:29:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\script.fon
[2013/01/22 00:29:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2013/01/22 00:29:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\security.dll
[2013/01/22 00:29:09 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sccsccp.dll
[2013/01/22 00:29:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sccbase.dll
[2013/01/22 00:29:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sccbase.dll
[2013/01/22 00:29:09 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2013/01/22 00:29:09 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scardssp.dll
[2013/01/22 00:29:09 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardssp.dll
[2013/01/22 00:29:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scarddlg.dll
[2013/01/22 00:29:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2013/01/22 00:29:09 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2013/01/22 00:29:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2013/01/22 00:29:08 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2013/01/22 00:29:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtm.dll
[2013/01/22 00:29:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtm.dll
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/01/22 00:29:08 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2013/01/22 00:29:08 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2013/01/22 00:29:08 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013/01/22 00:29:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013/01/22 00:29:08 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2013/01/22 00:29:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtipxmib.dll
[2013/01/22 00:29:08 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013/01/22 00:29:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runas.exe
[2013/01/22 00:29:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2013/01/22 00:29:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013/01/22 00:29:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013/01/22 00:29:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2013/01/22 00:29:07 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsaenh.dll
[2013/01/22 00:29:07 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2013/01/22 00:29:07 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpsp.dll
[2013/01/22 00:29:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmui.exe
[2013/01/22 00:29:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2013/01/22 00:29:07 | 000,049,152 | ---- | C] (Microsoft Corp) -- C:\WINDOWS\System32\rsm.exe
[2013/01/22 00:29:07 | 000,049,152 | ---- | C] (Microsoft Corp) -- C:\WINDOWS\System32\dllcache\rsm.exe
[2013/01/22 00:29:07 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
[2013/01/22 00:29:07 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2013/01/22 00:29:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvpmsg.dll
[2013/01/22 00:29:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpmsg.dll
[2013/01/22 00:29:07 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rpcns4.dll
[2013/01/22 00:29:07 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcns4.dll
[2013/01/22 00:29:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmps.dll
[2013/01/22 00:29:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2013/01/22 00:29:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvpperf.dll
[2013/01/22 00:29:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpperf.dll
[2013/01/22 00:29:06 | 000,397,824 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\regwizc.dll
[2013/01/22 00:29:06 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2013/01/22 00:29:06 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rend.dll
[2013/01/22 00:29:06 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rend.dll
[2013/01/22 00:29:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotesp.tsp
[2013/01/22 00:29:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013/01/22 00:29:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013/01/22 00:29:06 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys
[2013/01/22 00:29:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\routemon.exe
[2013/01/22 00:29:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2013/01/22 00:29:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\route.exe
[2013/01/22 00:29:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2013/01/22 00:29:06 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013/01/22 00:29:06 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2013/01/22 00:29:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\replace.exe
[2013/01/22 00:29:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2013/01/22 00:29:06 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2013/01/22 00:29:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013/01/22 00:29:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013/01/22 00:29:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\routetab.dll
[2013/01/22 00:29:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routetab.dll
[2013/01/22 00:29:06 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rootmdm.sys
[2013/01/22 00:29:06 | 000,004,608 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\regwiz.exe
[2013/01/22 00:29:06 | 000,004,608 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2013/01/22 00:29:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\riched32.dll
[2013/01/22 00:29:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched32.dll
[2013/01/22 00:29:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe
[2013/01/22 00:29:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2013/01/22 00:29:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rnr20.dll
[2013/01/22 00:29:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rnr20.dll
[2013/01/22 00:29:05 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013/01/22 00:29:05 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmontr.dll
[2013/01/22 00:29:05 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmontr.dll
[2013/01/22 00:29:05 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcbdyctl.dll
[2013/01/22 00:29:05 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013/01/22 00:29:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013/01/22 00:29:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013/01/22 00:29:05 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2013/01/22 00:29:05 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2013/01/22 00:29:05 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2013/01/22 00:29:05 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys
[2013/01/22 00:29:05 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rawwan.sys
[2013/01/22 00:29:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasrad.dll
[2013/01/22 00:29:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasrad.dll
[2013/01/22 00:29:05 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmxs.dll
[2013/01/22 00:29:05 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmxs.dll
[2013/01/22 00:29:05 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2013/01/22 00:29:05 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013/01/22 00:29:05 | 000,016,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raspti.sys
[2013/01/22 00:29:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rassapi.dll
[2013/01/22 00:29:05 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013/01/22 00:29:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasser.dll
[2013/01/22 00:29:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasser.dll
[2013/01/22 00:29:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasctrs.dll
[2013/01/22 00:29:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasctrs.dll
[2013/01/22 00:29:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasautou.exe
[2013/01/22 00:29:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2013/01/22 00:29:05 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdial.exe
[2013/01/22 00:29:05 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2013/01/22 00:29:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\recover.exe
[2013/01/22 00:29:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2013/01/22 00:29:05 | 000,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcdd.sys
[2013/01/22 00:29:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013/01/22 00:29:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013/01/22 00:29:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013/01/22 00:29:04 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013/01/22 00:29:04 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013/01/22 00:29:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013/01/22 00:29:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013/01/22 00:29:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013/01/22 00:29:04 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013/01/22 00:29:04 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasacd.sys
[2013/01/22 00:29:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qosname.dll
[2013/01/22 00:29:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qosname.dll
[2013/01/22 00:29:03 | 000,017,792 | ---- | C] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ptilink.sys
[2013/01/22 00:29:03 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013/01/22 00:29:03 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013/01/22 00:29:02 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013/01/22 00:29:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.cpl
[2013/01/22 00:29:02 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2013/01/22 00:29:02 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\polstore.dll
[2013/01/22 00:29:02 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\proctexe.ocx
[2013/01/22 00:29:02 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2013/01/22 00:29:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2013/01/22 00:29:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pmspl.dll
[2013/01/22 00:29:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmspl.dll
[2013/01/22 00:29:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorec.dll
[2013/01/22 00:29:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prflbmsg.dll
[2013/01/22 00:29:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\prflbmsg.dll
[2013/01/22 00:29:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013/01/22 00:29:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pschdprf.dll
[2013/01/22 00:29:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pschdprf.dll
[2013/01/22 00:29:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\print.exe
[2013/01/22 00:29:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2013/01/22 00:29:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psnppagn.dll
[2013/01/22 00:29:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psnppagn.dll
[2013/01/22 00:29:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013/01/22 00:29:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pifmgr.dll
[2013/01/22 00:29:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pifmgr.dll
[2013/01/22 00:29:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping6.exe
[2013/01/22 00:29:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2013/01/22 00:29:01 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\plustab.dll
[2013/01/22 00:29:01 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plustab.dll
[2013/01/22 00:29:01 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2013/01/22 00:28:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfctrs.dll
[2013/01/22 00:28:56 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfproc.dll
[2013/01/22 00:28:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfnet.dll
[2013/01/22 00:28:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2013/01/22 00:28:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfts.dll
[2013/01/22 00:28:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfts.dll
[2013/01/22 00:28:55 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2013/01/22 00:28:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pentnt.exe
[2013/01/22 00:28:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2013/01/22 00:28:55 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciide.sys
[2013/01/22 00:28:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pautoenr.dll
[2013/01/22 00:28:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pathping.exe
[2013/01/22 00:28:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2013/01/22 00:28:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\panmap.dll
[2013/01/22 00:28:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\panmap.dll
[2013/01/22 00:28:54 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\parvdm.sys
[2013/01/22 00:28:53 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\opengl32.dll
[2013/01/22 00:28:53 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2013/01/22 00:28:53 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleprn.dll
[2013/01/22 00:28:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli.dll
[2013/01/22 00:28:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2013/01/22 00:28:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013/01/22 00:28:53 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli32.dll
[2013/01/22 00:28:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olethk32.dll
[2013/01/22 00:28:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olethk32.dll
[2013/01/22 00:28:53 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.dll
[2013/01/22 00:28:53 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2013/01/22 00:28:53 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.exe
[2013/01/22 00:28:53 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2013/01/22 00:28:53 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2013/01/22 00:28:53 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olesvr.dll
[2013/01/22 00:28:53 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2013/01/22 00:28:53 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013/01/22 00:28:53 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olesvr32.dll
[2013/01/22 00:28:53 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr32.dll
[2013/01/22 00:28:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll
[2013/01/22 00:28:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2013/01/22 00:28:53 | 000,003,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys
[2013/01/22 00:28:52 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2013/01/22 00:28:52 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offfilt.dll
[2013/01/22 00:28:52 | 000,169,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2disp.dll
[2013/01/22 00:28:52 | 000,169,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2disp.dll
[2013/01/22 00:28:52 | 000,153,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2nls.dll
[2013/01/22 00:28:52 | 000,153,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2nls.dll
[2013/01/22 00:28:52 | 000,039,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2.dll
[2013/01/22 00:28:52 | 000,039,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2.dll
[2013/01/22 00:28:46 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\objsel.dll
[2013/01/22 00:28:46 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcjt32.dll
[2013/01/22 00:28:46 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbctrac.dll
[2013/01/22 00:28:46 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2013/01/22 00:28:46 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.dll
[2013/01/22 00:28:46 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.dll
[2013/01/22 00:28:46 | 000,088,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2013/01/22 00:28:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2013/01/22 00:28:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ocmanage.dll
[2013/01/22 00:28:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccu32.dll
[2013/01/22 00:28:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccr32.dll
[2013/01/22 00:28:46 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys
[2013/01/22 00:28:46 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnknb.sys
[2013/01/22 00:28:46 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys
[2013/01/22 00:28:46 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkspx.sys
[2013/01/22 00:28:46 | 000,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcji32.dll
[2013/01/22 00:28:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.cpl
[2013/01/22 00:28:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2013/01/22 00:28:46 | 000,032,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkfwd.sys
[2013/01/22 00:28:46 | 000,026,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc16gt.dll
[2013/01/22 00:28:46 | 000,026,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc16gt.dll
[2013/01/22 00:28:46 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odtext32.dll
[2013/01/22 00:28:46 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oddbse32.dll
[2013/01/22 00:28:46 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odpdx32.dll
[2013/01/22 00:28:46 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odfox32.dll
[2013/01/22 00:28:46 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odexl32.dll
[2013/01/22 00:28:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32gt.dll
[2013/01/22 00:28:46 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkflt.sys
[2013/01/22 00:28:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcp32r.dll
[2013/01/22 00:28:45 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2013/01/22 00:28:45 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nusrmgr.cpl
[2013/01/22 00:28:45 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntshrui.dll
[2013/01/22 00:28:45 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdmd.dll
[2013/01/22 00:28:45 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\null.sys
[2013/01/22 00:28:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntprint.dll
[2013/01/22 00:28:43 | 002,192,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013/01/22 00:28:43 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsmgr.dll
