Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer suddenly crashing.


  • This topic is locked This topic is locked
13 replies to this topic

#1 nicks75

nicks75

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 10 February 2010 - 07:11 PM

My pc has suddenly started crashing on alot of programs and getting a black screen when I shut down and restart, I got the repair option on the startup but didnt work. I tried to do a system recovery with a built in back up driver but it's not allowing me to do that, getting no drive found. It took several attempts to get it to restart but took about 10 minutes to do so. I ran ad-aware and nod 32 antivirus and spybot s&d and nothing found. Here's my hijack this log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:02:02 PM, on 2/6/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch...TP&M=GM5474
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [Linksys Wireless Manager] "C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{24D779B5-E152-4C01-A1E7-6388CBBD26B8}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{6066F767-93A1-4E42-A911-4B663C6B807C}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{24D779B5-E152-4C01-A1E7-6388CBBD26B8}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{24D779B5-E152-4C01-A1E7-6388CBBD26B8}: NameServer = 156.154.70.22,156.154.71.22
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6028\SAService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7755 bytes

Edited by nicks75, 10 February 2010 - 07:13 PM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:18 PM

Posted 17 February 2010 - 05:20 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
[We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 nicks75

nicks75
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 17 February 2010 - 07:05 PM

Thank you for replying, I do understand that it can take time to reply to messages on the forum appreciate the help regardless of the time it takes. I have since reduced the amount of problems with my pc, to my surprise I downloaded registry mechanic and ran that having a purchase key from some time ago, I still get unresponsive programs and have to open task manager to get them to close though not nearly as bad as before running reg mechanic.

My biggest concern is that I can still not do a complete system recovery, I have a built in recovery disk (drive d) and when I try to rebooting the pc and pressing (F8??) and selecting complete system recovery, a window pops up and says searching for recovery disk and cannot find one, I have done this in the past with no problems.

I am also concerned with wanting to do my taxes online and want to be 100% certain I am not infected with any thing with the potential to steal my SS number. I followed your instructions and have the following log reports. Again thank you for your help.


OTL Extras logfile created on: 2/17/2010 4:54:57 PM - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\nick\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.94 Gb Total Space | 351.49 Gb Free Space | 77.09% Space Free | Partition Type: NTFS
Drive D: | 9.82 Gb Total Space | 4.40 Gb Free Space | 44.77% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NICK-PC
Current User Name: nick
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-637936914-2880446004-489116873-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17150822-541C-4EF3-B8E5-7D43222A8258}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{21850DE7-BF93-4348-A9A7-D1F3D0A5F9D3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6358A5CD-C592-4CD7-863C-CB12E047D8DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{93C5D410-E102-499D-AA84-2C0AA79ABCD9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB448050-0D72-4B03-8036-FDDA8D51A5DD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CF6EAE22-2387-461C-94D2-5909E84D75F1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DC835586-EADA-4043-ADAC-6FF5058609BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ED5E54B2-5E88-4246-98F5-C89A0A616B17}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F4665835-AEEB-4D17-AF1F-F39BFE0CA7DA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{063C62B3-7996-4B33-AEE0-C687C9DE271C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{354BBE7E-61D7-4B72-8742-244F0EA5E7FC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3811CC70-C0F6-4DC8-89B3-C3DA060F87FD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3FF14260-8350-49A8-9857-3073EADA81F0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{525B652F-2A35-4E62-8AFC-903E606E71FC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{57DE27E1-2185-4C78-86C7-9A3F067D785E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6F4D751A-39BC-406E-88DD-BA05942FB4EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77E97F2C-EED7-4C29-A10C-FC35393542E9}" = protocol=6 | dir=out | app=system |
"{8528BE40-8AE1-4F7F-8BF2-9BD2AF536079}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{913F8E09-5FC7-423C-8004-1EE108AF4F68}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A0609771-CCB8-4A44-9FB1-C523229AB06C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF030AA9-F409-4E4D-8CCC-CE4716BF2E9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D3CE7567-9DA3-45BA-8372-967990BDF739}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE8B479D-9539-4EA9-B763-9670EC8CA230}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{44C05309-60F4-410B-BC32-31733CFF1A41}" = Microsoft Digital Image Starter Edition 2006 Editor
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB251}" = Microsoft Digital Image Starter Edition 2006 Library
"{54F6C98F-94A0-421C-B90E-0B6A2A96A9CF}" = Pure Networks Platform
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6864ABC3-A982-436B-BEF1-5652D6303361}" = ESET NOD32 Antivirus
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91B3BEC8-748B-4912-82ED-29D38E140B2A}" = Linkit_eBay
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware" = Ad-Aware
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F40&SUBSYS_200014F1" = Soft Data Fax Modem with SmartCP
"COMODO Internet Security" = COMODO Internet Security
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Download Manager" = Download Manager 2.3.10
"Gateway Game Console" = Gateway Game Console
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Linksys Wireless Manager" = Linksys Wireless Manager
"McAfee SiteAdvisor" = McAfee SiteAdvisor
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PictureItSuiteTrial_v12" = Microsoft Digital Image Starter Edition 2006
"Registry Doctor (Shareware Version)_is1" = Registry Doctor (Shareware Version)
"Registry Mechanic_is1" = Registry Mechanic 9.0
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Star Wars Knights of the Old Republic" = Star Wars Knights of the Old Republic
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities" = TuneUp Utilities
"WinRAR archiver" = WinRAR archiver
"WT021682" = FATE
"WT021888" = Bejeweled 2 Deluxe
"WT021890" = Blackhawk Striker 2
"WT021892" = Blasterball 3
"WT021894" = Diner Dash - Flo on the Go
"WT021896" = Family Feud 2
"WT021900" = Penguins!
"WT021902" = Polar Bowler
"WT021904" = Polar Golfer
"WT022436" = Tradewinds

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-637936914-2880446004-489116873-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/13/2010 8:37:52 AM | Computer Name = nick-PC | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 11.0.6000.6353 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: ff4 Start Time: 01caaca95144bbf0 Termination Time: 5

Error - 2/13/2010 3:16:03 PM | Computer Name = nick-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.2.3667 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 15fc Start Time: 01caacc0aa132480 Termination Time: 20

Error - 2/13/2010 4:01:22 PM | Computer Name = nick-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6000.16771 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 7f8 Start Time: 01caace6d9e6a4c9 Termination Time: 40

Error - 2/13/2010 4:02:54 PM | Computer Name = nick-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6000.16771 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 8fc Start Time: 01caace750888c19 Termination Time: 30

Error - 2/13/2010 6:48:42 PM | Computer Name = nick-PC | Source = Application Error | ID = 1000
Description = Faulting application AcroRd32.exe, version 8.0.0.456, time stamp 0x453c8fee,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x0c0c0c0c, process id 0xa84, application start time 0x01caacfeaca81b79.

Error - 2/13/2010 6:48:49 PM | Computer Name = nick-PC | Source = Application Error | ID = 1000
Description = Faulting application AcroRd32.exe, version 8.0.0.456, time stamp 0x453c8fee,
faulting module AcroRd32.dll, version 8.0.0.456, time stamp 0x453c8a18, exception
code 0xc0000005, fault offset 0x00292be4, process id 0xa84, application start time
0x01caacfeaca81b79.

Error - 2/14/2010 7:19:01 PM | Computer Name = nick-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6000.16771 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 8b8 Start Time: 01caace787664339 Termination Time: 2354

Error - 2/16/2010 11:03:01 PM | Computer Name = nick-PC | Source = Windows Search Service | ID = 3038
Description =

Error - 2/16/2010 11:03:06 PM | Computer Name = nick-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 2/16/2010 11:03:06 PM | Computer Name = nick-PC | Source = Windows Search Service | ID = 3058
Description =

[ System Events ]
Error - 2/13/2010 4:26:14 PM | Computer Name = nick-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2010 4:26:20 PM | Computer Name = nick-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2010 4:26:27 PM | Computer Name = nick-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2010 4:26:33 PM | Computer Name = nick-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2010 4:26:40 PM | Computer Name = nick-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/13/2010 4:27:24 PM | Computer Name = nick-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 2/14/2010 7:19:01 PM | Computer Name = nick-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 2/16/2010 11:03:06 PM | Computer Name = nick-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 2/16/2010 11:03:06 PM | Computer Name = nick-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2/17/2010 4:46:16 PM | Computer Name = nick-PC | Source = Service Control Manager | ID = 7011
Description =


< End of report >




OTL logfile created on: 2/17/2010 4:54:57 PM - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\nick\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.94 Gb Total Space | 351.49 Gb Free Space | 77.09% Space Free | Partition Type: NTFS
Drive D: | 9.82 Gb Total Space | 4.40 Gb Free Space | 44.77% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NICK-PC
Current User Name: nick
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/17 16:50:02 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\nick\Desktop\OTL.exe
PRC - [2010/02/05 07:12:21 | 001,181,328 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/01/31 14:18:25 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/01/31 14:18:21 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/01/31 13:38:35 | 000,321,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\SiteAdvisor\6028\SAService.exe
PRC - [2010/01/31 12:11:52 | 000,788,880 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/01/27 04:46:17 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2010/01/27 04:17:57 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2010/01/15 22:09:37 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvsvc.exe
PRC - [2010/01/11 21:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009/12/18 00:14:00 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009/12/18 00:12:10 | 001,044,808 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009/11/25 15:42:58 | 003,176,408 | ---- | M] (PC Tools) -- C:\Program Files\Registry Mechanic\RegMech.exe
PRC - [2009/11/25 15:42:18 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/02/16 04:35:38 | 001,358,384 | R--- | M] (Linksys, LLC) -- C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
PRC - [2008/12/12 21:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 21:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2007/02/08 21:39:34 | 000,036,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
PRC - [2007/01/18 16:46:56 | 004,349,952 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2006/11/16 19:04:58 | 002,348,584 | ---- | M] (BigFix Inc.) -- C:\Program Files\BigFix\bigfix.exe
PRC - [2006/11/02 04:45:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
PRC - [2006/10/26 23:24:54 | 000,098,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2006/08/04 20:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\XAudio.exe