[2013/01/22 00:28:43 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsdba.dll
[2013/01/22 00:28:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanui.dll
[2013/01/22 00:28:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlanui.dll
[2013/01/22 00:28:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsapi.dll
[2013/01/22 00:28:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsevt.dll
[2013/01/22 00:28:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsevt.dll
[2013/01/22 00:28:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlanui2.dll
[2013/01/22 00:28:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2013/01/22 00:28:41 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\npptools.dll
[2013/01/22 00:28:40 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2013/01/22 00:28:40 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys
[2013/01/22 00:28:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013/01/22 00:28:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013/01/22 00:28:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013/01/22 00:28:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013/01/22 00:28:39 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\newdev.dll
[2013/01/22 00:28:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nlhtml.dll
[2013/01/22 00:28:38 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui2.dll
[2013/01/22 00:28:38 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netui2.dll
[2013/01/22 00:28:38 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netmsg.dll
[2013/01/22 00:28:38 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netmsg.dll
[2013/01/22 00:28:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2013/01/22 00:28:38 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2013/01/22 00:28:37 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\neth.dll
[2013/01/22 00:28:37 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\neth.dll
[2013/01/22 00:28:37 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netevent.dll
[2013/01/22 00:28:37 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netevent.dll
[2013/01/22 00:28:37 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netid.dll
[2013/01/22 00:28:37 | 000,108,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi.dll
[2013/01/22 00:28:37 | 000,108,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi.dll
[2013/01/22 00:28:36 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2013/01/22 00:28:36 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mycomput.dll
[2013/01/22 00:28:36 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mycomput.dll
[2013/01/22 00:28:36 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2013/01/22 00:28:36 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2013/01/22 00:28:36 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncpa.cpl
[2013/01/22 00:28:36 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncpa.cpl
[2013/01/22 00:28:36 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrhook.dll
[2013/01/22 00:28:36 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrhook.dll
[2013/01/22 00:28:36 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nbtstat.exe
[2013/01/22 00:28:36 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2013/01/22 00:28:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddenb32.dll
[2013/01/22 00:28:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncxpnt.dll
[2013/01/22 00:28:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncxpnt.dll
[2013/01/22 00:28:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2013/01/22 00:28:34 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2.dll
[2013/01/22 00:28:34 | 000,621,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswstr10.dll
[2013/01/22 00:28:34 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml.dll
[2013/01/22 00:28:34 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxbde40.dll
[2013/01/22 00:28:34 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2013/01/22 00:28:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3r.dll
[2013/01/22 00:28:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3r.dll
[2013/01/22 00:28:34 | 000,037,916 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2r.dll
[2013/01/22 00:28:34 | 000,037,916 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml2r.dll
[2013/01/22 00:28:34 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013/01/22 00:28:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013/01/22 00:28:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxmlr.dll
[2013/01/22 00:28:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxmlr.dll
[2013/01/22 00:28:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013/01/22 00:28:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013/01/22 00:28:33 | 000,838,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswdat10.dll
[2013/01/22 00:28:33 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp50.dll
[2013/01/22 00:28:33 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcp50.dll
[2013/01/22 00:28:33 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt20.dll
[2013/01/22 00:28:33 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt20.dll
[2013/01/22 00:28:33 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvideo.dll
[2013/01/22 00:28:33 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2013/01/22 00:28:33 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013/01/22 00:28:33 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msw3prt.dll
[2013/01/22 00:28:33 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt40.dll
[2013/01/22 00:28:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcirt.dll
[2013/01/22 00:28:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2013/01/22 00:28:32 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2013/01/22 00:28:32 | 001,384,479 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm60.dll
[2013/01/22 00:28:32 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm50.dll
[2013/01/22 00:28:32 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/01/22 00:28:32 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2013/01/22 00:28:32 | 000,241,725 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msuni11.dll
[2013/01/22 00:28:32 | 000,241,725 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msuni11.dll
[2013/01/22 00:28:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013/01/22 00:28:31 | 000,559,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrepl40.dll
[2013/01/22 00:28:31 | 000,432,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd2x40.dll
[2013/01/22 00:28:31 | 000,322,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd3x40.dll
[2013/01/22 00:28:31 | 000,264,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstext40.dll
[2013/01/22 00:28:31 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2013/01/22 00:28:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2013/01/22 00:28:31 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2013/01/22 00:28:31 | 000,073,802 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrclr40.dll
[2013/01/22 00:28:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msr2c.dll
[2013/01/22 00:28:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msr2c.dll
[2013/01/22 00:28:31 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msratelc.dll
[2013/01/22 00:28:31 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msratelc.dll
[2013/01/22 00:28:31 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssign32.dll
[2013/01/22 00:28:31 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssign32.dll
[2013/01/22 00:28:31 | 000,028,746 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrecr40.dll
[2013/01/22 00:28:31 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2013/01/22 00:28:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msswch.dll
[2013/01/22 00:28:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswch.dll
[2013/01/22 00:28:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msr2cenu.dll
[2013/01/22 00:28:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msr2cenu.dll
[2013/01/22 00:28:31 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msswchx.exe
[2013/01/22 00:28:31 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2013/01/22 00:28:31 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssip32.dll
[2013/01/22 00:28:31 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssip32.dll
[2013/01/22 00:28:30 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspbde40.dll
[2013/01/22 00:28:30 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013/01/22 00:28:30 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013/01/22 00:28:30 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorcl32.dll
[2013/01/22 00:28:30 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013/01/22 00:28:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msports.dll
[2013/01/22 00:28:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msports.dll
[2013/01/22 00:28:30 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorc32r.dll
[2013/01/22 00:28:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msobjs.dll
[2013/01/22 00:28:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobjs.dll
[2013/01/22 00:28:28 | 000,248,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjtes40.dll
[2013/01/22 00:28:28 | 000,219,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msltus40.dll
[2013/01/22 00:28:28 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msls31.dll
[2013/01/22 00:28:28 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[2013/01/22 00:28:28 | 000,151,583 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjint40.dll
[2013/01/22 00:28:28 | 000,060,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjter40.dll
[2013/01/22 00:28:27 | 001,516,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjet40.dll
[2013/01/22 00:28:27 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimsg.dll
[2013/01/22 00:28:27 | 000,368,710 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msisam11.dll
[2013/01/22 00:28:27 | 000,368,710 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msisam11.dll
[2013/01/22 00:28:27 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013/01/22 00:28:27 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msihnd.dll
[2013/01/22 00:28:27 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimtf.dll
[2013/01/22 00:28:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msident.dll
[2013/01/22 00:28:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2013/01/22 00:28:27 | 000,021,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjdbc10.dll
[2013/01/22 00:28:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msisip.dll
[2013/01/22 00:28:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msidntld.dll
[2013/01/22 00:28:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msidntld.dll
[2013/01/22 00:28:26 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2013/01/22 00:28:26 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013/01/22 00:28:26 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013/01/22 00:28:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
[2013/01/22 00:28:26 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013/01/22 00:28:25 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2013/01/22 00:28:25 | 000,326,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msexcl40.dll
[2013/01/22 00:28:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013/01/22 00:28:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013/01/22 00:28:24 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013/01/22 00:28:24 | 000,518,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msexch40.dll
[2013/01/22 00:28:24 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013/01/22 00:28:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013/01/22 00:28:24 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdart.dll
[2013/01/22 00:28:24 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013/01/22 00:28:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatsrc.tlb
[2013/01/22 00:28:23 | 000,154,140 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msawt.dll
[2013/01/22 00:28:23 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msaatext.dll
[2013/01/22 00:28:23 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaatext.dll
[2013/01/22 00:28:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll
[2013/01/22 00:28:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013/01/22 00:28:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msaudite.dll
[2013/01/22 00:28:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaudite.dll
[2013/01/22 00:28:23 | 000,061,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msacm.dll
[2013/01/22 00:28:23 | 000,061,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msacm.dll
[2013/01/22 00:28:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpxl32.dll
[2013/01/22 00:28:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpx32r.dll
[2013/01/22 00:28:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscat32.dll
[2013/01/22 00:28:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscat32.dll
[2013/01/22 00:28:23 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msafd.dll
[2013/01/22 00:28:22 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprmsg.dll
[2013/01/22 00:28:22 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprmsg.dll
[2013/01/22 00:28:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprui.dll
[2013/01/22 00:28:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprui.dll
[2013/01/22 00:28:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mrinfo.exe
[2013/01/22 00:28:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2013/01/22 00:28:21 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\moricons.dll
[2013/01/22 00:28:21 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013/01/22 00:28:21 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2013/01/22 00:28:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprddm.dll
[2013/01/22 00:28:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprddm.dll
[2013/01/22 00:28:21 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpnotify.exe
[2013/01/22 00:28:21 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2013/01/22 00:28:21 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\more.com
[2013/01/22 00:28:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mountvol.exe
[2013/01/22 00:28:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2013/01/22 00:28:21 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2013/01/22 00:28:21 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mouse.drv
[2013/01/22 00:28:21 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2013/01/22 00:28:21 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013/01/22 00:28:20 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modemui.dll
[2013/01/22 00:28:20 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmutilse.dll
[2013/01/22 00:28:20 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmutilse.dll
[2013/01/22 00:28:20 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmsystem.dll
[2013/01/22 00:28:20 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2013/01/22 00:28:20 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013/01/22 00:28:20 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mode.com
[2013/01/22 00:28:20 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modex.dll
[2013/01/22 00:28:20 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modex.dll
[2013/01/22 00:28:20 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modern.fon
[2013/01/22 00:28:20 | 000,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.sys
[2013/01/22 00:28:20 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmtask.tsk
[2013/01/22 00:28:20 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2013/01/22 00:28:20 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013/01/22 00:28:19 | 001,872,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcndmgr.dll
[2013/01/22 00:28:19 | 001,414,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2013/01/22 00:28:19 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcbase.dll
[2013/01/22 00:28:19 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013/01/22 00:28:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmdrv.dll
[2013/01/22 00:28:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmdrv.dll
[2013/01/22 00:28:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_mtf.dll
[2013/01/22 00:28:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_mtf.dll
[2013/01/22 00:28:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_qic.dll
[2013/01/22 00:28:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_qic.dll
[2013/01/22 00:28:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_hp.dll
[2013/01/22 00:28:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_hp.dll
[2013/01/22 00:28:18 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll
[2013/01/22 00:28:18 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll
[2013/01/22 00:28:18 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz_a.exe
[2013/01/22 00:28:18 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migism_a.dll
[2013/01/22 00:28:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mindex.dll
[2013/01/22 00:28:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mindex.dll
[2013/01/22 00:28:18 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013/01/22 00:28:18 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013/01/22 00:28:18 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miglibnt.dll
[2013/01/22 00:28:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe
[2013/01/22 00:28:18 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2013/01/22 00:28:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mimefilt.dll
[2013/01/22 00:28:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mgmtapi.dll
[2013/01/22 00:28:17 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40.dll
[2013/01/22 00:28:17 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2013/01/22 00:28:17 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2013/01/22 00:28:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metal_ss.dll
[2013/01/22 00:28:17 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mf3216.dll
[2013/01/22 00:28:16 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdminst.dll
[2013/01/22 00:28:15 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\main.cpl
[2013/01/22 00:28:15 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\main.cpl
[2013/01/22 00:28:15 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapistub.dll
[2013/01/22 00:28:15 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi32.dll
[2013/01/22 00:28:15 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi.drv
[2013/01/22 00:28:15 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2013/01/22 00:28:15 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013/01/22 00:28:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2013/01/22 00:28:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdhcp.dll
[2013/01/22 00:28:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdhcp.dll
[2013/01/22 00:28:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.drv
[2013/01/22 00:28:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2013/01/22 00:28:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013/01/22 00:28:15 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.drv
[2013/01/22 00:28:15 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2013/01/22 00:28:15 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013/01/22 00:28:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.dll
[2013/01/22 00:28:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.dll
[2013/01/22 00:28:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcicda.dll
[2013/01/22 00:28:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcicda.dll
[2013/01/22 00:28:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcastmib.dll
[2013/01/22 00:28:15 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcdsrv32.dll
[2013/01/22 00:28:15 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcdsrv32.dll
[2013/01/22 00:28:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcd32.dll
[2013/01/22 00:28:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcd32.dll
[2013/01/22 00:28:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciole16.dll
[2013/01/22 00:28:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciole16.dll
[2013/01/22 00:28:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciole32.dll
[2013/01/22 00:28:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciole32.dll
[2013/01/22 00:28:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys
[2013/01/22 00:28:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcd.sys
[2013/01/22 00:28:15 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mchgrcoi.dll
[2013/01/22 00:28:15 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mchgrcoi.dll
[2013/01/22 00:28:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2013/01/22 00:28:14 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lzexpand.dll
[2013/01/22 00:28:14 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2013/01/22 00:28:14 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013/01/22 00:28:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mag_hook.dll
[2013/01/22 00:28:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mag_hook.dll
[2013/01/22 00:28:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lz32.dll
[2013/01/22 00:28:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lz32.dll
[2013/01/22 00:28:13 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licdll.dll
[2013/01/22 00:28:13 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localsec.dll
[2013/01/22 00:28:13 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2013/01/22 00:28:13 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\loadperf.dll
[2013/01/22 00:28:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013/01/22 00:28:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\loghours.dll
[2013/01/22 00:28:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loghours.dll
[2013/01/22 00:28:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/01/22 00:28:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lights.exe
[2013/01/22 00:28:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2013/01/22 00:28:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lnkstub.exe
[2013/01/22 00:28:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2013/01/22 00:28:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013/01/22 00:28:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013/01/22 00:28:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localui.dll
[2013/01/22 00:28:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lprhelp.dll
[2013/01/22 00:28:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lprmonui.dll
[2013/01/22 00:28:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmonui.dll
[2013/01/22 00:28:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lpr.exe
[2013/01/22 00:28:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpr.exe
[2013/01/22 00:28:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lpq.exe
[2013/01/22 00:28:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpq.exe
[2013/01/22 00:28:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lodctr.exe
[2013/01/22 00:28:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2013/01/22 00:28:12 | 000,221,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lanman.drv
[2013/01/22 00:28:12 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\langwrbk.dll
[2013/01/22 00:28:12 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\langwrbk.dll
[2013/01/22 00:27:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\label.exe
[2013/01/22 00:27:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\label.exe
[2013/01/22 00:27:24 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\keymgr.dll
[2013/01/22 00:27:24 | 000,092,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\krnl386.exe
[2013/01/22 00:27:24 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013/01/22 00:27:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013/01/22 00:27:24 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kd1394.dll
[2013/01/22 00:27:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013/01/22 00:27:24 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kdcom.dll
[2013/01/22 00:27:24 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdcom.dll
[2013/01/22 00:27:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmac.dll
[2013/01/22 00:27:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmac.dll
[2013/01/22 00:27:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfo.dll
[2013/01/22 00:27:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfo.dll
[2013/01/22 00:27:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013/01/22 00:27:24 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\keyboard.drv
[2013/01/22 00:27:24 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2013/01/22 00:27:24 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013/01/22 00:27:23 | 000,404,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javart.dll
[2013/01/22 00:27:23 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jet500.dll
[2013/01/22 00:27:23 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jet500.dll
[2013/01/22 00:27:23 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iuengine.dll
[2013/01/22 00:27:23 | 000,186,911 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javacypt.dll
[2013/01/22 00:27:23 | 000,172,060 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jview.exe
[2013/01/22 00:27:23 | 000,171,034 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jit.dll
[2013/01/22 00:27:23 | 000,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\jgdw400.dll
[2013/01/22 00:27:23 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2013/01/22 00:27:23 | 000,065,536 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgsh400.dll
[2013/01/22 00:27:23 | 000,065,536 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\dllcache\jgsh400.dll
[2013/01/22 00:27:23 | 000,063,007 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaprxy.dll
[2013/01/22 00:27:23 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ixsso.dll
[2013/01/22 00:27:23 | 000,047,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jobexec.dll
[2013/01/22 00:27:23 | 000,047,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jobexec.dll
[2013/01/22 00:27:23 | 000,045,568 | ---- | C] (America Online) -- C:\WINDOWS\System32\jgsd400.dll
[2013/01/22 00:27:23 | 000,045,568 | ---- | C] (America Online) -- C:\WINDOWS\System32\dllcache\jgsd400.dll
[2013/01/22 00:27:23 | 000,044,544 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgaw400.dll
[2013/01/22 00:27:23 | 000,044,544 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\dllcache\jgaw400.dll
[2013/01/22 00:27:23 | 000,035,840 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgmd400.dll
[2013/01/22 00:27:23 | 000,035,840 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\dllcache\jgmd400.dll
[2013/01/22 00:27:23 | 000,027,648 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgpl400.dll
[2013/01/22 00:27:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/01/22 00:27:23 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013/01/22 00:27:23 | 000,014,878 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jdbgmgr.exe
[2013/01/22 00:27:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcan.dll
[2013/01/22 00:27:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcan.dll
[2013/01/22 00:27:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbene.dll
[2013/01/22 00:27:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbene.dll
[2013/01/22 00:27:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013/01/22 00:27:22 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsmsnap.dll
[2013/01/22 00:27:22 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsecsnp.dll
[2013/01/22 00:27:22 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ippromon.dll
[2013/01/22 00:27:22 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtrmgr.dll
[2013/01/22 00:27:22 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\itircl.dll
[2013/01/22 00:27:22 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxmontr.dll
[2013/01/22 00:27:22 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxmontr.dll
[2013/01/22 00:27:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013/01/22 00:27:22 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxpromn.dll
[2013/01/22 00:27:22 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxpromn.dll
[2013/01/22 00:27:22 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxsap.dll
[2013/01/22 00:27:22 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6mon.dll
[2013/01/22 00:27:22 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2013/01/22 00:27:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsec6.exe
[2013/01/22 00:27:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec6.exe
[2013/01/22 00:27:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxrtmgr.dll
[2013/01/22 00:27:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxrtmgr.dll
[2013/01/22 00:27:22 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013/01/22 00:27:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2013/01/22 00:27:22 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxwan.dll
[2013/01/22 00:27:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxrip.dll
[2013/01/22 00:27:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxrip.dll
[2013/01/22 00:27:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013/01/22 00:27:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013/01/22 00:27:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013/01/22 00:27:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtprio.dll
[2013/01/22 00:27:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprtprio.dll
[2013/01/22 00:27:22 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprop.dll
[2013/01/22 00:27:22 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprop.dll
[2013/01/22 00:27:21 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infosoft.dll
[2013/01/22 00:27:21 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infosoft.dll
[2013/01/22 00:27:21 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipmontr.dll
[2013/01/22 00:27:21 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\initpki.dll
[2013/01/22 00:27:21 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\intl.cpl
[2013/01/22 00:27:21 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\input.dll
[2013/01/22 00:27:21 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[2013/01/22 00:27:21 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2013/01/22 00:27:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013/01/22 00:27:21 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipfltdrv.sys
[2013/01/22 00:27:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetmib1.dll
[2013/01/22 00:27:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iologmsg.dll
[2013/01/22 00:27:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iologmsg.dll
[2013/01/22 00:27:21 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetppui.dll
[2013/01/22 00:27:20 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/01/22 00:27:20 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013/01/22 00:27:20 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcplc.dll
[2013/01/22 00:27:20 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcplc.dll
[2013/01/22 00:27:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013/01/22 00:27:20 | 000,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imeshare.dll
[2013/01/22 00:27:20 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imgutil.dll
[2013/01/22 00:27:19 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/01/22 00:27:19 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icm32.dll
[2013/01/22 00:27:19 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[2013/01/22 00:27:19 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/01/22 00:27:19 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/01/22 00:27:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakui.dll
[2013/01/22 00:27:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2013/01/22 00:27:19 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ifmon.dll
[2013/01/22 00:27:19 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
[2013/01/22 00:27:19 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\idq.dll
[2013/01/22 00:27:19 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2013/01/22 00:27:19 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2013/01/22 00:27:19 | 000,080,384 | ---- | C] (Radius Inc.) -- C:\WINDOWS\System32\iccvid.dll
[2013/01/22 00:27:19 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2013/01/22 00:27:19 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013/01/22 00:27:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[2013/01/22 00:27:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ifsutil.dll
[2013/01/22 00:27:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ifsutil.dll
[2013/01/22 00:27:19 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013/01/22 00:27:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2013/01/22 00:27:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iassvcs.dll
[2013/01/22 00:27:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iassvcs.dll
[2013/01/22 00:27:19 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
[2013/01/22 00:27:19 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icmui.dll
[2013/01/22 00:27:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013/01/22 00:27:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013/01/22 00:27:19 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\igmpagnt.dll
[2013/01/22 00:27:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icmp.dll
[2013/01/22 00:27:18 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2013/01/22 00:27:18 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013/01/22 00:27:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iassdo.dll
[2013/01/22 00:27:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iassdo.dll
[2013/01/22 00:27:18 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasrecst.dll
[2013/01/22 00:27:18 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasrecst.dll
[2013/01/22 00:27:18 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasrad.dll
[2013/01/22 00:27:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iassam.dll
[2013/01/22 00:27:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iassam.dll
[2013/01/22 00:27:18 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasnap.dll
[2013/01/22 00:27:18 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasnap.dll
[2013/01/22 00:27:18 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2013/01/22 00:27:18 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013/01/22 00:27:18 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2013/01/22 00:27:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\htui.dll
[2013/01/22 00:27:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasads.dll
[2013/01/22 00:27:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasads.dll
[2013/01/22 00:27:18 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iashlpr.dll
[2013/01/22 00:27:18 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iashlpr.dll
[2013/01/22 00:27:18 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasacct.dll
[2013/01/22 00:27:18 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasacct.dll
[2013/01/22 00:27:18 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iaspolcy.dll
[2013/01/22 00:27:18 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iaspolcy.dll
[2013/01/22 00:27:18 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2013/01/22 00:27:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\home_ss.dll
[2013/01/22 00:27:17 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hnetcfg.dll
[2013/01/22 00:27:17 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetwiz.dll
[2013/01/22 00:27:17 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hotplug.dll
[2013/01/22 00:27:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hlink.dll
[2013/01/22 00:27:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2013/01/22 00:27:17 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys
[2013/01/22 00:27:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetmon.dll
[2013/01/22 00:27:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hnetmon.dll
[2013/01/22 00:27:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hostname.exe
[2013/01/22 00:27:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostname.exe
[2013/01/22 00:27:16 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hdwwiz.cpl
[2013/01/22 00:27:16 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013/01/22 00:27:16 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhctrlui.dll
[2013/01/22 00:27:16 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhsetup.dll
[2013/01/22 00:27:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2013/01/22 00:27:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2013/01/22 00:27:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013/01/22 00:27:15 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323msp.dll
[2013/01/22 00:27:15 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpkcsp.dll
[2013/01/22 00:27:15 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpkcsp.dll
[2013/01/22 00:27:15 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\guitrn_a.dll
[2013/01/22 00:27:15 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2013/01/22 00:27:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\graftabl.com
[2013/01/22 00:27:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpkrsrc.dll
[2013/01/22 00:27:13 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013/01/22 00:27:13 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013/01/22 00:27:13 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\glmf32.dll
[2013/01/22 00:27:13 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\glmf32.dll
[2013/01/22 00:27:13 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\glu32.dll
[2013/01/22 00:27:12 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll
[2013/01/22 00:27:12 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll
[2013/01/22 00:27:12 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll
[2013/01/22 00:27:12 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll
[2013/01/22 00:27:12 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll
[2013/01/22 00:27:12 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll
[2013/01/22 00:27:12 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2013/01/22 00:27:12 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll
[2013/01/22 00:27:12 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftsrch.dll
[2013/01/22 00:27:12 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftsrch.dll
[2013/01/22 00:27:12 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll
[2013/01/22 00:27:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2013/01/22 00:27:12 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2013/01/22 00:27:12 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013/01/22 00:27:12 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2013/01/22 00:27:12 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013/01/22 00:27:12 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsusd.dll
[2013/01/22 00:27:12 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsusd.dll
[2013/01/22 00:27:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gcdef.dll
[2013/01/22 00:27:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll
[2013/01/22 00:27:12 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll
[2013/01/22 00:27:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsutil.exe
[2013/01/22 00:27:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsutil.exe
[2013/01/22 00:27:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll
[2013/01/22 00:27:12 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013/01/22 00:27:12 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2013/01/22 00:27:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2013/01/22 00:27:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013/01/22 00:27:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll
[2013/01/22 00:27:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdi.exe
[2013/01/22 00:27:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi.exe
[2013/01/22 00:27:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll
[2013/01/22 00:27:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll
[2013/01/22 00:27:12 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2013/01/22 00:27:12 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013/01/22 00:27:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll
[2013/01/22 00:27:12 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fs_rec.sys
[2013/01/22 00:27:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll
[2013/01/22 00:27:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013/01/22 00:27:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsconins.dll
[2013/01/22 00:27:11 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013/01/22 00:27:11 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013/01/22 00:27:11 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\framebuf.dll
[2013/01/22 00:27:10 | 001,033,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2013/01/22 00:27:10 | 000,380,445 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\expsrv.dll
[2013/01/22 00:27:10 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\filemgmt.dll
[2013/01/22 00:27:10 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fldrclnr.dll
[2013/01/22 00:27:10 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2013/01/22 00:27:10 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faultrep.dll
[2013/01/22 00:27:10 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2013/01/22 00:27:10 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2013/01/22 00:27:10 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2013/01/22 00:27:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\feclient.dll
[2013/01/22 00:27:10 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2013/01/22 00:27:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fmifs.dll
[2013/01/22 00:27:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fmifs.dll
[2013/01/22 00:27:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013/01/22 00:27:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fc.exe
[2013/01/22 00:27:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fc.exe
[2013/01/22 00:27:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\finger.exe
[2013/01/22 00:27:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\finger.exe
[2013/01/22 00:27:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\find.exe
[2013/01/22 00:27:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\find.exe
[2013/01/22 00:27:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2013/01/22 00:27:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fixmapi.exe
[2013/01/22 00:27:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fixmapi.exe
[2013/01/22 00:27:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcls.dll
[2013/01/22 00:27:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventcls.dll
[2013/01/22 00:27:09 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventvwr.exe
[2013/01/22 00:27:09 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventvwr.exe
[2013/01/22 00:27:08 | 001,114,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent97.dll
[2013/01/22 00:27:08 | 001,114,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esent97.dll
[2013/01/22 00:27:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2013/01/22 00:27:08 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\els.dll
[2013/01/22 00:27:08 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013/01/22 00:27:08 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2013/01/22 00:27:08 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013/01/22 00:27:08 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013/01/22 00:27:08 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esentutl.exe
[2013/01/22 00:27:08 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentutl.exe
[2013/01/22 00:27:08 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013/01/22 00:27:08 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013/01/22 00:27:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esentprf.dll
[2013/01/22 00:27:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentprf.dll
[2013/01/22 00:27:07 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013/01/22 00:27:07 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2013/01/22 00:27:07 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2013/01/22 00:27:06 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx3j.dll
[2013/01/22 00:27:06 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\duser.dll
[2013/01/22 00:27:06 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2013/01/22 00:27:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprop.dll
[2013/01/22 00:27:06 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013/01/22 00:27:06 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2013/01/22 00:27:06 | 000,055,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwil1033.dll
[2013/01/22 00:27:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2013/01/22 00:27:06 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys
[2013/01/22 00:27:06 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys
[2013/01/22 00:27:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2013/01/22 00:27:06 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys
[2013/01/22 00:27:06 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxgthk.sys
[2013/01/22 00:27:05 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dskquota.dll
[2013/01/22 00:27:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsauth.dll
[2013/01/22 00:27:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsauth.dll
[2013/01/22 00:27:05 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drwtsn32.exe
[2013/01/22 00:27:05 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwtsn32.exe
[2013/01/22 00:27:05 | 000,028,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drwatson.exe
[2013/01/22 00:27:05 | 000,028,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwatson.exe
[2013/01/22 00:27:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ds32gt.dll
[2013/01/22 00:27:05 | 000,004,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ds16gt.dLL
[2013/01/22 00:27:05 | 000,004,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ds16gt.dll
[2013/01/22 00:26:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/01/22 00:26:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/01/22 00:26:30 | 000,042,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsock.dll
[2013/01/22 00:26:30 | 000,042,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsock.dll
[2013/01/22 00:26:29 | 000,330,752 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmconfig.dll
[2013/01/22 00:26:29 | 000,330,752 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmconfig.dll
[2013/01/22 00:26:29 | 000,285,184 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdlgs.dll
[2013/01/22 00:26:29 | 000,200,704 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdskmgr.dll
[2013/01/22 00:26:29 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2013/01/22 00:26:29 | 000,118,784 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdskres.dll
[2013/01/22 00:26:29 | 000,118,784 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdskres.dll
[2013/01/22 00:26:29 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpcdll.dll
[2013/01/22 00:26:29 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnmodem.dll
[2013/01/22 00:26:29 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnmodem.dll
[2013/01/22 00:26:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnwsock.dll
[2013/01/22 00:26:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnwsock.dll
[2013/01/22 00:26:29 | 000,061,440 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmview.ocx
[2013/01/22 00:26:29 | 000,061,440 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmview.ocx
[2013/01/22 00:26:29 | 000,053,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpserial.dll
[2013/01/22 00:26:29 | 000,053,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpserial.dll
[2013/01/22 00:26:29 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\docprop.dll
[2013/01/22 00:26:29 | 000,036,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dosapp.fon
[2013/01/22 00:26:29 | 000,033,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplay.dll
[2013/01/22 00:26:29 | 000,033,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplay.dll
[2013/01/22 00:26:29 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmocx.dll
[2013/01/22 00:26:29 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmocx.dll
[2013/01/22 00:26:29 | 000,018,432 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmintf.dll
[2013/01/22 00:26:29 | 000,018,432 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmintf.dll
[2013/01/22 00:26:29 | 000,015,872 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2013/01/22 00:26:29 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\doskey.exe
[2013/01/22 00:26:29 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\doskey.exe
[2013/01/22 00:26:29 | 000,005,888 | ---- | C] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\System32\dllcache\dmload.sys
[2013/01/22 00:26:28 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2013/01/22 00:26:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhst3g.exe
[2013/01/22 00:26:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhst3g.exe
[2013/01/22 00:26:27 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2013/01/22 00:26:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2013/01/22 00:26:27 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2013/01/22 00:26:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dispex.dll
[2013/01/22 00:26:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskperf.exe
[2013/01/22 00:26:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskperf.exe
[2013/01/22 00:26:27 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys
[2013/01/22 00:26:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskcomp.com
[2013/01/22 00:26:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskcopy.com
[2013/01/22 00:26:26 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll
[2013/01/22 00:26:26 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diactfrm.dll
[2013/01/22 00:26:26 | 000,379,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpmon.dll
[2013/01/22 00:26:26 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devmgr.dll
[2013/01/22 00:26:26 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2013/01/22 00:26:26 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013/01/22 00:26:26 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\desk.cpl
[2013/01/22 00:26:26 | 000,124,416 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgui.dll
[2013/01/22 00:26:26 | 000,111,104 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dgnet.dll
[2013/01/22 00:26:26 | 000,105,472 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2013/01/22 00:26:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2013/01/22 00:26:26 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2013/01/22 00:26:26 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013/01/22 00:26:26 | 000,082,944 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2013/01/22 00:26:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpsapi.dll
[2013/01/22 00:26:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpsapi.dll
[2013/01/22 00:26:26 | 000,051,200 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgres.dll
[2013/01/22 00:26:26 | 000,051,200 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgres.dll
[2013/01/22 00:26:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll
[2013/01/22 00:26:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimap.dll
[2013/01/22 00:26:26 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeml.dll
[2013/01/22 00:26:26 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeml.dll
[2013/01/22 00:26:26 | 000,039,424 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgsnap.dll
[2013/01/22 00:26:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2013/01/22 00:26:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnmpntw.dll
[2013/01/22 00:26:26 | 000,025,088 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2013/01/22 00:26:26 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\deskperf.dll
[2013/01/22 00:26:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\deskmon.dll
[2013/01/22 00:26:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\deskadp.dll
[2013/01/22 00:26:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dciman32.dll
[2013/01/22 00:26:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013/01/22 00:26:25 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\datime.dll
[2013/01/22 00:26:25 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\daxctle.ocx
[2013/01/22 00:26:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnetlib.dll
[2013/01/22 00:26:25 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dataclen.dll
[2013/01/22 00:26:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsvinn.dLL
[2013/01/22 00:26:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsrpcn.dll
[2013/01/22 00:26:25 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsadsn.dll
[2013/01/22 00:26:24 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll
[2013/01/22 00:26:24 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2013/01/22 00:26:24 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dramp.dll
[2013/01/22 00:26:24 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll
[2013/01/22 00:26:24 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim.dll
[2013/01/22 00:26:24 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll
[2013/01/22 00:26:24 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3drm.dll
[2013/01/22 00:26:24 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll
[2013/01/22 00:26:24 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dxof.dll
[2013/01/22 00:26:24 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll
[2013/01/22 00:26:24 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dpmesh.dll