========== Modules (SafeList) ==========

MOD - [2010/02/17 16:50:02 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\nick\Desktop\OTL.exe
MOD - [2010/01/31 14:18:27 | 000,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/02/05 07:12:21 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/01/31 21:13:57 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/01/31 14:18:25 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/01/31 13:38:35 | 000,321,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\SiteAdvisor\6028\SAService.exe -- (SiteAdvisor Service)
SRV - [2010/01/27 04:46:17 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\System32\nvvsvc.exe -- (nvsvc)
SRV - [2010/01/11 21:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/12/18 00:12:10 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009/12/18 00:08:54 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/11/25 15:42:18 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/12 21:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2006/11/02 07:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 22:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 17:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/08/04 20:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.exe -- (XAudioService)


========== Driver Services (SafeList) ==========

DRV - [2010/01/31 14:18:27 | 000,130,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010/01/31 14:18:27 | 000,074,328 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\inspect.sys -- (inspect)
DRV - [2010/01/31 14:18:27 | 000,029,520 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/01/11 23:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/12/02 08:19:06 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/11/16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/11/13 19:49:00 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/10/14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/05/09 04:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/01/13 18:32:02 | 000,440,832 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\netr28.sys -- (netr28)
DRV - [2008/12/12 21:05:18 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 21:05:18 | 000,024,880 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2007/01/27 19:21:00 | 000,101,160 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/01/18 20:56:56 | 001,729,632 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/01/09 13:00:00 | 000,221,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2006/11/30 22:39:16 | 000,147,328 | ---- | M] (ViXS Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\xcbda.sys -- (xcbdaNtsc) ViXS Tuner Card (NTSC)
DRV - [2006/11/08 18:55:10 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/08 18:54:02 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/11/08 18:53:48 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:36:49 | 000,108,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ac97intc.sys -- (ac97intc) Intel® 82801 Audio Driver Install Service (WDM)
DRV - [2006/11/02 02:36:45 | 001,302,492 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ialmnt5.sys -- (ialm)
DRV - [2006/11/02 02:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw2v32.sys -- (NETw2v32) Intel®
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/11/02 02:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/02 02:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 01:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/19 17:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mdmxsdk.sys -- (mdmxsdk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch...TP&M=GM5474


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-637936914-2880446004-489116873-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-637936914-2880446004-489116873-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5474
IE - HKU\S-1-5-21-637936914-2880446004-489116873-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-637936914-2880446004-489116873-1000\S-1-5-21-637936914-2880446004-489116873-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-637936914-2880446004-489116873-1000\S-1-5-21-637936914-2880446004-489116873-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/31 13:31:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/16 22:02:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/01/31 14:48:06 | 000,000,000 | ---D | M]

[2010/01/25 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\nick\AppData\Roaming\Mozilla\Extensions
[2010/02/16 17:04:23 | 000,000,000 | ---D | M] -- C:\Users\nick\AppData\Roaming\Mozilla\Firefox\Profiles\ye6g0zud.default\extensions
[2010/02/01 07:29:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\nick\AppData\Roaming\Mozilla\Firefox\Profiles\ye6g0zud.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/02/01 05:56:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\nick\AppData\Roaming\Mozilla\Firefox\Profiles\ye6g0zud.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/02/01 07:29:17 | 000,000,000 | ---D | M] -- C:\Users\nick\AppData\Roaming\Mozilla\Firefox\Profiles\ye6g0zud.default\extensions\anttoolbar@ant.com
[2010/02/01 07:29:23 | 000,000,000 | ---D | M] -- C:\Users\nick\AppData\Roaming\Mozilla\Firefox\Profiles\ye6g0zud.default\extensions\piclens@cooliris.com
[2010/02/01 05:56:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll (McAfee, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll (Gateway Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-637936914-2880446004-489116873-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe (BigFix Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6028\SiteAdv.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-637936914-2880446004-489116873-1000..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKU\S-1-5-21-637936914-2880446004-489116873-1000..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe (PC Tools )
O4 - HKU\S-1-5-21-637936914-2880446004-489116873-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-637936914-2880446004-489116873-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\WINDOWS\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\GTW1_Wide.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\GTW1_Wide.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 19:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: UxTuneUp - C:\WINDOWS\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\WINDOWS\System32\ias [2006/11/02 06:18:47 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: >{F1C40DA0-09DD-4FF1-9E21-8ABC779E7DFD} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM

Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2010/02/17 16:49:41 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\nick\Desktop\OTL.exe
[2010/02/16 22:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/02/16 22:01:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/02/15 02:14:54 | 000,000,000 | ---D | C] -- C:\Users\nick\Desktop\status.do_files
[2010/02/15 02:14:36 | 000,000,000 | ---D | C] -- C:\Users\nick\Desktop\realpreview.do_files
[2010/02/13 16:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/02/13 16:08:06 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox210.ocx
[2010/02/13 16:08:04 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBoxVB12.ocx
[2010/02/13 16:08:02 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox10.ocx
[2010/02/13 16:08:00 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml.dll
[2010/02/13 16:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/02/13 16:07:28 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2010/02/13 16:04:33 | 000,000,000 | ---D | C] -- C:\Users\nick\Documents\AdvSysOpt
[2010/02/13 15:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Doctor Trial
[2010/02/11 01:30:20 | 001,327,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/02/11 01:30:13 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/02/11 01:30:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/02/11 01:30:12 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/02/11 01:30:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/02/11 01:29:55 | 003,467,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/02/11 01:29:51 | 003,502,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/02/11 01:23:56 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/02/11 01:23:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/02/10 09:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Guitar Pro 5
[2010/02/08 03:11:10 | 000,000,000 | ---D | C] -- C:\Users\nick\Desktop\New Folder
[2010/02/06 12:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/02/03 05:38:24 | 000,000,000 | ---D | C] -- C:\Users\nick\Desktop\FishVille on Facebook_files
[2010/02/03 05:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\ConvertHelper
[2010/02/03 05:25:58 | 000,000,000 | ---D | C] -- C:\Users\nick\dwhelper
[2010/02/03 05:16:32 | 000,000,000 | ---D | C] -- C:\Users\nick\Documents\OneNote Notebooks
[2010/02/02 03:54:48 | 000,181,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/02/01 07:29:28 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Local\Cooliris
[2010/02/01 00:08:31 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010/02/01 00:08:31 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010/02/01 00:08:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/02/01 00:08:28 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/02/01 00:08:28 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/02/01 00:08:27 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/02/01 00:08:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/02/01 00:08:23 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/02/01 00:08:23 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/02/01 00:08:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/02/01 00:08:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/02/01 00:08:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/02/01 00:08:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/02/01 00:08:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/02/01 00:08:18 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/02/01 00:08:18 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/02/01 00:08:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/02/01 00:08:15 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/02/01 00:08:15 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/02/01 00:08:13 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/02/01 00:08:12 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/02/01 00:08:12 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/02/01 00:08:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/02/01 00:08:11 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/02/01 00:08:09 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/02/01 00:08:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/02/01 00:08:08 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/02/01 00:08:07 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/02/01 00:08:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/02/01 00:08:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/02/01 00:08:05 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/02/01 00:08:05 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/02/01 00:08:02 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/02/01 00:08:01 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/02/01 00:07:59 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/02/01 00:07:59 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/02/01 00:07:56 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/02/01 00:07:54 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/02/01 00:07:53 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/02/01 00:07:53 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/02/01 00:07:52 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/02/01 00:07:51 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/02/01 00:07:51 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/02/01 00:07:49 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/02/01 00:07:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/02/01 00:07:47 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/02/01 00:07:47 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/02/01 00:07:46 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/02/01 00:07:45 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/02/01 00:07:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/02/01 00:07:43 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/02/01 00:07:42 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/02/01 00:07:41 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/02/01 00:07:40 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/02/01 00:07:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/02/01 00:07:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/02/01 00:07:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/02/01 00:07:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/02/01 00:07:35 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/02/01 00:07:34 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/02/01 00:07:33 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/02/01 00:07:32 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/02/01 00:07:31 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/02/01 00:06:38 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010/02/01 00:06:37 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/02/01 00:06:37 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/02/01 00:06:37 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/02/01 00:06:36 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/02/01 00:06:30 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/02/01 00:06:28 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/02/01 00:06:26 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/02/01 00:06:21 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/01/31 21:14:07 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010/01/31 21:14:04 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010/01/31 21:14:04 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010/01/31 21:13:00 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\TuneUp Software
[2010/01/31 21:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/01/31 21:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010/01/31 21:11:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/01/31 20:16:09 | 000,000,000 | ---D | C] -- C:\SWKotOR
[2010/01/31 19:44:00 | 000,000,000 | RH-D | C] -- C:\Users\nick\AppData\Roaming\SecuROM
[2010/01/31 19:42:54 | 000,000,000 | ---D | C] -- C:\Users\nick\Desktop\SWKotOR
[2010/01/31 19:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2010/01/31 15:22:51 | 000,000,000 | ---D | C] -- C:\Users\nick\Desktop\KOTOR_ddsetup
[2010/01/31 15:21:50 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\IGN_DLM
[2010/01/31 15:21:32 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager
[2010/01/31 14:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010/01/31 14:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/01/31 14:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2010/01/31 14:18:33 | 000,171,552 | ---- | C] (COMODO) -- C:\Windows\System32\guard32.dll
[2010/01/31 14:18:33 | 000,130,960 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2010/01/31 14:18:33 | 000,074,328 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2010/01/31 14:18:33 | 000,029,520 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2010/01/31 14:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010/01/31 13:44:46 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\SiteAdvisor
[2010/01/31 13:38:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor
[2010/01/31 13:38:34 | 000,000,000 | ---D | C] -- C:\Program Files\SiteAdvisor
[2010/01/31 13:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/01/31 13:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/01/31 13:09:13 | 011,586,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010/01/31 13:09:13 | 004,321,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010/01/31 13:09:13 | 000,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2010/01/31 13:09:13 | 000,068,200 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/01/31 13:09:13 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010/01/31 13:09:12 | 014,924,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010/01/31 13:09:09 | 004,077,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010/01/31 13:09:09 | 004,061,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010/01/31 13:09:09 | 002,243,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010/01/31 13:09:08 | 011,639,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010/01/31 13:09:08 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod189.dll
[2010/01/31 13:09:08 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010/01/31 13:09:06 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/01/31 13:01:30 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\DivX
[2010/01/31 12:12:48 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/01/31 12:09:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2010/01/31 12:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/01/31 12:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/01/31 11:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/01/31 11:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/29 10:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/01/29 10:56:57 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\SystemRequirementsLab
[2010/01/29 10:47:23 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/29 10:47:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/29 10:47:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/29 10:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/29 10:41:12 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/01/29 02:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/01/29 02:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/01/29 02:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/01/28 11:53:59 | 000,000,000 | ---D | C] -- C:\Users\nick\Documents\Updater5
[2010/01/28 11:53:25 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\WinRAR
[2010/01/28 11:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/01/27 05:09:23 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/27 05:09:23 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/27 05:09:23 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/27 05:09:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/27 05:09:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/27 05:07:45 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/27 05:07:45 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2010/01/27 05:07:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/01/27 05:07:44 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/01/27 05:07:44 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/27 05:07:44 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/27 05:07:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/01/27 05:07:43 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/01/27 05:07:43 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/01/27 05:07:43 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/27 05:07:42 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/27 05:07:41 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/27 05:07:40 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/27 05:07:40 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/01/27 05:07:40 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/01/27 05:07:39 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/27 05:07:38 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/27 05:07:37 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/27 05:07:36 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/27 05:07:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/01/27 05:07:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/27 05:07:34 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/27 05:07:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/27 05:05:49 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010/01/27 05:05:49 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010/01/27 05:05:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/01/27 05:04:40 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/01/27 05:04:40 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2010/01/27 05:04:38 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2010/01/27 05:04:38 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/01/27 05:04:38 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndptsp.tsp
[2010/01/27 05:04:38 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kmddsp.tsp
[2010/01/27 05:04:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll
[2010/01/27 05:04:37 | 000,564,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/01/27 05:04:37 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2010/01/27 05:04:37 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll
[2010/01/27 05:04:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2010/01/27 05:04:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll
[2010/01/27 05:04:36 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll
[2010/01/27 05:04:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/01/27 05:04:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2010/01/27 05:03:33 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/01/27 05:03:33 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/01/27 05:03:33 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/01/27 05:02:27 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2010/01/27 05:02:27 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2010/01/27 05:02:27 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2010/01/27 05:01:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/27 05:01:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/27 05:01:05 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/27 05:01:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/27 05:01:05 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/27 05:01:05 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/27 05:01:04 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/27 05:01:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/27 05:01:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/27 05:01:03 | 000,213,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/01/27 04:59:41 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/01/27 04:59:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2010/01/27 04:59:39 | 000,028,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2010/01/27 04:57:35 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/27 04:57:34 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/27 04:57:34 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/27 04:57:34 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/01/27 04:57:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/01/27 04:56:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/01/27 04:56:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/01/27 04:55:13 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/27 04:54:11 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/01/27 04:54:11 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010/01/27 04:53:11 | 002,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/27 04:53:11 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/01/27 04:53:11 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/01/27 04:53:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/01/27 04:53:10 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/27 04:53:10 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/01/27 04:51:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/27 04:37:01 | 000,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/27 04:37:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/01/27 04:34:59 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/01/27 04:34:59 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/01/27 04:33:55 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/01/27 04:30:59 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/01/27 04:30:04 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/27 04:29:03 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/01/27 04:28:06 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2010/01/27 04:28:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2010/01/27 04:28:05 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2010/01/27 04:28:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2010/01/27 04:25:05 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/01/27 04:25:05 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/27 04:25:05 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/27 04:25:04 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/27 04:25:04 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/27 04:25:04 