[2013/01/22 00:26:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013/01/22 00:26:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013/01/22 00:26:23 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csseqchk.dll
[2013/01/22 00:26:23 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csseqchk.dll
[2013/01/22 00:26:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2013/01/22 00:26:23 | 000,027,200 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ctl3dv2.dll
[2013/01/22 00:26:23 | 000,027,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctl3dv2.dll
[2013/01/22 00:26:23 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctl3d32.dll
[2013/01/22 00:26:23 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ctl3d32.dll
[2013/01/22 00:26:22 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2013/01/22 00:26:22 | 000,149,019 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crtdll.dll
[2013/01/22 00:26:22 | 000,149,019 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\crtdll.dll
[2013/01/22 00:26:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2013/01/22 00:26:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdlg.dll
[2013/01/22 00:26:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013/01/22 00:26:21 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013/01/22 00:26:21 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\confmsp.dll
[2013/01/22 00:26:21 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\console.dll
[2013/01/22 00:26:21 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\console.dll
[2013/01/22 00:26:21 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2013/01/22 00:26:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2013/01/22 00:26:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convert.exe
[2013/01/22 00:26:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\convert.exe
[2013/01/22 00:26:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\control.exe
[2013/01/22 00:26:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\control.exe
[2013/01/22 00:26:20 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\compstui.dll
[2013/01/22 00:26:20 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013/01/22 00:26:20 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013/01/22 00:26:20 | 000,030,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compobj.dll
[2013/01/22 00:26:20 | 000,030,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\compobj.dll
[2013/01/22 00:26:16 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2013/01/22 00:26:16 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\commdlg.dll
[2013/01/22 00:26:16 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013/01/22 00:26:16 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compact.exe
[2013/01/22 00:26:16 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\compact.exe
[2013/01/22 00:26:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2013/01/22 00:26:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comp.exe
[2013/01/22 00:26:16 | 000,010,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comm.drv
[2013/01/22 00:26:15 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2013/01/22 00:26:15 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2013/01/22 00:26:15 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdial32.dll
[2013/01/22 00:26:15 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2013/01/22 00:26:15 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013/01/22 00:26:15 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013/01/22 00:26:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.dll
[2013/01/22 00:26:15 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2013/01/22 00:26:15 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2013/01/22 00:26:15 | 000,049,182 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clspack.exe
[2013/01/22 00:26:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2013/01/22 00:26:15 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmutil.dll
[2013/01/22 00:26:15 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnetcfg.dll
[2013/01/22 00:26:15 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cnetcfg.dll
[2013/01/22 00:26:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013/01/22 00:26:15 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnvfat.dll
[2013/01/22 00:26:15 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cnvfat.dll
[2013/01/22 00:26:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2013/01/22 00:26:15 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.rll
[2013/01/22 00:26:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2013/01/22 00:26:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmcfg32.dll
[2013/01/22 00:26:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmpbk32.dll
[2013/01/22 00:26:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmpbk32.dll
[2013/01/22 00:26:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comcat.dll
[2013/01/22 00:26:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comcat.dll
[2013/01/22 00:26:14 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\class_ss.dll
[2013/01/22 00:26:14 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013/01/22 00:26:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ciodm.dll
[2013/01/22 00:26:14 | 000,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys
[2013/01/22 00:26:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clb.dll
[2013/01/22 00:26:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clb.dll
[2013/01/22 00:26:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ckcnv.exe
[2013/01/22 00:26:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ckcnv.exe
[2013/01/22 00:26:13 | 002,091,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdosys.dll
[2013/01/22 00:26:13 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2013/01/22 00:26:13 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certmgr.dll
[2013/01/22 00:26:13 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ciadmin.dll
[2013/01/22 00:26:13 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ciadmin.dll
[2013/01/22 00:26:13 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cic.dll
[2013/01/22 00:26:13 | 000,097,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2013/01/22 00:26:13 | 000,097,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2013/01/22 00:26:13 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013/01/22 00:26:13 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013/01/22 00:26:13 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2013/01/22 00:26:13 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2013/01/22 00:26:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013/01/22 00:26:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013/01/22 00:26:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013/01/22 00:26:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013/01/22 00:26:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013/01/22 00:26:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013/01/22 00:26:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkdsk.exe
[2013/01/22 00:26:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chkdsk.exe
[2013/01/22 00:26:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkntfs.exe
[2013/01/22 00:26:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chkntfs.exe
[2013/01/22 00:26:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013/01/22 00:26:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cidaemon.exe
[2013/01/22 00:26:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chcp.com
[2013/01/22 00:26:12 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cards.dll
[2013/01/22 00:26:12 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cards.dll
[2013/01/22 00:26:12 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capesnpn.dll
[2013/01/22 00:26:12 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013/01/22 00:26:12 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013/01/22 00:26:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013/01/22 00:26:12 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browsewm.dll
[2013/01/22 00:26:12 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/01/22 00:26:12 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\camocx.dll
[2013/01/22 00:26:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccfgnt.dll
[2013/01/22 00:26:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ccfgnt.dll
[2013/01/22 00:26:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013/01/22 00:26:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2013/01/22 00:26:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2013/01/22 00:26:11 | 000,361,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blue_ss.dll
[2013/01/22 00:26:11 | 000,152,576 | ---- | C] (Microsoft Corporation; Microsoft Research) -- C:\WINDOWS\System32\dllcache\bnts.dll
[2013/01/22 00:26:11 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browselc.dll
[2013/01/22 00:26:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvid.dll
[2013/01/22 00:26:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvid.dll
[2013/01/22 00:26:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvrfy.exe
[2013/01/22 00:26:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvrfy.exe
[2013/01/22 00:26:11 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootok.exe
[2013/01/22 00:26:11 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootok.exe
[2013/01/22 00:26:10 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2013/01/22 00:26:10 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013/01/22 00:26:10 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013/01/22 00:26:10 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2013/01/22 00:26:10 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avifile.dll
[2013/01/22 00:26:10 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013/01/22 00:26:10 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2013/01/22 00:26:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013/01/22 00:26:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013/01/22 00:26:10 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2013/01/22 00:26:10 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avicap.dll
[2013/01/22 00:26:10 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013/01/22 00:26:10 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap32.dll
[2013/01/22 00:26:10 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avicap32.dll
[2013/01/22 00:26:10 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\basesrv.dll
[2013/01/22 00:26:10 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2013/01/22 00:26:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bidispl.dll
[2013/01/22 00:26:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013/01/22 00:26:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013/01/22 00:26:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autolfn.exe
[2013/01/22 00:26:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013/01/22 00:26:10 | 000,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\beep.sys
[2013/01/22 00:26:09 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autoconv.exe
[2013/01/22 00:26:09 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys
[2013/01/22 00:26:09 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmuni.sys
[2013/01/22 00:26:09 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2013/01/22 00:26:09 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autodisc.dll
[2013/01/22 00:26:09 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autodisc.dll
[2013/01/22 00:26:09 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys
[2013/01/22 00:26:09 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmpvcno.dll
[2013/01/22 00:26:09 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atmpvcno.dll
[2013/01/22 00:26:09 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys
[2013/01/22 00:26:09 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmepvc.sys
[2013/01/22 00:26:09 | 000,030,208 | ---- | C] (Adobe Systems) -- C:\WINDOWS\System32\atmlib.dll
[2013/01/22 00:26:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atkctrs.dll
[2013/01/22 00:26:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atkctrs.dll
[2013/01/22 00:26:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2013/01/22 00:26:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013/01/22 00:26:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013/01/22 00:26:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2013/01/22 00:26:08 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asycfilt.dll
[2013/01/22 00:26:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2013/01/22 00:26:01 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asctrls.ocx
[2013/01/22 00:26:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\arp.exe
[2013/01/22 00:26:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\arp.exe
[2013/01/22 00:25:59 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appwiz.cpl
[2013/01/22 00:25:59 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apcups.dll
[2013/01/22 00:25:59 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\apcups.dll
[2013/01/22 00:25:59 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2013/01/22 00:25:58 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnt.dll
[2013/01/22 00:25:58 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldp.dll
[2013/01/22 00:25:58 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2013/01/22 00:25:58 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\activeds.tlb
[2013/01/22 00:25:58 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\activeds.tlb
[2013/01/22 00:25:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\admparse.dll
[2013/01/22 00:25:58 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsmsext.dll
[2013/01/22 00:25:58 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adptif.dll
[2013/01/22 00:25:58 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adptif.dll
[2013/01/22 00:25:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2013/01/22 00:25:57 | 001,852,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acgenral.dll
[2013/01/22 00:25:57 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013/01/22 00:25:57 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acledit.dll
[2013/01/22 00:25:57 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acledit.dll
[2013/01/22 00:25:57 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aclui.dll
[2013/01/22 00:25:57 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013/01/22 00:25:57 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013/01/22 00:25:57 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013/01/22 00:25:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaaamon.dll
[2013/01/22 00:25:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaaamon.dll
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2013/01/22 00:08:27 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/01/22 00:08:27 | 000,074,248 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/01/21 23:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\UserData
[2013/01/21 23:37:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2013/01/21 23:36:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/01/21 23:35:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013/01/21 23:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/01/21 23:31:25 | 001,675,264 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2013/01/21 23:31:25 | 001,630,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2013/01/21 23:31:25 | 000,106,496 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgspl.ax
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2013/01/21 23:31:25 | 000,049,152 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\cpuinf32.dll
[2013/01/21 23:31:25 | 000,047,104 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2013/01/21 23:31:25 | 000,009,856 | ---- | C] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys
[2013/01/21 23:31:24 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2013/01/21 23:31:24 | 001,150,976 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2013/01/21 23:31:24 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2013/01/21 23:30:54 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2013/01/21 23:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Encarta Online
[2013/01/21 23:29:48 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013/01/21 23:29:48 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2013/01/21 23:29:48 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013/01/21 23:29:48 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2013/01/21 23:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Multimedia Card Reader
[2013/01/21 23:29:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/28 13:10:23 | 000,001,394 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/28 13:09:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/28 13:09:38 | 1542,901,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/27 23:25:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/27 23:18:43 | 000,000,830 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/27 23:05:44 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2013/01/27 13:34:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2013/01/27 10:36:55 | 000,444,602 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/01/27 10:17:45 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2013/01/27 08:19:13 | 000,423,410 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/27 08:19:12 | 000,062,442 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/26 23:31:57 | 000,821,248 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FreeISOBurner.exe
[2013/01/26 22:28:15 | 077,890,624 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\msert.exe
[2013/01/26 11:44:31 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/26 11:13:38 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:36 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/25 15:00:23 | 000,026,911 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:34 | 000,140,608 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 20:19:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130127-103655.backup
[2013/01/24 20:07:26 | 005,026,656 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/24 13:45:12 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:40 | 004,009,167 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:48 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 01:13:15 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/24 00:15:51 | 000,000,368 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:07:48 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:54:11 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/23 22:23:23 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 16:04:13 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 13:30:48 | 001,531,090 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/23 13:24:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:30:10 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 12:08:06 | 002,053,105 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 12:07:54 | 001,653,739 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 09:47:36 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 08:51:30 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/01/23 08:51:28 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/01/23 02:00:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 23:19:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/22 13:04:53 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:40:36 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/22 08:13:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/01/22 08:13:07 | 000,001,079 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2013/01/22 08:13:07 | 000,000,258 | ---- | M] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 08:08:31 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/22 01:38:32 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:09:59 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/22 00:29:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/01/22 00:29:38 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2013/01/21 23:36:28 | 000,001,865 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | M] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:32:38 | 000,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/01/21 23:27:45 | 000,000,196 | RHS- | M] () -- C:\BOOT.BAK
[2013/01/06 00:34:35 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/27 23:05:44 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2013/01/27 10:17:45 | 000,000,944 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2013/01/27 09:32:05 | 000,165,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-4098188977-3005115923-3956672664-1003-0.dat
[2013/01/26 23:53:32 | 000,165,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/01/26 23:31:56 | 000,821,248 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FreeISOBurner.exe
[2013/01/26 13:44:45 | 000,000,830 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/26 11:13:38 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:33 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/25 20:38:23 | 1542,901,760 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/25 15:04:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/25 15:00:23 | 000,026,911 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:39 | 000,140,608 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 13:45:10 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:25 | 004,009,167 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:47 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 00:30:04 | 001,531,090 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/24 00:15:51 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:10:54 | 002,053,105 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 23:10:38 | 001,653,739 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 23:06:55 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:49:36 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/01/23 22:49:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/01/23 22:49:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/01/23 22:49:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/01/23 22:49:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/01/23 16:04:12 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 12:30:09 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:30:06 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/22 23:25:38 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/22 23:25:37 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 09:54:00 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/22 08:13:07 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 01:38:32 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/01/22 01:20:27 | 000,001,394 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/22 01:09:59 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:31 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2013/01/22 00:40:29 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2013/01/22 00:40:25 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2013/01/22 00:33:36 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/01/22 00:33:36 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/01/22 00:33:36 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/01/22 00:33:36 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/01/22 00:33:36 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/01/22 00:33:36 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/01/22 00:33:36 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/01/22 00:33:35 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/01/22 00:33:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/01/22 00:33:35 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/01/22 00:33:35 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/01/22 00:33:35 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/01/22 00:33:35 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/01/22 00:33:35 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/01/22 00:33:35 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/01/22 00:33:35 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/01/22 00:33:35 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/01/22 00:33:35 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/01/22 00:33:35 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/01/22 00:33:35 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/01/22 00:33:35 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/01/22 00:33:35 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/01/22 00:33:35 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/01/22 00:33:34 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/01/22 00:33:34 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/01/22 00:33:34 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/01/22 00:33:34 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/01/22 00:33:34 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/01/22 00:33:34 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/01/22 00:33:34 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/01/22 00:33:34 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/01/22 00:33:34 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/01/22 00:33:34 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/01/22 00:33:34 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/01/22 00:33:34 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/01/22 00:33:34 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/01/22 00:33:34 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/01/22 00:33:34 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/01/22 00:33:34 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/01/22 00:33:34 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/01/22 00:33:34 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/01/22 00:33:34 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/01/22 00:33:34 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/01/22 00:33:34 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/01/22 00:33:34 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/01/22 00:33:34 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/01/22 00:33:34 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/01/22 00:33:34 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/01/22 00:33:34 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/01/22 00:33:34 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/01/22 00:33:34 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/01/22 00:33:34 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/01/22 00:33:34 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/01/22 00:33:34 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/01/22 00:33:33 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/01/22 00:33:33 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/01/22 00:33:33 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/01/22 00:33:33 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/01/22 00:33:33 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/01/22 00:33:33 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/01/22 00:33:33 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/01/22 00:33:33 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/01/22 00:33:33 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/01/22 00:33:33 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/01/22 00:33:33 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/01/22 00:33:33 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/01/22 00:33:33 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/01/22 00:33:33 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/01/22 00:29:57 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/01/22 00:29:57 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/01/22 00:29:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/01/22 00:29:57 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2013/01/22 00:29:55 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/01/22 00:29:55 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2013/01/22 00:29:50 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/01/22 00:29:41 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2013/01/22 00:29:39 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2013/01/22 00:29:39 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2013/01/22 00:29:38 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2013/01/22 00:29:38 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2013/01/22 00:29:37 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2013/01/22 00:29:37 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2013/01/22 00:29:37 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2013/01/22 00:29:37 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2013/01/22 00:29:37 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2013/01/22 00:29:36 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2013/01/22 00:29:34 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2013/01/22 00:29:34 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/01/22 00:29:31 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2013/01/22 00:29:26 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2013/01/22 00:29:25 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2013/01/22 00:29:25 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2013/01/22 00:29:22 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/01/22 00:29:21 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2013/01/22 00:29:11 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2013/01/22 00:29:10 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2013/01/22 00:29:08 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/01/22 00:29:08 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/01/22 00:29:07 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2013/01/22 00:29:04 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2013/01/22 00:29:02 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2013/01/22 00:28:56 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/01/22 00:28:56 | 000,058,273 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2013/01/22 00:28:56 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/01/22 00:28:55 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2013/01/22 00:28:52 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2013/01/22 00:28:46 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2013/01/22 00:28:43 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2013/01/22 00:28:43 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2013/01/22 00:28:42 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2013/01/22 00:28:42 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2013/01/22 00:28:42 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2013/01/22 00:28:42 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2013/01/22 00:28:41 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/01/22 00:28:40 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2013/01/22 00:28:40 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2013/01/22 00:28:40 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2013/01/22 00:28:40 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2013/01/22 00:28:40 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2013/01/22 00:28:40 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2013/01/22 00:28:40 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2013/01/22 00:28:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2013/01/22 00:28:40 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2013/01/22 00:28:39 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/01/22 00:28:36 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/01/22 00:28:27 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2013/01/22 00:28:24 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2013/01/22 00:28:23 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2013/01/22 00:28:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/01/22 00:28:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2013/01/22 00:28:16 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2013/01/22 00:28:15 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/01/22 00:28:14 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/01/22 00:28:14 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2013/01/22 00:27:24 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2013/01/22 00:27:24 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2013/01/22 00:27:21 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2013/01/22 00:27:18 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/01/22 00:27:18 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/01/22 00:27:17 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2013/01/22 00:27:15 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2013/01/22 00:27:13 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2013/01/22 00:27:12 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2013/01/22 00:27:11 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2013/01/22 00:27:11 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2013/01/22 00:27:10 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2013/01/22 00:27:10 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2013/01/22 00:27:09 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2013/01/22 00:27:09 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2013/01/22 00:27:08 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2013/01/22 00:27:08 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2013/01/22 00:27:08 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2013/01/22 00:27:06 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2013/01/22 00:27:06 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/01/22 00:27:06 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2013/01/22 00:27:05 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2013/01/22 00:26:27 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2013/01/22 00:26:26 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2013/01/22 00:26:26 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2013/01/22 00:26:26 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2013/01/22 00:26:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2013/01/22 00:26:24 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2013/01/22 00:26:21 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2013/01/22 00:26:20 | 000,038,302 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2013/01/22 00:26:15 | 000,082,944 | ---- | C] () -- C:\WINDOWS\clock.avi
[2013/01/22 00:26:15 | 000,071,859 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2013/01/22 00:26:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2013/01/22 00:26:14 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2013/01/22 00:26:13 | 000,042,339 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2013/01/22 00:26:13 | 000,041,762 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2013/01/22 00:26:11 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2013/01/22 00:26:11 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2013/01/22 00:25:59 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2013/01/22 00:25:59 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
[2013/01/21 23:36:43 | 000,000,196 | RHS- | C] () -- C:\BOOT.BAK
[2013/01/21 23:36:35 | 000,245,920 | RHS- | C] () -- C:\cmldr
[2013/01/21 23:36:28 | 000,001,865 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | C] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:31:41 | 000,001,488 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Recovery.lnk
[2013/01/21 23:31:41 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealOne Player.lnk
[2013/01/21 23:31:41 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Help and Support.lnk
[2003/08/23 09:12:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2003/08/23 08:08:30 | 000,012,159 | ---- | C] () -- C:\Documents and Settings\Owner\ml1.srt
[2003/08/23 08:08:30 | 000,011,847 | ---- | C] () -- C:\Documents and Settings\Owner\ml2.srt