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/27 04:25:04 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010/01/27 04:25:04 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2010/01/27 04:21:38 | 000,696,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/27 04:18:49 | 000,109,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/01/27 04:18:49 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/01/27 04:17:57 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/01/27 04:16:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2010/01/27 04:14:59 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010/01/27 04:14:59 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010/01/27 04:14:59 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010/01/27 04:14:59 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010/01/27 04:14:59 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010/01/27 04:14:58 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010/01/27 04:14:58 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010/01/27 04:14:58 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010/01/27 04:14:58 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010/01/27 04:14:57 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010/01/27 04:14:57 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010/01/27 04:14:57 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010/01/27 04:14:57 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010/01/27 04:14:56 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010/01/27 04:14:56 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010/01/27 04:14:56 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010/01/27 04:14:55 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010/01/27 04:14:55 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010/01/27 04:14:55 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010/01/27 04:14:54 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/01/27 04:14:54 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010/01/27 04:14:54 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/01/27 04:14:53 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010/01/27 04:14:53 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010/01/27 04:14:53 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010/01/27 04:14:53 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010/01/27 04:14:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010/01/27 04:14:52 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010/01/27 04:14:52 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010/01/27 04:14:52 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010/01/27 04:14:51 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010/01/27 04:14:51 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010/01/27 04:14:51 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010/01/27 04:14:51 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010/01/27 04:14:50 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010/01/27 04:14:50 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010/01/27 04:14:50 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010/01/27 04:14:50 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010/01/27 04:14:49 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010/01/27 04:14:49 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010/01/27 04:14:49 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010/01/27 04:14:49 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010/01/27 04:14:49 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010/01/27 04:14:48 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010/01/27 04:14:48 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010/01/27 04:14:48 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010/01/27 04:14:48 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010/01/27 04:14:48 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010/01/27 04:14:48 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010/01/27 04:14:48 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010/01/27 04:14:47 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010/01/27 04:14:47 | 003,464,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010/01/27 04:14:47 | 002,655,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010/01/27 04:14:47 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010/01/27 04:14:47 | 001,523,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010/01/27 04:14:46 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010/01/27 04:14:46 | 002,597,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010/01/27 04:14:46 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010/01/27 04:14:46 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010/01/27 04:14:45 | 004,874,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010/01/27 04:14:45 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010/01/27 04:14:45 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010/01/27 04:14:45 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010/01/27 04:14:45 | 002,241,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010/01/27 04:14:44 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010/01/27 04:14:44 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010/01/27 04:14:44 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2010/01/27 04:14:44 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010/01/27 04:14:44 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010/01/27 04:14:43 | 009,845,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010/01/27 04:14:43 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010/01/27 04:14:43 | 002,641,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010/01/27 04:14:43 | 002,340,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010/01/27 04:14:42 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010/01/27 04:14:42 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010/01/27 04:14:42 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010/01/27 04:14:42 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/01/27 04:14:41 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010/01/27 04:14:41 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010/01/27 04:14:41 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010/01/27 04:14:41 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010/01/27 04:10:57 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/01/27 04:10:57 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/01/27 04:10:57 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010/01/27 04:10:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010/01/27 04:10:56 | 000,944,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/01/27 04:10:56 | 000,905,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/01/27 04:10:56 | 000,620,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/01/27 04:10:56 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/01/27 04:10:55 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2010/01/27 04:10:55 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/01/27 04:10:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2010/01/27 04:10:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/01/27 04:10:54 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2010/01/27 04:10:54 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2010/01/27 04:10:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2010/01/27 04:10:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2010/01/27 04:10:52 | 000,035,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/01/27 04:10:52 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2010/01/27 04:10:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2010/01/27 04:10:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/01/27 04:09:22 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/27 04:09:22 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/27 04:09:21 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/27 04:09:20 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/27 04:09:20 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/27 04:09:20 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/27 04:08:24 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/01/27 04:05:59 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2010/01/27 04:05:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2010/01/27 04:05:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2010/01/27 04:05:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/01/27 04:05:12 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/01/27 04:04:18 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2010/01/27 04:04:18 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/01/27 04:04:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/01/27 04:04:17 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/01/27 04:04:17 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/01/27 04:04:17 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/01/27 04:04:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/01/27 04:03:20 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/01/27 04:03:19 | 000,712,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/01/27 04:03:19 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/01/27 04:02:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/27 04:02:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/27 03:58:15 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/01/27 03:58:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe
[2010/01/27 03:58:14 | 001,984,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/01/27 03:58:14 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/01/27 03:58:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2010/01/27 03:58:12 | 008,138,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2010/01/27 03:57:25 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/01/27 03:57:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010/01/27 03:56:44 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/27 03:56:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/01/27 03:56:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010/01/27 03:55:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/27 03:55:14 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/27 03:54:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2010/01/27 03:52:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2010/01/27 03:47:24 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/01/27 03:47:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/01/27 03:47:23 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/01/27 03:47:23 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/01/27 03:47:20 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/01/27 03:47:20 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/01/27 03:47:20 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/01/27 03:47:19 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/01/27 03:27:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/01/27 03:27:19 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/01/27 03:27:19 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/01/27 03:07:29 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/27 03:07:27 | 004,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/27 03:07:27 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/01/27 03:07:01 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/01/27 03:07:01 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/01/27 03:06:28 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010/01/27 03:05:56 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/01/27 03:05:43 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fs_rec.sys
[2010/01/27 03:05:43 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmi.dll
[2010/01/27 03:04:17 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/27 03:04:17 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/27 03:04:03 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/27 03:02:58 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/27 03:02:10 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/27 03:02:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/27 03:02:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/27 03:02:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/27 03:02:06 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/25 16:05:36 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Local\Adobe
[2010/01/25 15:30:23 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\Adobe
[2010/01/25 15:22:43 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/01/25 15:22:43 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/01/25 15:21:25 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/01/25 15:21:25 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/01/25 15:21:25 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/01/25 15:20:38 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/01/25 15:20:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/01/25 15:20:31 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Local\Mozilla
[2010/01/25 15:20:30 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\Mozilla
[2010/01/25 15:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/01/25 15:18:50 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\Macromedia
[2010/01/25 15:18:05 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\Google
[2010/01/25 15:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Linksys
[2010/01/25 15:13:07 | 000,024,880 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\System32\drivers\pnarp.sys
[2010/01/25 15:13:03 | 000,026,416 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\System32\drivers\purendis.sys
[2010/01/25 15:13:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/01/25 15:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pure Networks Shared
[2010/01/25 15:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
[2010/01/25 15:12:31 | 000,440,832 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr28.sys
[2010/01/25 15:12:31 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
[2010/01/25 14:58:49 | 000,000,000 | ---D | C] -- C:\Users\nick\Documents\My Google Gadgets
[2010/01/25 14:57:50 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Local\Google
[2010/01/25 14:54:10 | 000,000,000 | R--D | C] -- C:\Users\nick\Searches
[2010/01/25 14:53:32 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\Identities
[2010/01/25 14:53:29 | 000,000,000 | R--D | C] -- C:\Users\nick\Contacts
[2010/01/25 14:53:28 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Local\VirtualStore
[2010/01/25 14:53:25 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\SampleView
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\AppData\Local\Temporary Internet Files
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Templates
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Start Menu
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\SendTo
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Recent
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\PrintHood
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\NetHood
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Documents\My Videos
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Documents\My Pictures
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Documents\My Music
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\My Documents
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Local Settings
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\AppData\Local\History
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Cookies
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\Application Data
[2010/01/25 14:53:21 | 000,000,000 | -HSD | C] -- C:\Users\nick\AppData\Local\Application Data
[2010/01/25 14:53:18 | 000,000,000 | --SD | C] -- C:\Users\nick\AppData\Roaming\Microsoft
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Videos
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Saved Games
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Pictures
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Music
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Links
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Favorites
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Downloads
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Documents
[2010/01/25 14:53:18 | 000,000,000 | R--D | C] -- C:\Users\nick\Desktop
[2010/01/25 14:53:18 | 000,000,000 | -H-D | C] -- C:\Users\nick\AppData
[2010/01/25 14:53:18 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Local\Temp
[2010/01/25 14:53:18 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Local\Microsoft
[2010/01/25 14:53:18 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\Media Center Programs
[2010/01/25 14:51:35 | 000,986,624 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys
[2010/01/25 14:51:35 | 000,659,968 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys
[2010/01/25 14:51:35 | 000,386,560 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
[2010/01/25 14:51:35 | 000,354,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\idecoiins.dll
[2010/01/25 14:51:35 | 000,354,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\idecoi.dll
[2010/01/25 14:51:35 | 000,258,048 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWBS2.sys
[2010/01/25 14:51:35 | 000,172,032 | ---- | C] (Conexant Systems, Inc) -- C:\Windows\System32\Uci32114.dll
[2010/01/25 14:51:35 | 000,101,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor32.sys
[2010/01/25 14:51:35 | 000,094,208 | ---- | C] (Conexant) -- C:\Windows\System32\mdmxsdk.dll
[2010/01/25 14:51:35 | 000,012,672 | ---- | C] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys
[2010/01/25 14:51:35 | 000,008,192 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys
[2010/01/25 14:51:35 | 000,000,000 | ---D | C] -- C:\Windows\I386
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010/01/25 14:49:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2010/01/25 14:48:32 | 000,000,000 | ---D | C] -- C:\Windows\SMINST
[2010/01/25 14:31:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/01/25 14:29:45 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2010/01/25 14:27:27 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/01/25 14:26:56 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/01/25 14:24:13 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/01/25 14:24:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2010/01/25 14:24:13 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/01/25 14:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/01/25 14:19:48 | 000,012,840 | ---- | C] (BigFix, Inc.) -- C:\Windows\BigFixClientOverride.dll
[2010/01/25 14:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\BigFix
[2010/01/25 14:19:41 | 000,000,000 | ---D | C] -- C:\Documents
[2010/01/25 14:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Napster
[2010/01/25 14:18:50 | 000,000,000 | ---D | C] -- C:\google
[2010/01/25 14:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2010/01/25 14:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2010/01/25 14:18:15 | 000,000,000 | ---D | C] -- C:\Program Files\NetZero
[2010/01/25 14:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Acceller
[2010/01/25 14:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Money 2006
[2010/01/25 14:17:18 | 000,000,000 | ---D | C] -- C:\Program Files\AOL 9.0
[2010/01/25 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/01/25 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/01/25 14:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Digital Image 2006
[2010/01/25 14:16:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/01/25 14:16:16 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010/01/25 14:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010/01/25 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/01/25 14:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/01/25 14:15:07 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010/01/25 14:14:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/01/25 14:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/01/25 14:14:29 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/01/25 14:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/01/25 14:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/01/25 14:13:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/01/25 14:12:58 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/01/25 14:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/01/25 14:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/01/25 14:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows
[2010/01/25 14:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Encarta Plus
[2010/01/25 14:11:33 | 000,000,000 | ---D | C] -- C:\Graphics
[2010/01/25 14:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\Gateway
[2010/01/25 14:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\AMDLive
[2010/01/25 14:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Media Reader
[2010/01/25 14:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Gateway Games
[2010/01/25 14:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2010/01/25 14:06:32 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010/01/25 14:05:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010/01/25 14:05:11 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/01/25 14:05:10 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010/01/25 14:05:10 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010/01/25 14:05:09 | 004,349,952 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2010/01/25 14:05:09 | 001,838,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010/01/25 14:05:09 | 001,729,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010/01/25 14:05:09 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2010/01/25 14:05:09 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010/01/25 14:05:09 | 000,495,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010/01/25 14:05:09 | 000,017,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010/01/25 14:05:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/01/25 14:05:07 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/01/25 14:04:57 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010/01/25 14:04:57 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2010/01/25 14:03:30 | 000,592,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2010/01/25 14:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell
[2010/01/25 14:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/01/25 14:02:48 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/01/25 14:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/01/25 13:56:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/01/25 13:54:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/17 16:55:36 | 001,310,720 | -HS- | M] () -- C:\Users\nick\ntuser.dat
[2010/02/17 16:50:02 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\nick\Desktop\OTL.exe
[2010/02/17 16:46:16 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/17 16:46:16 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/17 15:46:33 | 000,034,800 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/02/17 15:46:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/16 22:02:20 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/02/16 06:02:28 | 000,000,680 | ---- | M] () -- C:\Users\nick\AppData\Local\d3d9caps.dat
[2010/02/15 02:14:55 | 000,049,834 | ---- | M] () -- C:\Users\nick\Desktop\status.do.htm
[2010/02/15 02:14:39 | 000,025,231 | ---- | M] () -- C:\Users\nick\Desktop\realpreview.do.htm
[2010/02/14 18:02:31 | 000,020,480 | ---- | M] () -- C:\Users\nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/13 17:30:42 | 000,034,800 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/02/13 16:08:09 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2010/02/13 15:57:24 | 000,000,805 | ---- | M] () -- C:\Users\nick\Desktop\Registry Doctor.lnk
[2010/02/13 15:02:21 | 000,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/13 15:02:21 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/13 15:02:21 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/13 14:58:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/13 14:57:36 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/13 14:30:14 | 002,239,221 | -H-- | M] () -- C:\Users\nick\AppData\Local\IconCache.db
[2010/02/11 02:28:32 | 045,682,627 | ---- | M] () -- C:\Users\nick\Desktop\xvideos.com_1072506f44880cd35b1227c46ebe82db.wmv
[2010/02/11 00:48:56 | 000,059,280 | ---- | M] () -- C:\Users\nick\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/10 18:52:15 | 000,051,675 | ---- | M] () -- C:\Users\nick\Desktop\oatmeal craner.jpg
[2010/02/10 08:29:12 | 000,010,439 | ---- | M] () -- C:\Users\nick\Desktop\flower.gif
[2010/02/10 08:17:56 | 000,007,654 | ---- | M] () -- C:\Users\nick\Desktop\1265764616_tmp_Tree.jpg
[2010/02/06 12:01:34 | 000,001,874 | ---- | M] () -- C:\Users\nick\Desktop\HijackThis.lnk
[2010/02/03 07:50:43 | 000,093,880 | ---- | M] () -- C:\Users\nick\Desktop\2zfpi5h.jpg
[2010/02/03 05:45:25 | 000,093,880 | ---- | M] () -- C:\Users\nick\Desktop\18134_102083819822630_100000630371803_63064_6339974_n.jpg
[2010/02/03 05:42:14 | 000,156,500 | ---- | M] () -- C:\Users\nick\Desktop\Note.jpg
[2010/02/03 05:38:27 | 000,068,548 | ---- | M] () -- C:\Users\nick\Desktop\FishVille on Facebook.htm
[2010/02/03 05:37:48 | 000,856,528 | ---- | M] () -- C:\Users\nick\Documents\FishVille on Facebook.mht
[2010/02/03 05:16:32 | 000,001,111 | ---- | M] () -- C:\Users\nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/02/01 09:02:17 | 000,001,700 | ---- | M] () -- C:\Users\nick\Desktop\swkotor.ini
[2010/02/01 00:05:17 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars Knights of the Old Republic.lnk
[2010/01/31 21:13:51 | 000,001,853 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010/01/31 21:13:51 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010/01/31 20:42:26 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
[2010/01/31 15:21:35 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\Download Manager.lnk
[2010/01/31 14:25:08 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2010/01/31 14:18:27 | 000,171,552 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
[2010/01/31 14:18:27 | 000,130,960 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2010/01/31 14:18:27 | 000,074,328 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2010/01/31 14:18:27 | 000,029,520 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2010/01/31 13:07:41 | 000,000,102 | ---- | M] () -- C:\Users\nick\Desktop\How To View My Pc Specs - Emuforums.com.URL
[2010/01/31 13:06:28 | 000,000,066 | ---- | M] () -- C:\Users\nick\Desktop\The next generation of NVIDIA GeForce GPU.URL
[2010/01/31 12:12:35 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010/01/31 12:09:54 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/01/31 11:49:31 | 000,001,055 | ---- | M] () -- C:\Users\nick\Desktop\Spybot - Search & Destroy.lnk
[2010/01/29 10:55:13 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/01/29 10:47:08 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/01/29 10:47:08 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/29 10:47:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/29 10:47:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/29 02:21:56 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010/01/29 02:21:50 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010/01/29 02:21:41 | 000,001,393 | ---- | M] () -- C:\Users\nick\Desktop\DivX Movies.lnk
[2010/01/27 05:38:23 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010/01/27 05:35:08 | 000,261,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/27 05:09:23 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/27 05:09:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/27 05:09:23 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/27 05:09:23 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/27 05:09:23 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/27 05:07:45 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/27 05:07:45 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2010/01/27 05:07:45 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/01/27 05:07:44 | 002,452,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/01/27 05:07:44 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/27 05:07:44 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/27 05:07:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/01/27 05:07:43 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/01/27 05:07:43 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/01/27 05:07:43 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/27 05:07:42 | 000,459,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/27 05:07:41 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/27 05:07:40 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/27 05:07:40 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/01/27 05:07:40 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/01/27 05:07:39 | 001,383,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/27 05:07:38 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/27 05:07:37 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/27 05:07:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/27 05:07:35 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/01/27 05:07:34 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/27 05:07:34 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/27 05:07:34 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/27 05:05:49 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010/01/27 05:05:49 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010/01/27 05:05:49 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/01/27 05:04:40 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/01/27 05:04:40 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2010/01/27 05:04:38 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2010/01/27 05:04:38 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/01/27 05:04:38 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ndptsp.tsp
[2010/01/27 05:04:38 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kmddsp.tsp
[2010/01/27 05:04:38 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll
[2010/01/27 05:04:38 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2010/01/27 05:04:37 | 000,564,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/01/27 05:04:37 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2010/01/27 05:04:37 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll
[2010/01/27 05:04:37 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2010/01/27 05:04:36 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll
[2010/01/27 05:04:36 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll
[2010/01/27 05:04:35 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/01/27 05:04:35 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2010/01/27 05:03:33 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/01/27 05:03:33 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/01/27 05:03:33 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/01/27 05:02:27 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2010/01/27 05:02:27 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2010/01/27 05:02:27 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2010/01/27 05:01:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/27 05:01:05 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/27 05:01:05 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/27 05:01:05 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/27 05:01:05 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/27 05:01:05 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/27 05:01:04 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/27 05:01:04 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/27 05:01:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/27 05:01:03 | 000,213,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/01/27 04:59:41 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/01/27 04:59:40 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2010/01/27 04:59:39 | 000,028,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2010/01/27 04:57:35 | 001,657,350 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2010/01/27 04:57:35 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/27 04:57:34 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/27 04:57:34 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/27 04:57:34 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/01/27 04:57:34 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/01/27 04:56:23 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/01/27 04:56:23 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/01/27 04:55:13 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/27 04:54:11 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/01/27 04:54:11 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010/01/27 04:53:11 | 002,855,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/27 04:53:11 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/01/27 04:53:11 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/01/27 04:53:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/01/27 04:53:10 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/27 04:53:10 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/01/27 04:51:53 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/27 04:37:01 | 000,500,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/27 04:37:01 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/01/27 04:34:59 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/01/27 04:34:59 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/01/27 04:33:55 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/01/27 04:30:59 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/01/27 04:30:04 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/27 04:29:03 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/01/27 04:28:06 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2010/01/27 04:28:05 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2010/01/27 04:28:05 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2010/01/27 04:28:05 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2010/01/27 04:25:05 | 001,244,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/01/27 04:25:05 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/27 04:25:05 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/27 04:25:04 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/27 04:25:04 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/27 04:25:04 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/27 04:25:04 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010/01/27 04:25:04 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2010/01/27 04:21:38 | 000,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/27 04:18:49 | 000,109,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/01/27 04:18:49 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/01/27 04:17:57 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/01/27 04:16:14 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2010/01/27 04:14:59 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010/01/27 04:14:59 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010/01/27 04:14:59 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010/01/27 04:14:59 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010/01/27 04:14:59 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010/01/27 04:14:59 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010/01/27 04:14:58 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010/01/27 04:14:58 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010/01/27 04:14:58 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010/01/27 04:14:57 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010/01/27 04:14:57 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010/01/27 04:14:57 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010/01/27 04:14:57 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010/01/27 04:14:56 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010/01/27 04:14:56 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010/01/27 04:14:56 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010/01/27 04:14:55 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010/01/27 04:14:55 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010/01/27 04:14:55 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010/01/27 04:14:54 | 012,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/01/27 04:14:54 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010/01/27 04:14:54 | 002,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/01/27 04:14:54 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010/01/27 04:14:53 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010/01/27 04:14:53 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010/01/27 04:14:53 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010/01/27 04:14:53 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010/01/27 04:14:52 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010/01/27 04:14:52 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010/01/27 04:14:52 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010/01/27 04:14:51 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010/01/27 04:14:51 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010/01/27 04:14:51 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010/01/27 04:14:51 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010/01/27 04:14:50 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010/01/27 04:14:50 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010/01/27 04:14:50 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010/01/27 04:14:50 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010/01/27 04:14:49 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010/01/27 04:14:49 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010/01/27 04:14:49 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010/01/27 04:14:49 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010/01/27 04:14:49 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010/01/27 04:14:48 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010/01/27 04:14:48 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010/01/27 04:14:48 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010/01/27 04:14:48 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010/01/27 04:14:48 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010/01/27 04:14:48 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010/01/27 04:14:48 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010/01/27 04:14:47 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010/01/27 04:14:47 | 003,464,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010/01/27 04:14:47 | 002,655,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010/01/27 04:14:47 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010/01/27 04:14:47 | 001,523,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010/01/27 04:14:46 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010/01/27 04:14:46 | 002,597,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010/01/27 04:14:46 | 002,241,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010/01/27 04:14:46 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010/01/27 04:14:46 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010/01/27 04:14:45 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010/01/27 04:14:45 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010/01/27 04:14:45 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010/01/27 04:14:45 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010/01/27 04:14:44 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010/01/27 04:14:44 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010/01/27 04:14:44 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2010/01/27 04:14:44 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010/01/27 04:14:44 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010/01/27 04:14:43 | 009,845,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010/01/27 04:14:43 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010/01/27 04:14:43 | 002,641,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010/01/27 04:14:43 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010/01/27 04:14:42 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010/01/27 04:14:42 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010/01/27 04:14:42 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010/01/27 04:14:42 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010/01/27 04:14:42 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/01/27 04:14:41 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010/01/27 04:14:41 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010/01/27 04:14:41 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010/01/27 04:11:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\i8042prt.sys.mui
[2010/01/27 04:11:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\sermouse.sys.mui
[2010/01/27 04:11:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouclass.sys.mui
[2010/01/27 04:11:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
[2010/01/27 04:11:00 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouhid.sys.mui
[2010/01/27 04:11:00 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdhid.sys.mui
[2010/01/27 04:10:57 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/01/27 04:10:57 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/01/27 04:10:57 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010/01/27 04:10:57 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010/01/27 04:10:56 | 000,944,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/01/27 04:10:56 | 000,905,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/01/27 04:10:56 | 000,620,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/01/27 04:10:56 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/01/27 04:10:55 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2010/01/27 04:10:55 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/01/27 04:10:55 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2010/01/27 04:10:55 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/01/27 04:10:54 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2010/01/27 04:10:54 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2010/01/27 04:10:54 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2010/01/27 04:10:54 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2010/01/27 04:10:52 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/01/27 04:10:52 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2010/01/27 04:10:52 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2010/01/27 04:10:52 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/01/27 04:09:22 | 000,654,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/27 04:09:22 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/27 04:09:21 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/27 04:09:20 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/27 04:09:20 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/27 04:09:20 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/27 04:08:24 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/01/27 04:05:59 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2010/01/27 04:05:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2010/01/27 04:05:59 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2010/01/27 04:05:12 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/01/27 04:05:12 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/01/27 04:04:18 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2010/01/27 04:04:18 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/01/27 04:04:18 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/01/27 04:04:17 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/01/27 04:04:17 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/01/27 04:04:17 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/01/27 04:04:16 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/01/27 04:03:20 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/01/27 04:03:19 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/01/27 04:03:19 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/01/27 04:02:08 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/27 04:02:08 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/27 03:58:15 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/01/27 03:58:15 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe
[2010/01/27 03:58:14 | 001,984,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/01/27 03:58:14 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/01/27 03:58:14 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2010/01/27 03:58:12 | 008,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2010/01/27 03:57:25 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/01/27 03:57:25 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010/01/27 03:56:44 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/27 03:56:02 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/01/27 03:56:02 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010/01/27 03:55:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/27 03:55:14 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/27 03:54:16 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2010/01/27 03:52:03 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2010/01/27 03:47:24 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/01/27 03:47:24 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/01/27 03:47:23 | 000,097,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/01/27 03:47:23 | 000,037,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/01/27 03:47:20 | 000,326,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/01/27 03:47:20 | 000,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/01/27 03:47:20 | 000,043,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/01/27 03:47:19 | 000,781,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/01/27 03:34:56 | 025,690,112 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/01/27 03:34:56 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/01/27 03:34:55 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/01/27 03:27:21 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/01/27 03:27:19 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/01/27 03:27:19 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/01/27 03:07:29 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/27 03:07:27 | 004,247,552 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/27 03:07:27 | 001,686,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/01/27 03:07:01 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/01/27 03:07:01 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/01/27 03:06:28 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010/01/27 03:05:56 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/01/27 03:05:43 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fs_rec.sys
[2010/01/27 03:05:43 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmi.dll
[2010/01/27 03:04:17 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/27 03:04:17 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/27 03:04:03 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/27 03:02:58 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/27 03:02:10 | 008,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/27 03:02:09 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/27 03:02:09 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/27 03:02:08 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/27 03:02:06 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/25 15:32:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/01/25 15:22:43 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/01/25 15:22:43 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/01/25 15:21:25 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/01/25 15:21:25 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/01/25 15:21:25 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/01/25 15:20:38 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/01/25 15:20:37 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/01/25 14:53:21 | 000,000,020 | -HS- | M] () -- C:\Users\nick\ntuser.ini
[2010/01/25 14:53:19 | 000,524,288 | -HS- | M] () -- C:\Users\nick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/01/25 14:53:19 | 000,524,288 | -HS- | M] () -- C:\Users\nick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/01/25 14:53:19 | 000,065,536 | -HS- | M] () -- C:\Users\nick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/25 14:32:05 | 000,000,169 | ---- | M] () -- C:\Windows\win.ini
[2010/01/25 14:29:45 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2010/01/25 14:28:37 | 000,160,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2010/01/25 14:28:37 | 000,160,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2010/01/25 14:28:37 | 000,134,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2010/01/25 14:27:27 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/01/25 14:26:56 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/01/25 14:24:13 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/01/25 14:24:13 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2010/01/25 14:24:13 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/01/25 14:16:45 | 000,000,004 | ---- | M] () -- C:\Windows\Pix11.dat
[2010/01/25 14:16:21 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\Gateway_GM5474_MCP61PM-AM_CCX7531000996.MRK
[2010/01/25 14:05:14 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/01/25 14:04:57 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2010/01/25 14:02:43 | 000,000,002 | RHS- | M] () -- C:\USER
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/16 22:02:20 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/02/16 06:02:28 | 000,000,680 | ---- | C] () -- C:\Users\nick\AppData\Local\d3d9caps.dat
[2010/02/15 02:14:54 | 000,049,834 | ---- | C] () -- C:\Users\nick\Desktop\status.do.htm
[2010/02/15 02:14:36 | 000,025,231 | ---- | C] () -- C:\Users\nick\Desktop\realpreview.do.htm
[2010/02/13 16:08:09 | 000,000,860 | ---- | C] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2010/02/13 15:57:24 | 000,000,805 | ---- | C] () -- C:\Users\nick\Desktop\Registry Doctor.lnk
[2010/02/11 02:27:01 | 045,682,627 | ---- | C] () -- C:\Users\nick\Desktop\xvideos.com_1072506f44880cd35b1227c46ebe82db.wmv
[2010/02/10 18:52:13 | 000,051,675 | ---- | C] () -- C:\Users\nick\Desktop\oatmeal craner.jpg
[2010/02/10 17:23:47 | 2145,902,592 | -HS- | C] () -- C:\hiberfil.sys
[2010/02/10 08:29:12 | 000,010,439 | ---- | C] () -- C:\Users\nick\Desktop\flower.gif
[2010/02/10 08:17:56 | 000,007,654 | ---- | C] () -- C:\Users\nick\Desktop\1265764616_tmp_Tree.jpg
[2010/02/06 12:06:55 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/02/06 12:01:34 | 000,001,874 | ---- | C] () -- C:\Users\nick\Desktop\HijackThis.lnk
[2010/02/03 07:50:41 | 000,093,880 | ---- | C] () -- C:\Users\nick\Desktop\2zfpi5h.jpg
[2010/02/03 05:44:24 | 000,093,880 | ---- | C] () -- C:\Users\nick\Desktop\18134_102083819822630_100000630371803_63064_6339974_n.jpg
[2010/02/03 05:40:59 | 000,156,500 | ---- | C] () -- C:\Users\nick\Desktop\Note.jpg
[2010/02/03 05:38:21 | 000,068,548 | ---- | C] () -- C:\Users\nick\Desktop\FishVille on Facebook.htm
[2010/02/03 05:37:44 | 000,856,528 | ---- | C] () -- C:\Users\nick\Documents\FishVille on Facebook.mht
[2010/02/03 05:16:32 | 000,001,111 | ---- | C] () -- C:\Users\nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/02/01 09:02:17 | 000,001,700 | ---- | C] () -- C:\Users\nick\Desktop\swkotor.ini
[2010/02/01 00:05:17 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars Knights of the Old Republic.lnk
[2010/01/31 21:13:51 | 000,001,853 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010/01/31 21:13:51 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010/01/31 20:24:23 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010/01/31 15:21:35 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\Download Manager.lnk
[2010/01/31 14:25:08 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2010/01/31 13:16:52 | 000,034,800 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/01/31 13:16:51 | 000,034,800 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/31 13:09:13 | 000,007,437 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010/01/31 13:07:41 | 000,000,102 | ---- | C] () -- C:\Users\nick\Desktop\How To View My Pc Specs - Emuforums.com.URL
[2010/01/31 13:06:28 | 000,000,066 | ---- | C] () -- C:\Users\nick\Desktop\The next generation of NVIDIA GeForce GPU.URL
[2010/01/31 12:09:53 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/01/31 11:49:31 | 000,001,055 | ---- | C] () -- C:\Users\nick\Desktop\Spybot - Search & Destroy.lnk
[2010/01/29 02:20:02 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010/01/29 02:19:55 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010/01/29 02:19:37 | 000,001,393 | ---- | C] () -- C:\Users\nick\Desktop\DivX Movies.lnk
[2010/01/27 05:04:37 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2010/01/27 04:57:35 | 001,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/01/27 03:29:41 | 025,690,112 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/01/27 03:29:41 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/01/27 03:29:41 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/01/25 16:16:03 | 000,020,480 | ---- | C] () -- C:\Users\nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/25 15:32:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/01/25 15:20:12 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/01/25 15:12:31 | 000,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2010/01/25 14:53:21 | 000,000,020 | -HS- | C] () -- C:\Users\nick\ntuser.ini
[2010/01/25 14:53:19 | 000,524,288 | -HS- | C] () -- C:\Users\nick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/01/25 14:53:19 | 000,524,288 | -HS- | C] () -- C:\Users\nick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/01/25 14:53:19 | 000,065,536 | -HS- | C] () -- C:\Users\nick\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/25 14:53:18 | 001,310,720 | -HS- | C] () -- C:\Users\nick\ntuser.dat
[2010/01/25 14:51:35 | 000,144,201 | ---- | C] () -- C:\Windows\System32\drivers\HSFProf.cty
[2010/01/25 14:16:45 | 000,000,004 | ---- | C] () -- C:\Windows\Pix11.dat
[2010/01/25 14:16:21 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\Gateway_GM5474_MCP61PM-AM_CCX7531000996.MRK
[2010/01/25 14:11:28 | 000,024,536 | ---- | C] () -- C:\Windows\System32\gateway.bmp
[2010/01/25 14:02:43 | 000,000,002 | RHS- | C] () -- C:\USER
[2006/11/22 17:16:18 | 000,003,612 | ---- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 13:50:06 | 000,000,037 | ---- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 04:46:10 | 001,376,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\msvbvm60.dll
[2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2010/01/27 04:04:18 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >


< MD5 for: AGP440.SYS >
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2010/01/27 04:18:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\System32\drivers\atapi.sys
[2010/01/27 04:18:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2010/01/27 04:18:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2010/01/27 04:18:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 02:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\System32\netlogon.dll
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2007/01/27 19:21:00 | 000,101,160 | ---- | M] (NVIDIA Corporation) MD5=4A9A6368BEF61C9608FE7CC21B1F8886 -- C:\WINDOWS\I386\DRV\SCS\nvstor32.sys
[2007/01/27 19:21:00 | 000,101,160 | ---- | M] (NVIDIA Corporation) MD5=4A9A6368BEF61C9608FE7CC21B1F8886 -- C:\WINDOWS\System32\drivers\nvstor32.sys
[2007/01/27 19:21:00 | 000,101,160 | ---- | M] (NVIDIA Corporation) MD5=4A9A6368BEF61C9608FE7CC21B1F8886 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvstor32.inf_54ba863a\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 02:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\System32\scecli.dll
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >

Edited by nicks75, 17 February 2010 - 07:08 PM.


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:18 PM

Posted 17 February 2010 - 07:34 PM

Hi,

have you recently done a system restore?

Could you please run sfc:

Please run a system file check.

Click Start > All Programs > Accessories then right-click Command Prompt and then click Run as Administrator. Then type in this command

sfc /scannow

Make sure to include the space between the first "c" and the "/".

This will run the System File checker and it will scan for corrupt or missing files. It may prompt you to insert the CD if it needs to obtain files.

Please post back when it has finished letting me know what it has reported.

As well as a scan with gmer:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

Have you burned a recovery Cd from your recovery partition, or do you only have the recovery partition?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 nicks75

nicks75
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 17 February 2010 - 08:48 PM

Well here is the system file check results. It wont let me copy it so I have to type it.

Verification 100% complete. Windows Resource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS.Log windir\Logs\CBS.log.
For example Windows\logs\CBS\CBS.log

I did try a system restore when I was having the problems with the computer booting from a start up, the restore didn't seem to fix anything. I will post again when I finish with your instructions with the GMER scan.

#6 nicks75

nicks75
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 17 February 2010 - 09:47 PM

Ok here's the GMER log.

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-17 21:43:16
Windows 6.0.6000
Running: u5re0ztw.exe; Driver: C:\Users\nick\AppData\Local\Temp\kxtdqpoc.sys


---- Modules - GMER 1.0.15 ----

Module (noname) (*** hidden *** ) 00400000-00400000 (0 bytes)

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 60: copy of MBR

---- EOF - GMER 1.0.15 ----


BTW I do not have recovery cd copy, just the partition.

Edited by nicks75, 17 February 2010 - 09:49 PM.


#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:18 PM

Posted 18 February 2010 - 07:42 AM

Hi,

Open Notepad and copy/paste the code box below into a new text file.
CODE
@echo off
findstr /C:"[SR] Cannot repair member file" %windir%\logs\cbs\cbs.log >"%userprofile%\Desktop\sfcdetails.txt"
"%userprofile%\Desktop\sfcdetails.txt"
  • Save the file as query.bat by choosing save as *All Files, and save it to your Desktop.
  • Locate "query.bat" and right-click it. Select run as administrator to execute it.
  • It will open a text file, please copy the content in your next reply.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 nicks75

nicks75
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 18 February 2010 - 05:40 PM

Hello myrti

I followed the instructions as written and when I run the query.bat file two windows open, 1 looks like a command prompt window with C:Windows\system32\cmd.exe in the header and the other is a notepad with sfcdetails.txt in the header, both have no text to copy. Ive tried deleting the file and redoing it 4 times in case I was doing something wrong but getting the same result each time.

In case I am misunderstanding something. I open notepad click file and choose new, and copy and paste the code @echo off
findstr /C:"[SR] Cannot repair member file" %windir%\logs\cbs\cbs.log >"%userprofile%\Desktop\sfcdetails.txt"
"%userprofile%\Desktop\sfcdetails.txt" into notepad.

I then click "file", "save as" where is says "save as type" I choose "all files" next to "file name" I type query.bat

I then close the notepad and right click query.bat on my desktop and run as administer.

#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:18 PM

Posted 18 February 2010 - 06:00 PM

Hi,

it is possible that the log may be empty. However I did not expect it to be.
Please try the following:

Open Notepad and copy/paste the code box below into a new text file.
CODE
@echo off
echo "this file should not be empty" >"%userprofile%\Desktop\sfcdetails.txt"
findstr /C:"[SR]" %windir%\logs\cbs\cbs.log >>"%userprofile%\Desktop\sfcdetails.txt"
"%userprofile%\Desktop\sfcdetails.txt"
  • Save the file as query.bat by choosing save as *All Files, and save it to your Desktop.
  • Locate "query.bat" and right-click it. Select run as administrator to execute it.
  • It will open a text file, please copy the content in your next reply.
The file that opens (the notepad one, not the cmd one) should at least contain the line "this file should not be empty". Is that the case?
regards myrti


is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#10 nicks75

nicks75
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 18 February 2010 - 07:05 PM

lol, yeah it did say that and a little more. I'm wondering if this is what it should have said the first time.

"this file should not be empty"
2010-02-17 20:17:37, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:17:37, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2010-02-17 20:17:41, Info CSI 00000009 [SR] Verify complete
2010-02-17 20:17:42, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
2010-02-17 20:17:42, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2010-02-17 20:17:47, Info CSI 0000000d [SR] Verify complete
2010-02-17 20:17:48, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
2010-02-17 20:17:48, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2010-02-17 20:17:49, Info CSI 00000011 [SR] Verify complete
2010-02-17 20:17:50, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:17:50, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2010-02-17 20:17:52, Info CSI 00000015 [SR] Verify complete
2010-02-17 20:17:53, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:17:53, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2010-02-17 20:17:54, Info CSI 00000019 [SR] Verify complete
2010-02-17 20:17:55, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
2010-02-17 20:17:55, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2010-02-17 20:17:56, Info CSI 0000001d [SR] Verify complete
2010-02-17 20:17:57, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
2010-02-17 20:17:57, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2010-02-17 20:17:58, Info CSI 00000021 [SR] Verify complete
2010-02-17 20:17:59, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:17:59, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:01, Info CSI 00000025 [SR] Verify complete
2010-02-17 20:18:02, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:02, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:04, Info CSI 00000029 [SR] Verify complete
2010-02-17 20:18:05, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:05, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:06, Info CSI 0000002d [SR] Verify complete
2010-02-17 20:18:07, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:07, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:09, Info CSI 00000031 [SR] Verify complete
2010-02-17 20:18:10, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:10, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:13, Info CSI 00000035 [SR] Verify complete
2010-02-17 20:18:13, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:13, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:18, Info CSI 00000039 [SR] Verify complete
2010-02-17 20:18:18, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:18, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:21, Info CSI 0000003e [SR] Verify complete
2010-02-17 20:18:22, Info CSI 0000003f [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:22, Info CSI 00000040 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:26, Info CSI 00000043 [SR] Verify complete
2010-02-17 20:18:26, Info CSI 00000044 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:26, Info CSI 00000045 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:31, Info CSI 00000047 [SR] Verify complete
2010-02-17 20:18:32, Info CSI 00000048 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:32, Info CSI 00000049 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:41, Info CSI 00000053 [SR] Verify complete
2010-02-17 20:18:41, Info CSI 00000054 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:41, Info CSI 00000055 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:45, Info CSI 00000057 [SR] Verify complete
2010-02-17 20:18:46, Info CSI 00000058 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:46, Info CSI 00000059 [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:50, Info CSI 0000005b [SR] Verify complete
2010-02-17 20:18:51, Info CSI 0000005c [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:51, Info CSI 0000005d [SR] Beginning Verify and Repair transaction
2010-02-17 20:18:55, Info CSI 0000005f [SR] Verify complete
2010-02-17 20:18:56, Info CSI 00000060 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:18:56, Info CSI 00000061 [SR] Beginning Verify and Repair transaction
2010-02-17 20:19:03, Info CSI 00000063 [SR] Verify complete
2010-02-17 20:19:04, Info CSI 00000064 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:19:04, Info CSI 00000065 [SR] Beginning Verify and Repair transaction
2010-02-17 20:19:13, Info CSI 00000069 [SR] Verify complete
2010-02-17 20:19:14, Info CSI 0000006a [SR] Verifying 100 (0x00000064) components
2010-02-17 20:19:14, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2010-02-17 20:19:26, Info CSI 0000006d [SR] Verify complete
2010-02-17 20:19:27, Info CSI 0000006e [SR] Verifying 100 (0x00000064) components
2010-02-17 20:19:27, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2010-02-17 20:19:38, Info CSI 00000071 [SR] Verify complete
2010-02-17 20:19:39, Info CSI 00000072 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:19:39, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2010-02-17 20:19:42, Info CSI 00000075 [SR] Verify complete
2010-02-17 20:19:43, Info CSI 00000076 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:19:43, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2010-02-17 20:19:45, Info CSI 00000079 [SR] Verify complete
2010-02-17 20:19:46, Info CSI 0000007a [SR] Verifying 100 (0x00000064) components
2010-02-17 20:19:46, Info CSI 0000007b [SR] Beginning Verify and Repair transaction
2010-02-17 20:19:48, Info CSI 0000007d [SR] Verify complete
2010-02-17 20:19:49, Info CSI 0000007e [SR] Verifying 100 (0x00000064) components
2010-02-17 20:19:49, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:00, Info CSI 0000009d [SR] Verify complete
2010-02-17 20:20:00, Info CSI 0000009e [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:00, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:01, Info CSI 000000a1 [SR] Verify complete
2010-02-17 20:20:02, Info CSI 000000a2 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:02, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:05, Info CSI 000000a5 [SR] Verify complete
2010-02-17 20:20:06, Info CSI 000000a6 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:06, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:07, Info CSI 000000a9 [SR] Verify complete
2010-02-17 20:20:08, Info CSI 000000aa [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:08, Info CSI 000000ab [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:15, Info CSI 000000ad [SR] Verify complete
2010-02-17 20:20:16, Info CSI 000000ae [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:16, Info CSI 000000af [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:22, Info CSI 000000b1 [SR] Verify complete
2010-02-17 20:20:23, Info CSI 000000b2 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:23, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:27, Info CSI 000000b5 [SR] Verify complete
2010-02-17 20:20:28, Info CSI 000000b6 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:28, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:32, Info CSI 000000b9 [SR] Verify complete
2010-02-17 20:20:32, Info CSI 000000ba [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:32, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:37, Info CSI 000000bd [SR] Verify complete
2010-02-17 20:20:38, Info CSI 000000be [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:38, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:46, Info CSI 000000c1 [SR] Verify complete
2010-02-17 20:20:47, Info CSI 000000c2 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:47, Info CSI 000000c3 [SR] Beginning Verify and Repair transaction
2010-02-17 20:20:59, Info CSI 000000e8 [SR] Verify complete
2010-02-17 20:20:59, Info CSI 000000e9 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:20:59, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2010-02-17 20:21:07, Info CSI 000000ec [SR] Verify complete
2010-02-17 20:21:08, Info CSI 000000ed [SR] Verifying 100 (0x00000064) components
2010-02-17 20:21:08, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2010-02-17 20:21:27, Info CSI 000000f0 [SR] Verify complete
2010-02-17 20:21:28, Info CSI 000000f1 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:21:28, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2010-02-17 20:21:39, Info CSI 000000f4 [SR] Verify complete
2010-02-17 20:21:40, Info CSI 000000f5 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:21:40, Info CSI 000000f6 [SR] Beginning Verify and Repair transaction
2010-02-17 20:21:45, Info CSI 000000f8 [SR] Verify complete
2010-02-17 20:21:46, Info CSI 000000f9 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:21:46, Info CSI 000000fa [SR] Beginning Verify and Repair transaction
2010-02-17 20:21:50, Info CSI 000000fc [SR] Verify complete
2010-02-17 20:21:51, Info CSI 000000fd [SR] Verifying 100 (0x00000064) components
2010-02-17 20:21:51, Info CSI 000000fe [SR] Beginning Verify and Repair transaction
2010-02-17 20:21:57, Info CSI 00000101 [SR] Verify complete
2010-02-17 20:21:58, Info CSI 00000102 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:21:58, Info CSI 00000103 [SR] Beginning Verify and Repair transaction
2010-02-17 20:22:10, Info CSI 00000105 [SR] Verify complete
2010-02-17 20:22:10, Info CSI 00000106 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:22:10, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2010-02-17 20:22:17, Info CSI 00000109 [SR] Verify complete
2010-02-17 20:22:18, Info CSI 0000010a [SR] Verifying 100 (0x00000064) components
2010-02-17 20:22:18, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2010-02-17 20:22:24, Info CSI 0000010d [SR] Verify complete
2010-02-17 20:22:25, Info CSI 0000010e [SR] Verifying 100 (0x00000064) components
2010-02-17 20:22:25, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2010-02-17 20:22:33, Info CSI 00000111 [SR] Verify complete
2010-02-17 20:22:34, Info CSI 00000112 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:22:34, Info CSI 00000113 [SR] Beginning Verify and Repair transaction
2010-02-17 20:22:39, Info CSI 00000115 [SR] Verify complete
2010-02-17 20:22:40, Info CSI 00000116 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:22:40, Info CSI 00000117 [SR] Beginning Verify and Repair transaction
2010-02-17 20:22:52, Info CSI 00000119 [SR] Verify complete
2010-02-17 20:22:53, Info CSI 0000011a [SR] Verifying 100 (0x00000064) components
2010-02-17 20:22:53, Info CSI 0000011b [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:05, Info CSI 0000011e [SR] Verify complete
2010-02-17 20:23:06, Info CSI 0000011f [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:06, Info CSI 00000120 [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:12, Info CSI 00000122 [SR] Verify complete
2010-02-17 20:23:13, Info CSI 00000123 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:13, Info CSI 00000124 [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:19, Info CSI 00000126 [SR] Verify complete
2010-02-17 20:23:19, Info CSI 00000127 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:19, Info CSI 00000128 [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:24, Info CSI 0000012a [SR] Verify complete
2010-02-17 20:23:25, Info CSI 0000012b [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:25, Info CSI 0000012c [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:31, Info CSI 0000012e [SR] Verify complete
2010-02-17 20:23:32, Info CSI 0000012f [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:32, Info CSI 00000130 [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:40, Info CSI 00000132 [SR] Verify complete
2010-02-17 20:23:41, Info CSI 00000133 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:41, Info CSI 00000134 [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:44, Info CSI 00000136 [SR] Verify complete
2010-02-17 20:23:45, Info CSI 00000137 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:45, Info CSI 00000138 [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:49, Info CSI 0000013a [SR] Verify complete
2010-02-17 20:23:50, Info CSI 0000013b [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:50, Info CSI 0000013c [SR] Beginning Verify and Repair transaction
2010-02-17 20:23:55, Info CSI 0000013e [SR] Verify complete
2010-02-17 20:23:56, Info CSI 0000013f [SR] Verifying 100 (0x00000064) components
2010-02-17 20:23:56, Info CSI 00000140 [SR] Beginning Verify and Repair transaction
2010-02-17 20:24:01, Info CSI 00000142 [SR] Verify complete
2010-02-17 20:24:01, Info CSI 00000143 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:24:01, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2010-02-17 20:24:06, Info CSI 00000146 [SR] Verify complete
2010-02-17 20:24:07, Info CSI 00000147 [SR] Verifying 100 (0x00000064) components
2010-02-17 20:24:07, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2010-02-17 20:24:11, Info CSI 0000014a [SR] Verify complete
2010-02-17 20:24:12, Info CSI 0000014b [SR] Verifying 100 (0x00000064) components
2010-02-17 20:24:12, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2010-02-17 20:24:15, Info CSI 0000014e [SR] Verify complete
2010-02-17 20:24:16, Info CSI 0000014f [SR] Verifying 100 (0x00000064) components
2010-02-17 20:24:16, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2010-02-17 20:24:21, Info CSI 00000152 [SR] Verify complete
2010-02-17 20:24:21, Info CSI 00000153 [SR] Verifying 4 components
2010-02-17 20:24:21, Info CSI 00000154 [SR] Beginning Verify and Repair transaction
2010-02-17 20:24:21, Info CSI 00000156 [SR] Verify complete
2010-02-17 20:24:21, Info CSI 00000157 [SR] Repairing 0 components
2010-02-17 20:24:21, Info CSI 00000158 [SR] Beginning Verify and Repair transaction
2010-02-17 20:24:21, Info CSI 0000015a [SR] Repair complete


#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:18 PM

Posted 19 February 2010 - 07:48 AM

Hi,

no, I was looking for more specific lines due to the fact that sfc said that some files could not be repaired. But apparently those haven't been logged.


Please run a scan with rootrepeal next:
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract the contents of RootRepeal.zip, to your desktop.
  • Double click on your desktop.
  • Click on the report tab, then click scan
  • Check all seven boxes:
    Drivers
    Files
    Processes
    SSDT
    Stealth Objects
    Hidden Services
    Shadow SSDT
  • Click Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, Click the Save Report button. Save the log as RootRepeal.txt and post it in your next reply.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 nicks75

nicks75
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 23 February 2010 - 06:57 PM

My apologies for the delay, finally getting some much needed OT at work. I downloaded the file and opened the link. I get error windows that pop up when I do.

"FOPS-DeviceIoControl Error! Error Code =0xc0000024
Extended info (0x000000e8)"

When I click details on the window it lets me save a .txt to my documents and that reads

18:42:21: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x000000e8)
18:42:21: DeviceIoControl Error! Error Code = 0x1e7
18:42:21: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x000000e8)
18:48:59: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x000000e8)
18:48:59: DeviceIoControl Error! Error Code = 0x1e7
18:48:59: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x000000e8)


It does let me click the report tab and do what you instructed and and I get..

"Could not initialize driver Please contact the author!"

"Error dumping SSDT (0xc0000024)!"

Then the process stops working and closes.

#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:18 PM

Posted 26 February 2010 - 09:09 AM

Hi,

could you please try the following settings to run RootRepeal:
Please start RootRepeal, and, before doing anything else, try changing the "Disk Access Level" in the Settings->Options dialog. Try moving it to the "Special" or "High" level. Also, click on the Files tab, and uncheck "Use lowest level for MBR check". Please let me know if this fixes the problem.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:18 PM

Posted 06 March 2010 - 04:12 PM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users