========== ZeroAccess Check ==========

[2003/08/23 08:16:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/31 06:33:26 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< >

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: SAMSUNG SV1203N
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Generic USB SD Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -
Interface type: USB
Media Type:
Model: Generic USB CF Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -
Interface type: USB
Media Type:
Model: Generic USB SM Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -
Interface type: USB
Media Type:
Model: Generic USB MS Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 5.00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 107.00GB
Starting Offset: 5689958400
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< C:\Program Files\Microsoft.NET\*.* >

< C:\Program Files\Microsoft.NET\* /s >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2013/01/24 20:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2013/01/22 01:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2003/08/23 07:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Identities
[2003/08/28 22:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\interMute
[2013/01/22 00:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2013/01/22 01:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2013/01/24 20:55:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2013/01/22 01:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2013/01/23 18:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2003/08/23 09:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Real
[2003/08/23 22:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2003/08/23 09:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sonic
[2013/01/22 23:25:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2013/01/22 01:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software

< MD5 for: ATAPI.SYS >
[2002/08/29 04:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2002/08/29 14:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002/08/29 14:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp1.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002/08/29 04:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtUninstallQ331958$\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2002/10/24 15:59:48 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=F1D915C3870E741D83B5142F3B358761 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/04/14 05:42:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/14 05:42:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2002/08/29 04:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=B82CD0AD8B605F64EAD6C46D70A2C993 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2002/08/29 04:00:00 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2002/08/29 04:00:00 | 000,228,352 | ---- | M] (Microsoft Corporation) MD5=18A8BE5A66B93F9C9615F7D4C148EDE2 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\erdnt\cache\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\SoftwareDistribution\Download\ff0686f2f699fa07ed5ad0848fa3055b\sp3gdr\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/14 05:42:02 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/04/14 05:42:02 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\SoftwareDistribution\Download\ff0686f2f699fa07ed5ad0848fa3055b\sp3qfe\mswsock.dll

< MD5 for: NWPROVAU.DLL >
[2008/04/14 05:42:04 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
[2008/04/14 05:42:04 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\nwprovau.dll
[2002/08/29 04:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=4A3D059857FBAFFFEA7997C3839E8803 -- C:\WINDOWS\$NtServicePackUninstall$\nwprovau.dll

< MD5 for: PNRPNSP.DLL >
[2008/04/14 05:42:04 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
[2008/04/14 05:42:04 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\pnrpnsp.dll

< MD5 for: RSVPSP.DLL >
[2008/04/14 05:42:06 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\ServicePackFiles\i386\rsvpsp.dll
[2008/04/14 05:42:06 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\system32\dllcache\rsvpsp.dll
[2008/04/14 05:42:06 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\system32\rsvpsp.dll
[2002/08/29 04:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) MD5=90491683ABD587C702B16F181AB0D99D -- C:\WINDOWS\$NtServicePackUninstall$\rsvpsp.dll

< MD5 for: SERVICES.EXE >
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\services.exe
[2008/04/14 05:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/14 05:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 12:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\services.exe
[2009/02/06 05:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\erdnt\cache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2002/08/29 04:00:00 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=E3DF4A0252D287C44606EE55355E1623 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe

< MD5 for: SVCHOST.EXE >
[2002/08/29 04:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USER32.DLL >
[2008/04/14 05:42:10 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\erdnt\cache\user32.dll
[2008/04/14 05:42:10 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/14 05:42:10 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
[2002/08/29 04:00:00 | 000,560,128 | ---- | M] (Microsoft Corporation) MD5=DD9269230C21EE8FB7FD3FCCC3B1CFCB -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

< MD5 for: USERINIT.EXE >
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
[2002/08/29 04:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2002/08/29 04:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WINRNR.DLL >
[2002/08/29 04:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=54332DB2DC5B851709CD78D2DA22F2FB -- C:\WINDOWS\$NtServicePackUninstall$\winrnr.dll
[2008/04/14 05:42:10 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
[2008/04/14 05:42:10 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\winrnr.dll

< C:\Windows\assembly\tmp\U\*.* /s >

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/01/16 15:11:06 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/01/16 15:11:06 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/01/16 15:11:06 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/10/31 19:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/10/31 19:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/10/31 19:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 04:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/01/16 15:11:06 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/01/16 15:11:06 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/01/16 15:11:06 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/01/16 15:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/10/31 19:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/10/31 19:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/10/31 19:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 04:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %ProgramFiles%\WINDOWS NT\*.* /s >
[2008/04/14 05:42:18 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\dialer.exe
[2002/08/29 04:00:00 | 000,013,312 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\htrn_jis.dll
[2002/08/29 04:00:00 | 000,028,160 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\hypertrm.exe
[2009/11/20 06:14:51 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\mswrd6.wpc
[2010/12/21 07:51:53 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\mswrd8.wpc
[2010/07/12 07:55:03 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\wordpad.exe
[2009/11/20 06:14:50 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\write.wpc
[2002/08/29 04:00:00 | 000,003,947 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\FONT.DAT
[2002/08/29 04:00:00 | 000,928,700 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.DAT
[2008/04/14 05:42:32 | 000,281,088 | ---- | M] (Cinematronics) -- C:\Program Files\WINDOWS NT\Pinball\pinball.exe
[2002/08/29 04:00:00 | 000,108,607 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.MID
[2002/08/29 04:00:00 | 000,028,888 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL2.MID
[2002/08/29 04:00:00 | 000,055,490 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND1.WAV
[2002/08/29 04:00:00 | 000,001,226 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND104.WAV
[2002/08/29 04:00:00 | 000,001,968 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND105.WAV
[2002/08/29 04:00:00 | 000,007,754 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND108.WAV
[2002/08/29 04:00:00 | 000,000,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND111.WAV
[2002/08/29 04:00:00 | 000,000,824 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND112.WAV
[2002/08/29 04:00:00 | 000,004,296 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND12.WAV
[2002/08/29 04:00:00 | 000,008,034 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND13.WAV
[2002/08/29 04:00:00 | 000,001,290 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND131.WAV
[2002/08/29 04:00:00 | 000,019,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND136.WAV
[2002/08/29 04:00:00 | 000,003,002 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND14.WAV
[2002/08/29 04:00:00 | 000,001,046 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND16.WAV
[2002/08/29 04:00:00 | 000,002,090 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND17.WAV
[2002/08/29 04:00:00 | 000,003,986 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND18.WAV
[2002/08/29 04:00:00 | 000,027,472 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND181.WAV
[2002/08/29 04:00:00 | 000,005,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND19.WAV
[2002/08/29 04:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND20.WAV
[2002/08/29 04:00:00 | 000,009,194 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND21.WAV
[2002/08/29 04:00:00 | 000,007,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND22.WAV
[2002/08/29 04:00:00 | 000,012,106 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND24.WAV
[2002/08/29 04:00:00 | 000,014,600 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND240.WAV
[2002/08/29 04:00:00 | 000,020,712 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND243.WAV
[2002/08/29 04:00:00 | 000,025,704 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND25.WAV
[2002/08/29 04:00:00 | 000,007,306 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND26.WAV
[2002/08/29 04:00:00 | 000,020,242 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND27.WAV
[2002/08/29 04:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND28.WAV
[2002/08/29 04:00:00 | 000,010,364 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND29.WAV
[2002/08/29 04:00:00 | 000,022,858 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND3.WAV
[2002/08/29 04:00:00 | 000,022,570 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND30.WAV
[2002/08/29 04:00:00 | 000,001,520 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND34.WAV
[2002/08/29 04:00:00 | 000,019,498 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND35.WAV
[2002/08/29 04:00:00 | 000,033,848 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND36.WAV
[2002/08/29 04:00:00 | 000,013,024 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND38.WAV
[2002/08/29 04:00:00 | 000,028,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND39.WAV
[2002/08/29 04:00:00 | 000,016,626 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND4.WAV
[2002/08/29 04:00:00 | 000,029,140 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND42.WAV
[2002/08/29 04:00:00 | 000,022,796 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND43.WAV
[2002/08/29 04:00:00 | 000,009,770 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND45.WAV
[2002/08/29 04:00:00 | 000,001,876 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49.WAV
[2002/08/29 04:00:00 | 000,003,330 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49D.WAV
[2002/08/29 04:00:00 | 000,003,180 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND5.WAV
[2002/08/29 04:00:00 | 000,012,074 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND50.WAV
[2002/08/29 04:00:00 | 000,008,932 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND528.WAV
[2002/08/29 04:00:00 | 000,009,022 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND53.WAV
[2002/08/29 04:00:00 | 000,018,250 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND54.WAV
[2002/08/29 04:00:00 | 000,021,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND55.WAV
[2002/08/29 04:00:00 | 000,029,004 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND560.WAV
[2002/08/29 04:00:00 | 000,024,192 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND563.WAV
[2002/08/29 04:00:00 | 000,030,502 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND57.WAV
[2002/08/29 04:00:00 | 000,003,408 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND58.WAV
[2002/08/29 04:00:00 | 000,004,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND6.WAV
[2002/08/29 04:00:00 | 000,017,676 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND65.WAV
[2002/08/29 04:00:00 | 000,032,402 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND68.WAV
[2002/08/29 04:00:00 | 000,026,442 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND7.WAV
[2002/08/29 04:00:00 | 000,014,592 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND713.WAV
[2002/08/29 04:00:00 | 000,027,268 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND735.WAV
[2002/08/29 04:00:00 | 000,002,102 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND8.WAV
[2002/08/29 04:00:00 | 000,047,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND827.WAV
[2002/08/29 04:00:00 | 000,020,098 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND9.WAV
[2002/08/29 04:00:00 | 000,006,742 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND999.WAV
[2002/08/29 04:00:00 | 000,339,178 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\table.bmp
[2002/08/29 14:00:00 | 000,002,687 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\wavemix.inf

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< End of report >


OTL Extras logfile created on: 1/28/2013 2:30:31 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.44 Gb Total Physical Memory | 0.49 Gb Available Physical Memory | 33.86% Memory free
3.29 Gb Paging File | 2.29 Gb Available in Paging File | 69.60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.50 Gb Total Space | 89.80 Gb Free Space | 84.31% Space Free | Partition Type: NTFS
Drive D: | 5.29 Gb Total Space | 0.96 Gb Free Space | 18.14% Space Free | Partition Type: FAT32

Computer Name: YOUR-XHTR8HVC4P | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe" = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe:*:Disabled:BackWeb-137903 -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01F9D88C-3C86-4E82-840A-101A3221F67A}" = Microsoft Money 2003
"{02B42D23-10F2-4862-ADA4-3DF1EA0021B2}" = Microsoft Money 2003 System Pack
"{098637A9-C208-4398-8374-853151D35200}" = SkinsHP2
"{11946FA8-329A-4DDF-B867-A32781FED8EE}" = HPImageZone
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2CCC5C78-20FF-478E-8B65-46B58CC5781B}" = AVG 2013
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{305B23E7-F8D8-4B92-83AA-5AE0D0090DE7}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42948B02-7191-40CF-92AA-4E330869B28B}" = HPIZ Fix2
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{4FCC384C-18EA-4E25-9281-A06AE006D219}" = Weblink
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{5C650855-4C2B-418F-A747-8B3D8E3FF2A8}" = TrayApp
"{5D7F0A0E-369E-46C0-9F99-FAB21A064781}" = HP Photo and Imaging 2.0 - Photosmart Cameras
"{62B3B82F-B9B1-4D8C-B5D1-C3DAEA1F73AA}" = PhotoGallery
"{642B473F-2584-4C21-AB10-6D1EF28BD601}" = QuickProjects
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{731E713B-C13E-4527-B624-8A6DF2D33DAF}" = AVG 2013
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7BBD57D6-09B1-4CC3-9664-A0D53EE25247}" = PSShortcutsP
"{84464E93-0222-42E5-8CCE-A618F86210F3}" = SkinsHP1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = RecordNow!
"{98386532-89B5-42FF-AC49-60C0D9DBD8B1}" = CreativeProjects
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD Player
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9266252-00CB-4140-B740-DE88FC0F7609}" = hpmdtab
"{C05E10AC-BD86-4564-9D16-EF11D7314FB2}" = HP Software Update
"{C224DBAC-57F4-40FD-BB83-09DB532CCD68}" = HPSystemDiagnostics
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CF07F56D-F9FD-45CB-8E2B-48786B5B5723}" = Director
"{CFD1B282-555D-494d-8231-4175C2AF08C2}" = PrintScreen
"{E05895C5-FE97-4334-8D73-B0089FD07CE3}" = Multimedia Card Reader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers
"{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass
"{F61F2821-694C-475F-99AB-6AF2EFDF40FD}" = Quicken 2003 New User Edition
"53EF27E9-150C-4063-8343-61C45FC6BB98" = Mars Rover from Hewlett-Packard Desktops (remove only)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2013
"BackWeb-137903 Uninstaller" = Updates from HP
"ESET Online Scanner" = ESET Online Scanner v3
"HP Instant Support" = HP Instant Support
"HP Photo & Imaging" = HP Photo & Imaging 3.0
"HPTOOLKIT" = toolkit
"ie8" = Windows Internet Explorer 8
"InstallShield_{E05895C5-FE97-4334-8D73-B0089FD07CE3}" = Multimedia Card Reader
"InstallShield_{F61F2821-694C-475F-99AB-6AF2EFDF40FD}" = Quicken 2003 New User Edition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA Ethernet Driver" = NVIDIA Ethernet Driver
"NVIDIA Gart Driver" = NVIDIA Gart Driver
"RealPlayer 6.0" = RealOne Player
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"S3Overlay" = S3Overlay
"SpamSubtract" = SpamSubtract
"SpeedFan" = SpeedFan (remove only)
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/25/2013 9:28:53 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Application Error | ID = 1000
Description = Faulting application speccy.exe, version 1.20.0.446, faulting module
speccycpuid.dll, version 1.0.9.7, fault address 0x0004cf9a.

Error - 1/25/2013 9:29:01 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Application Error | ID = 1001
Description = Fault bucket -915827069.

Error - 1/26/2013 4:17:58 PM | Computer Name = YOUR-XHTR8HVC4P | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- 1>Failed to compile: CustomMarshalers, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
. Error code = 0x80070020

Error - 1/26/2013 4:27:59 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Application Hang | ID = 1002
Description = Hanging application OTL.scr, version 3.2.69.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/26/2013 4:28:16 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Application Hang | ID = 1002
Description = Hanging application OTL.scr, version 3.2.69.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/26/2013 11:40:20 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.70.0.9, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/27/2013 1:19:27 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 1/27/2013 4:44:40 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053

Error - 1/27/2013 11:54:13 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 1/28/2013 12:29:55 AM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 1/28/2013 12:31:13 AM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.

Error - 1/28/2013 12:31:13 AM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053

Error - 1/28/2013 8:37:39 AM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 1/28/2013 8:39:31 AM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7022
Description = The AVGIDSAgent service hung on starting.

Error - 1/28/2013 8:40:08 AM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.

Error - 1/28/2013 8:40:08 AM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053

Error - 1/28/2013 2:10:00 PM | Computer Name = YOUR-XHTR8HVC4P | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP