Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer is very slow & network services not working


  • This topic is locked This topic is locked
47 replies to this topic

#1 paperstars

paperstars

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 31 August 2010 - 12:59 PM

Hi all,

On my brother's computer, he is unable to switch users when he is already logged into an account. His computer is running Windows XP. The computer is also very slow, and upon logging in, the icons take a long time to load (about 8-10 minutes). This problem has been going on for about a year now. I also get a message saying

QUOTE
"Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience."


Apparently, he had been trying to restore TCP/IP files last night, but it didn't work and he got this error message as a result. I suspect this might be malware, so I was wondering if someone could check these logs and see if it is malware or something else that would be causing the problem.

This might also be related; the internet and network services no longer work on his computer. A few days ago, he was on WinRAR Archiver, and he suspects he might have deleted some important files there to cause the internet not to work. But also, possibly that might not have caused the problem.

I'm on my computer now, and transferring the data logs through a USB driver. DDS log is below.


------------------------------------


DDS (Ver_10-03-17.01) - NTFSx86
Run by Nelson at 1:30:36.15 on 01/01/2003
Internet Explorer: 6.0.2900.2055
Microsoft Windows XP Home Edition 5.1.2600.2.1252.2.1033.18.1022.461 [GMT -3.5:30]


============== Running Processes ===============

C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k xmlprov
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\VBTUCopy\VBTUCopy.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Microsoft Encarta\Encarta Premium DVD 2006\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\twain_32\LGTWAIN\LGWAKEUP.EXE
C:\Program Files\PrintKey2000\Printkey2000.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
K:\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
mDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mCustomizeSearch =
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: Encarta Web Companion Helper Object: {955be0b8-bc85-4caf-856e-8e0d8b610560} - c:\program files\common files\microsoft shared\encarta web companion\ENCWCBAR.DLL
BHO: IeCatch2 Class: {a5366673-e8ca-11d3-9cd9-0090271d075b} - c:\progra~1\flashget\jccatch.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-ca\msntb.dll
TB: FlashGet Bar: {e0e899ab-f487-11d5-8d29-0050ba6940e3} - c:\progra~1\flashget\fgiebar.dll
TB: Encarta Web Companion: {147d6308-0614-4112-89b1-31402f9b82c4} - c:\program files\common files\microsoft shared\encarta web companion\ENCWCBAR.DLL
TB: PopUpCop: {db43e4e6-ff8a-4018-8c8e-f68587a44a73} - c:\progra~1\popupcop\PopUpCop.dll
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-ca\msntb.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
uRun: [E06AXLRD_327421] "c:\program files\microsoft encarta\encarta premium dvd 2006\EDICT.EXE" -m
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [<NO NAME>]
uRun: [NokiaOviSuite2] c:\program files\nokia\nokia ovi suite\NokiaOviSuite.exe -tray
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [IntelliType] "c:\program files\microsoft hardware\keyboard\type32.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [CloneCDElbyCDFL] "c:\program files\elaborate bytes\clonecd\ElbyCheck.exe" /L ElbyCDFL
mRun: [CloneCDTray] "c:\program files\elaborate bytes\clonecd\CloneCDTray.exe"
mRun: [MsgCenterExe] "c:\program files\common files\real\update_ob\RealOneMessageCenter.exe" -osboot
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [WinDVR SchSvr] "c:\program files\common files\intervideo\schsvr\SchSvr.exe"
mRun: [IESAddr]
mRun: [Norton Ghost 9.0] c:\program files\symantec\norton ghost\agent\GhostTray.exe
mRun: [CdnCtr] c:\program files\cnnic\cdn\cdnup.exe
mRun: [snpstd3] c:\windows\vsnpstd3.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [SetDefPrt] c:\program files\brother\brmfl06a\BrStDvPt.exe
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [VBTUCopy] c:\program files\vbtucopy\VBTUCopy.exe /a /f
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MP10_EnsureFileVer] c:\windows\inf\unregmp2.exe /EnsureFileVersions
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\windows\twain_32\lgtwain\LGWAKEUP.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\printk~1.lnk - c:\program files\printkey2000\Printkey2000.exe
IE: >> 彩信发送 << - c:\progra~1\mmsass~1\MMSASS~1.DLL/mms.htm
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Open Image in New Window - c:\progra~1\popupcop\popupcop.dll/imagenew
IE: 发送图片到手机 - c:\progra~1\p4p\cx.htm
IE: 使用搜狗直通车下载 - c:\progra~1\p4p\dl.htm
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\progra~1\flashget\flashget.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0EC4C9E3-EC6A-11CF-8E3B-444553540000} - file://j:\setup\RiffLick.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - hxxp://software-dl.real.com/1929553523124bbaad05/netzip/RdxIE601.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1271893512296
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: AtiExtEvent - Ati2evxx.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {26B32D3D-7EC3-000F-A6CC-8812EAB40A05} - c:\windows\System32:explore.exe

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\nelson\applic~1\mozilla\firefox\profiles\w0ujun6t.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://radiobar.toolbarhome.com/search.aspx?srch=ku&q=
FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 PQV2i;PQV2i;c:\windows\system32\drivers\PQV2i.sys [2004-7-29 138780]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2004-1-31 75904]
R1 PQIMount;PQIMount;c:\windows\system32\drivers\PQIMount.sys [2004-7-29 46779]
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-4-8 185968]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-4-8 161392]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2005-4-17 1706176]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20100825.002\naveng.sys [2010-8-25 85424]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20100825.002\navex15.sys [2010-8-25 1362608]
S1 acebicci;acebicci;\??\c:\windows\system32\drivers\acebicci.sys --> c:\windows\system32\drivers\acebicci.sys [?]
S1 aficgcfj;aficgcfj;\??\c:\windows\system32\drivers\aficgcfj.sys --> c:\windows\system32\drivers\aficgcfj.sys [?]
S1 afjbicej;afjbicej;\??\c:\windows\system32\drivers\afjbicej.sys --> c:\windows\system32\drivers\afjbicej.sys [?]
S1 aggbhgec;aggbhgec;\??\c:\windows\system32\drivers\aggbhgec.sys --> c:\windows\system32\drivers\aggbhgec.sys [?]
S1 aiihgijh;aiihgijh;\??\c:\windows\system32\drivers\aiihgijh.sys --> c:\windows\system32\drivers\aiihgijh.sys [?]
S1 ajefidef;ajefidef;\??\c:\windows\system32\drivers\ajefidef.sys --> c:\windows\system32\drivers\ajefidef.sys [?]
S1 eehbhegf;eehbhegf;\??\c:\windows\system32\drivers\eehbhegf.sys --> c:\windows\system32\drivers\eehbhegf.sys [?]
S1 fccheeic;fccheeic;\??\c:\windows\system32\drivers\fccheeic.sys --> c:\windows\system32\drivers\fccheeic.sys [?]
S1 hheggjfd;hheggjfd;\??\c:\windows\system32\drivers\hheggjfd.sys --> c:\windows\system32\drivers\hheggjfd.sys [?]
S1 ibfgfcbi;ibfgfcbi;\??\c:\windows\system32\drivers\ibfgfcbi.sys --> c:\windows\system32\drivers\ibfgfcbi.sys [?]
S1 ijbfgfbf;ijbfgfbf;\??\c:\windows\system32\drivers\ijbfgfbf.sys --> c:\windows\system32\drivers\ijbfgfbf.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-14 135664]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2005-4-8 83568]
S3 EraserUtilDrv10621;EraserUtilDrv10621;\??\c:\program files\common files\symantec shared\eengine\eraserutildrv10621.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrv10621.sys [?]
S3 EraserUtilDrv10733;EraserUtilDrv10733;\??\c:\program files\common files\symantec shared\eengine\eraserutildrv10733.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrv10733.sys [?]
S3 Ip6FwHlp;IPv6 Internet Connection Firewall;c:\windows\system32\svchost.exe -k netsvcs [2007-11-3 13824]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-8-21 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-8-21 8320]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2005-4-17 124608]

=============== Created Last 30 ================

2010-08-22 15:27:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-08-22 00:18:25 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-08-21 20:47:38 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-08-21 20:47:27 0 d-----w- c:\program files\PC Connectivity Solution
2010-08-21 20:45:47 217118 -c----w- c:\windows\system32\dllcache\apphelp.sdb
2010-08-21 20:45:47 1197294 -c----w- c:\windows\system32\dllcache\sysmain.sdb
2010-08-21 20:44:21 0 d-----w- c:\windows\system32\LogFiles
2010-08-21 20:42:25 0 d-----w- c:\docume~1\alluse~1\applic~1\NokiaInstallerCache
2010-08-21 20:03:25 24192 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-08-21 20:03:25 24192 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-08-21 20:02:49 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-08-21 20:02:46 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-08-21 20:02:33 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-08-21 20:00:06 0 d-----w- c:\docume~1\alluse~1\applic~1\Nokia
2010-08-21 19:55:27 8320 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2010-08-21 19:55:26 137344 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2010-08-21 19:55:24 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-08-21 19:55:23 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-08-21 19:55:22 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-08-21 19:55:20 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-08-21 19:55:20 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-08-21 19:55:20 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2010-08-21 19:55:06 92672 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-08-21 19:54:02 0 d-----w- c:\program files\Nokia
2010-08-21 19:54:02 0 d-----w- c:\program files\common files\Nokia
2010-08-21 19:53:34 0 d-----w- c:\program files\MSXML 6.0
2010-07-09 18:37:34 0 d-----w- c:\docume~1\nelson\applic~1\SharePod
2010-06-30 03:28:54 54156 ---ha-w- c:\windows\QTFont.qfn
2010-06-30 03:28:54 1409 ----a-w- c:\windows\QTFont.for
2010-06-30 02:26:44 15464 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-06-30 02:26:44 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-06-29 02:39:31 0 d-----w- c:\program files\uTorrent
2010-06-29 02:38:00 0 d-----w- c:\docume~1\nelson\applic~1\uTorrent
2010-06-17 07:24:53 0 d-----w- C:\Nexon
2010-06-13 23:29:47 0 ----a-w- c:\windows\brmx2001.ini
2010-06-13 23:29:47 0 ----a-w- c:\program files\error.dat
2010-06-13 23:29:17 3144 -c----w- c:\windows\system32\dllcache\srgb.icm
2010-06-13 23:29:06 45056 ------w- c:\windows\system32\PtrcENG.dll
2010-06-10 09:49:59 19188 ----a-w- c:\windows\Q883956Readme.rtf
2010-06-10 08:56:05 0 d-----w- c:\docume~1\alluse~1\applic~1\NexonUS
2010-06-10 07:06:06 0 d-----w- c:\docume~1\alluse~1\applic~1\PMB Files
2010-06-10 07:05:41 0 d-----w- c:\program files\Pando Networks
2010-05-18 19:38:33 0 d-----w- C:\USA_Canada_and_Mexico_P_845_2670
2010-05-17 01:38:39 204 ----a-w- C:\10 Claude Disc2.iso.adp
2010-05-17 00:29:28 1013248 ----a-w- C:\2010 Claude Berthiaume 2nd Disc.dwz
2010-05-16 20:46:20 361984 ----a-w- C:\2010 Claude Berthiaume 1st Disc 4 class.dwz
2010-05-16 20:22:27 1207296 ----a-w- C:\2010 Claude Berthiaume 1st Disc.dwz
2010-04-23 09:50:44 162 ---ha-w- C:\~$cket Richard.doc
2010-04-23 04:31:47 19968 ----a-w- C:\Rocket Richard.doc
2010-04-21 23:46:03 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2010-04-14 19:41:19 0 d-----w- c:\docume~1\nelson\applic~1\Malwarebytes
2010-04-14 19:41:04 38224 ------w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-14 19:41:02 20824 ------w- c:\windows\system32\drivers\mbam.sys
2010-04-14 19:41:02 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-14 19:41:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-04-14 12:56:58 1837296 ----a-w- c:\windows\system32\WUDFUpdate_01009.dll
2010-04-11 12:16:58 0 d-----w- c:\program files\Excite Prime Ministers CD
2010-04-11 12:16:38 27136 ------w- c:\windows\system32\VbMCHook.dll
2010-04-11 12:16:37 188416 ------w- c:\windows\system32\VbMediaControl.ocx
2010-04-11 12:16:37 1294336 ------w- c:\windows\system32\Cgrm_en.dll
2010-04-11 12:16:36 0 d-----w- c:\program files\TCE-LEC 2000
2010-04-02 01:46:55 0 d-----w- c:\windows\SxsCaPendDel
2010-04-02 00:37:03 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-01 20:54:36 69 ----a-w- c:\windows\NeroDigital.ini
2010-03-22 22:43:52 0 d-----w- c:\program files\MSXML 4.0
2010-03-22 22:42:57 0 d-----w- c:\program files\Datel
2010-03-22 22:41:00 0 d-----w- c:\program files\Windows Journal Viewer
2010-03-22 22:37:44 19805 ------w- c:\windows\system32\drivers\usbio.sys
2010-03-18 00:23:42 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-03-18 00:23:42 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-03-14 18:32:23 0 d-----w- c:\windows\.jagex_cache_32
2010-03-11 22:10:42 0 d-s---w- c:\documents and settings\nelson\UserData
2010-03-11 20:06:39 0 d-----w- c:\documents and settings\nelson\Tracing
2010-02-20 18:10:21 0 d-----w- c:\program files\Microsoft
2010-02-20 18:10:03 0 d-----w- c:\program files\Windows Live SkyDrive
2010-02-20 18:08:28 0 d-----w- c:\program files\common files\Windows Live
2010-02-14 22:30:57 719872 ----a-w- c:\windows\system32\devil.dll
2010-02-14 22:30:57 399360 ----a-w- c:\windows\system32\Smab.dll
2010-02-14 22:30:57 318976 ----a-w- c:\windows\system32\avisynth.dll
2010-02-14 22:30:56 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2010-02-14 22:30:56 70656 ----a-w- c:\windows\system32\i420vfw.dll
2010-02-14 22:30:56 66560 ----a-w- c:\windows\MOTA113.exe
2010-02-14 22:30:56 27648 ----a-w- c:\windows\system32\AVSredirect.dll
2010-02-14 22:30:55 240128 ----a-w- c:\windows\system32\x.264.exe
2010-02-14 22:30:54 502784 ----a-w- c:\windows\x2.64.exe
2010-02-14 22:30:54 217073 ----a-w- c:\windows\meta4.exe
2010-02-14 22:30:53 0 d-----w- c:\program files\AviSynth 2.5
2010-02-14 22:17:35 0 d-----w- c:\program files\eRightSoft
2010-02-07 22:40:33 0 d-sh--w- C:\found.001
2009-10-12 06:30:22 421888 ----a-w- c:\windows\system32\RealMediaSplitter.ax
2009-08-06 21:53:28 209624 -c----w- c:\windows\system32\dllcache\wuweb.dll
2009-07-26 20:14:56 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-14 13:05:16 444136 ------w- c:\windows\system32\drivers\wdf01000.sys
2009-07-14 13:05:16 37608 ------w- c:\windows\system32\drivers\wdfldr.sys
2009-07-13 20:46:22 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2007-12-21 23:45:28 0 d-----w- c:\windows\system32\NtmsData
2007-12-18 20:04:20 6144 --sh--w- C:\Thumbs.db
2007-12-10 01:05:50 0 d-----w- c:\program files\common files\Macrovision Shared
2007-12-10 00:16:51 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2007-12-10 00:16:46 364544 ------w- c:\windows\system32\TwnLib4.dll
2007-12-10 00:16:45 471040 ------w- c:\windows\system32\ImagXRA7.dll
2007-12-10 00:16:45 262144 ------w- c:\windows\system32\ImagXR7.dll
2007-12-10 00:16:44 476320 ------w- c:\windows\system32\ImagXpr7.dll
2007-12-10 00:16:44 1568768 ------w- c:\windows\system32\ImagX7.dll
2007-12-10 00:16:42 38912 ------w- c:\windows\system32\picn20.dll
2007-12-10 00:16:31 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2007-12-09 22:13:59 0 d-sh--w- C:\found.000
2007-12-05 22:07:41 0 d-----w- c:\docume~1\nelson\applic~1\Zeon
2007-11-10 22:11:40 0 d-----w- c:\program files\Windows Installer Clean Up
2007-11-10 22:11:30 0 d-----w- c:\program files\MSECACHE
2007-11-04 23:33:44 0 d-----w- C:\PaperPort
2007-11-04 00:28:25 60 ----a-w- c:\windows\system32\SYSDRV.DAT
2007-11-04 00:19:05 0 ----a-w- C:\SMINST
2007-11-04 00:18:57 0 d-----w- c:\windows\CACHE
2007-11-03 21:32:16 0 d-----w- c:\windows\system32\wbem\AutoRecover
2007-11-03 21:27:59 68608 ----a-w- c:\windows\system32\dsdmoprp.dll
2007-11-03 21:26:33 19314 ----a-w- c:\windows\003535_.tmp
2007-11-03 16:51:57 19840 -c----w- c:\windows\system32\dllcache\ramdisk.sys
2007-11-03 16:49:59 58880 ----a-w- c:\windows\system32\SET4D1.tmp
2007-11-03 16:48:39 19314 ----a-w- c:\windows\001790_.tmp
2007-10-08 13:08:05 0 d-----w- c:\program files\MagicISO
2007-09-26 18:56:13 81 ----a-w- c:\windows\bi_group.ini
2007-09-22 01:01:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Azureus
2007-09-12 22:54:02 75 ----a-w- c:\windows\winDecrypt.INI
2007-09-03 11:38:23 0 d-----w- c:\program files\vanBasco's Karaoke Player
2007-08-20 01:30:16 0 d-----w- c:\program files\NeoTracePro
2007-08-18 09:50:32 25600 ------w- c:\windows\system32\verclsid.exe
2007-08-07 23:34:36 0 d-----w- c:\windows\Motive
2007-08-07 23:34:32 0 d-----w- c:\program files\common files\Motive
2007-08-07 23:34:13 0 d-----w- c:\program files\Motive
2007-08-07 23:34:13 0 d-----w- c:\program files\Aliant
2007-08-07 23:25:34 0 d-----w- c:\docume~1\alluse~1\applic~1\MotiveSysIDs
2007-08-07 23:25:19 87040 ----a-w- c:\windows\system32\WebFlowIDPersist.dll
2007-08-07 23:25:19 86016 ----a-w- c:\windows\system32\BJInstaller.dll
2007-08-07 23:25:19 73728 ----a-w- c:\windows\system32\BinaryAggregator1.dll
2007-08-07 23:25:19 40448 ----a-w- c:\windows\system32\BJAXSecurityManager.dll
2007-08-07 23:25:19 37376 ----a-w- c:\windows\system32\ReportReader.dll
2007-08-07 23:25:19 327680 ----a-w- c:\windows\system32\snmpaxctrl.dll
2007-08-07 23:25:19 1069056 ----a-w- c:\windows\system32\ActiveUtils.dll
2007-08-07 23:24:34 3262 ------w- c:\windows\app.ico
2007-08-07 23:21:06 6345 ----a-r- c:\windows\system32\DevMngr.vxd
2007-06-19 20:44:06 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2007-06-19 20:44:06 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2007-06-19 20:44:06 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2007-06-19 20:04:48 0 d-----w- c:\docume~1\alluse~1\applic~1\ViceVersa PRO 2
2007-06-19 20:02:36 0 d-----w- c:\program files\ViceVersa Pro 2
2007-06-19 16:50:01 0 d-----w- c:\program files\VBTUCopy
2007-06-19 16:46:12 0 d-----w- c:\program files\VIA
2007-06-19 16:24:19 32 ----a-w- c:\windows\CDStart.INI
2007-05-13 17:31:15 0 d-----w- c:\program files\Diskeeper Corporation
2007-05-13 14:25:55 1905 ----a-w- c:\windows\diagwrn.xml
2007-05-13 14:25:55 1905 ----a-w- c:\windows\diagerr.xml
2007-04-08 22:51:14 121 ----a-w- C:\pdfinfo.ini
2007-04-08 22:41:20 36 ----a-w- c:\windows\verypdf.ini
2007-04-08 22:41:20 1024 ----a-w- c:\windows\system32\pwdremover.dat
2007-04-06 21:46:16 0 d-----w- c:\docume~1\alluse~1\applic~1\zeon
2007-04-06 21:46:15 0 d-----w- c:\windows\system32\DocucomRes6
2007-04-06 21:45:56 33 ----a-w- c:\windows\BiMonitor.ini
2007-04-06 21:45:55 30846 ----a-w- c:\windows\maxlink.ini
2007-03-25 21:37:52 0 d-----w- c:\windows\pss
2007-03-15 22:42:09 77000 ------w- c:\windows\system32\drivers\AnyDVD.sys
2007-02-28 23:05:26 86016 ----a-w- c:\windows\system32\ElbyCDIO.dll
2007-02-28 20:56:07 15440 ------w- c:\windows\system32\drivers\ElbyCDIO.sys
2007-02-16 00:56:49 11984 ------w- c:\windows\system32\drivers\RegKill.sys
2007-01-06 18:41:17 3323 ----a-w- c:\windows\mozver.dat
2006-12-27 18:01:38 419 ----a-w- c:\windows\BRWMARK.INI
2006-12-27 18:01:38 27 ----a-w- c:\windows\BRPP2KA.INI
2006-12-27 18:01:23 25088 ------w- c:\windows\system32\drivers\usbprint.sys
2006-12-27 17:25:25 69632 ------w- c:\windows\system32\BrWebIns.dll
2006-12-27 17:25:25 61440 ------w- c:\windows\system32\BRWEBUP.EXE
2006-12-27 17:25:25 176128 ------w- c:\windows\system32\Pdrvinst.dll
2006-12-27 17:25:22 6224 ----a-w- c:\windows\CVRPAGE.BMP
2006-12-27 17:25:22 126976 ----a-w- c:\windows\system32\BrfxD05a.dll
2006-12-27 17:25:22 0 ----a-w- c:\windows\brdfxspd.dat
2006-12-27 17:05:34 93 ----a-w- c:\windows\brpcfx.ini
2006-12-27 17:05:34 50 ----a-w- c:\windows\system32\bridf06a.dat
2006-12-27 17:05:34 212 ----a-w- c:\windows\Brpfx04a.ini
2006-12-27 17:05:20 52736 ----a-w- c:\windows\system32\brinsstr.dll
2006-12-27 17:04:37 0 d-----w- c:\program files\Brother
2006-12-27 17:04:36 147456 ----a-w- c:\windows\brunin03.dll
2006-12-27 17:00:20 0 d-----w- c:\docume~1\alluse~1\applic~1\Brother
2006-12-24 02:18:21 0 d-----w- c:\program files\RM Converter
2006-12-23 14:20:08 0 d-----w- c:\program files\Real Alternative
2006-12-22 16:38:37 86016 ----a-w- c:\windows\unvise32.exe
2006-12-22 16:35:45 0 d-----w- c:\program files\XviD
2006-12-22 16:28:30 737280 ----a-w- c:\windows\iun6002.exe
2006-12-22 16:28:28 0 d-----w- c:\program files\Codec Pack - All In 1
2006-12-10 15:45:19 10752 ----a-w- c:\windows\system32\cdda.dll
2006-12-04 17:07:58 1317648 ----a-w- c:\windows\system32\msxml6.dll
2006-12-04 00:53:35 7552 -c----w- c:\windows\system32\dllcache\sonypvu1.sys
2006-12-04 00:53:35 7552 ------w- c:\windows\system32\drivers\SONYPVU1.SYS
2006-10-29 15:46:30 0 d-----w- c:\program files\kmp
2006-10-24 16:00:20 412160 ------w- c:\windows\system32\photometadatahandler.dll
2006-10-24 16:00:06 712704 ------w- c:\windows\system32\windowscodecs.dll
2006-10-24 16:00:00 276992 ------w- c:\windows\system32\WMPhoto.dll
2006-10-24 15:59:50 347648 ------w- c:\windows\system32\windowscodecsext.dll
2006-10-18 22:30:46 249856 ------w- c:\windows\system32\drmupgds.exe
2006-10-18 22:30:14 17408 ------w- c:\windows\system32\wpdshextautoplay.exe
2006-10-05 07:01:10 79872 ----a-w- c:\windows\system32\msxml6r.dll
2006-09-29 10:26:38 28248 ----a-r- c:\windows\system32\AdobePDF.dll
2006-09-28 21:30:34 132224 ------w- c:\windows\system32\drivers\WudfRd.sys
2006-09-28 21:26:38 567808 ------w- c:\windows\system32\WUDFx.dll
2006-09-28 21:26:38 195584 ------w- c:\windows\system32\WudfHost.exe
2006-09-28 21:26:16 148480 ------w- c:\windows\system32\WudfPlatform.dll
2006-09-28 21:26:14 64512 ------w- c:\windows\system32\WudfSvc.dll
2006-09-28 21:25:50 91904 ------w- c:\windows\system32\drivers\WudfPf.sys
2006-09-10 21:33:24 61440 ----a-r- c:\windows\system32\csnpstd3.dll
2006-09-10 21:33:23 15498 ----a-r- c:\windows\snpstd3.ini
2006-09-10 21:33:23 13023 ----a-r- c:\windows\snpstd3.src
2006-09-10 21:33:22 339968 ----a-r- c:\windows\vsnpstd3.exe
2006-09-10 21:33:21 53248 ----a-r- c:\windows\vsnpstd3.dll
2006-09-10 21:33:12 8718848 ------w- c:\windows\system32\drivers\snpstd3.sys
2006-09-10 21:31:31 8192 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2006-09-09 15:43:19 0 d-----w- c:\program files\Skype
2006-09-09 15:41:54 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2006-09-09 15:41:16 0 d-----w- c:\windows\PixArt
2006-09-09 15:41:16 0 d-----w- c:\program files\PC Camera
2006-09-09 15:41:16 0 d-----w- c:\program files\common files\PCCamera
2006-08-08 17:15:12 0 d-----w- C:\Destiny
2006-06-22 23:28:16 47360 ------w- c:\windows\system32\drivers\Pcouffin.sys
2006-06-22 23:28:14 0 d-----w- c:\program files\VSO
2006-05-31 02:02:07 24064 ------w- c:\windows\system32\msxml3a.dll
2006-05-31 01:59:55 0 d-----w- c:\program files\QSuite
2006-05-24 09:09:50 66 ----a-w- c:\windows\Power Video Converter.INI
2006-05-24 09:08:14 0 d-----w- c:\program files\Power Video Converter
2006-04-25 17:28:52 135168 ----a-w- c:\windows\system32\BiRemoveNT.dll
2006-03-13 00:34:11 0 d-----w- c:\program files\MSN Apps
2006-03-10 23:59:12 30848 ------w- c:\windows\system32\drivers\usbccgp.sys
2006-03-10 23:57:31 598 ----a-w- c:\windows\FashionCam01.ini
2006-03-10 23:57:31 32768 ----a-w- c:\windows\system32\infcpy.dll
2006-03-10 23:57:31 32768 ----a-w- c:\windows\system32\gtcodec.dll
2006-03-10 23:57:31 314792 ------w- c:\windows\system32\drivers\gt891x1.sys
2006-03-10 23:57:31 25 ----a-w- c:\windows\AVIMaker.INI
2006-03-10 23:57:31 18088 ------w- c:\windows\system32\drivers\gt890x.sys
2006-03-10 23:57:31 159432 ------w- c:\windows\system32\drivers\GT891xD.sys
2006-03-10 23:57:31 0 d-----w- c:\program files\common files\FashionCam53
2006-03-10 23:57:30 0 d-----w- c:\program files\Micro TravelCam
2006-02-25 02:57:06 1492480 ----a-w- c:\windows\system32\BrWia06a.dll
2006-02-22 18:47:33 0 d-----w- c:\windows\IJ4PYNS5EJS16ZWH
2006-01-29 15:02:27 31300 ------w- c:\windows\system32\drivers\cdnprot.vxd
2006-01-25 21:36:38 487424 ----a-w- c:\windows\system32\MSVCP70.dll
2006-01-25 21:36:38 344064 ----a-w- c:\windows\system32\MSVCR70.dll
2006-01-23 20:54:44 2752580 ----a-w- c:\windows\system32\PDFCore6.dll
2006-01-14 12:20:44 282624 ----a-w- c:\windows\system32\ZnMacroUI.dll
2005-12-13 20:23:32 38912 ----a-w- c:\windows\system32\BrUsi06a.dll
2005-11-26 20:38:38 0 d-----w- c:\program files\SlySoft
2005-11-19 18:51:38 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2005-11-19 18:51:37 0 d-----w- c:\program files\CyberLink DVD Solution
2005-11-08 00:26:44 0 d-----w- c:\docume~1\nelson\applic~1\PopupCop
2005-09-26 10:53:44 0 d-----w- c:\docume~1\nelson\applic~1\p4p
2005-09-23 18:33:21 0 d-----w- c:\docume~1\alluse~1\applic~1\p4p
2005-09-23 18:32:20 0 d-----w- c:\windows\system32\temp
2005-09-23 18:32:09 0 d-----w- c:\program files\P4P
2005-09-23 18:31:42 23040 ----a-w- c:\windows\system32\cdnns.dll
2005-09-23 18:31:39 0 d-----w- c:\program files\CNNIC
2005-09-23 18:31:36 509449 ----a-w- c:\windows\system32\setuprun.exe
2005-09-23 17:58:53 0 d--h--w- c:\windows\PIF
2005-09-23 09:58:52 74240 ----a-w- c:\windows\system32\mscories.dll
2005-09-23 09:58:52 270848 ----a-w- c:\windows\system32\mscoree.dll
2005-09-23 09:58:52 150016 ----a-w- c:\windows\system32\mscorier.dll
2005-09-23 09:58:38 83456 ----a-w- c:\windows\system32\dfshim.dll
2005-09-21 07:34:14 54 ----a-w- c:\windows\JascCmdFile.INI
2005-09-21 07:14:54 0 d-----w- c:\program files\common files\Jasc Software Inc
2005-09-21 07:06:28 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys
2005-09-21 07:05:08 0 d-----w- c:\program files\Corel
2005-09-18 18:45:00 0 d-----w- c:\program files\common files\Adobe Systems Shared
2005-09-18 14:34:18 62 ----a-w- c:\windows\pcvcdbr.INI
2005-09-18 14:34:18 0 ----a-w- c:\windows\PCVCDVW.INI
2005-09-17 20:09:06 0 d-----w- c:\program files\common files\Ulead Systems
2005-09-17 20:09:05 0 d-----w- c:\program files\Ulead Systems
2005-09-16 10:02:16 0 d-----w- c:\docume~1\alluse~1\applic~1\InterVideo
2005-09-10 18:03:05 0 d-----w- c:\program files\Microsoft Encarta
2005-09-10 18:02:48 0 d-----w- c:\windows\speech
2005-09-10 17:59:31 0 d-----w- c:\windows\system32\URTTemp
2005-09-07 14:30:48 307200 ----a-w- c:\windows\system32\BiMMonNT.dll
2005-09-07 14:30:48 307200 ----a-w- c:\windows\system32\BiCMonNT.dll
2005-09-07 14:30:44 257536 ----a-w- c:\windows\system32\BiImg.dll
2005-09-07 14:30:44 233472 ----a-w- c:\windows\system32\TIFF32.DLL
2005-09-07 14:30:44 110592 ----a-w- c:\windows\system32\JPEG32.DLL
2005-08-16 00:01:54 0 ----a-w- c:\windows\vpc32.INI
2005-08-15 22:37:19 91856 ----a-w- c:\windows\system32\S32EVNT1.DLL
2005-08-15 22:37:19 123200 ------w- c:\windows\system32\drivers\SYMEVENT.SYS
2005-08-15 22:37:06 0 d-----w- c:\program files\Symantec AntiVirus
2005-08-08 16:32:01 34 ----a-w- c:\windows\webica.ini
2005-08-08 16:31:22 0 d-----w- c:\windows\system32\Resource
2005-08-08 16:31:14 0 d-----w- c:\program files\Citrix
2005-08-06 01:34:18 395776 ----a-w- c:\windows\system32\libmplayer.dll
2005-08-06 01:34:18 262144 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2005-08-06 01:34:18 112640 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2005-08-06 01:34:17 2255360 ----a-w- c:\windows\system32\libavcodec.dll
2005-08-06 01:34:16 0 d-----w- c:\program files\Cucusoft
2005-08-04 01:30:07 634 ----a-w- c:\windows\system32\MAPISVC.INF
2005-08-04 01:29:54 0 d-----w- c:\program files\Ontrack
2005-08-04 01:11:40 0 d-----w- c:\program files\FarStone
2005-08-01 22:28:43 0 d-----w- c:\program files\GiPo@Utilities
2005-08-01 22:28:43 0 d-----w- c:\program files\common files\Gibinsoft Shared
2005-08-01 22:15:52 208896 ----a-w- c:\windows\system32\wmpns.dll
2005-07-31 18:40:57 49265 ----a-w- c:\windows\system32\jpicpl32.cpl
2005-07-31 15:02:33 40 ----a-w- C:\Auth.prof
2005-07-31 12:52:09 0 d-----w- c:\program files\DivX
2005-07-31 11:04:35 0 d-----w- c:\program files\AC3Filter
2005-07-25 10:39:33 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2005-07-25 10:39:33 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2005-07-21 00:07:18 0 d-----w- c:\program files\BitTorrent
2005-07-19 11:35:21 0 d-----w- c:\program files\common files\Real
2005-07-19 11:33:06 0 d-----w- C:\My Downloads
2005-07-17 17:12:15 35487 ----a-w- c:\windows\system32\LPT.VXD
2005-07-17 17:12:15 322384 ----a-w- c:\windows\system32\MFC250.DLL
2005-07-17 17:12:14 45056 ----a-w- c:\windows\lguninst.exe
2005-07-17 17:12:14 3380 ----a-w- c:\windows\XIMGKIT.INI
2005-07-17 17:12:14 26112 ----a-w- c:\windows\WAVEMIX.DLL
2005-07-17 17:12:14 2573 ----a-w- c:\windows\Wavemix.ini
2005-07-17 17:12:14 224 ----a-w- c:\windows\lgunpscp.ini
2005-07-17 17:12:14 0 d-----w- c:\windows\system32\FONTS
2005-07-17 17:12:14 0 d-----w- c:\windows\system32\COLOR
2005-07-17 17:12:12 203 ----a-w- c:\windows\LGSETUP.INI
2005-07-17 17:12:12 203 ----a-w- c:\windows\LGPSCP.INI
2005-07-17 17:12:03 299008 ----a-w- c:\windows\UNINST.EXE
2005-07-15 16:24:03 32 ----a-w- c:\windows\basefx.INI
2005-07-14 09:31:32 37248 ------w- c:\windows\system32\drivers\avc.sys
2005-07-14 09:31:28 46848 ------w- c:\windows\system32\drivers\61883.sys
2005-07-13 21:58:02 7168 --sha-w- c:\windows\Thumbs.db
2005-07-02 15:56:35 104 --sh--r- c:\windows\system32\22B8C0E195.sys
2005-07-02 15:53:02 0 d-----w- c:\program files\Jasc Software Inc
2005-07-01 21:21:51 0 d-----w- c:\windows\system32\SoftwareDistribution
2005-07-01 00:33:21 0 ----a-w- c:\windows\iPlayer.INI
2005-06-30 23:39:44 5600 ----a-w- c:\windows\system\WINASPI.DLL
2005-06-30 23:39:44 4672 ----a-w- c:\windows\system\WOWPOST.EXE
2005-06-30 23:39:44 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2005-06-30 23:39:44 16877 ------w- c:\windows\system32\drivers\ASPI32.SYS
2005-06-28 17:19:50 337 ----a-w- c:\windows\SIERRA.INI
2005-06-23 16:46:03 0 d--h--w- c:\windows\$hf_mig$
2005-06-23 16:09:54 0 d-----w- c:\windows\system32\bits
2005-05-30 23:04:29 0 d-----w- c:\program files\Elaborate Bytes
2005-05-28 07:48:54 6400 -c----w- c:\windows\system32\dllcache\enum1394.sys
2005-05-28 07:48:54 6400 ------w- c:\windows\system32\drivers\enum1394.sys
2005-05-28 07:48:53 59392 ------w- c:\windows\system32\drivers\ohci1394.sys
2005-05-28 07:48:53 52096 ------w- c:\windows\system32\drivers\1394bus.sys
2005-05-27 23:28:29 0 d-----w- c:\program files\PopUpCop
2005-05-27 21:36:45 303 ----a-w- c:\windows\system\cmicnfg.ini
2005-05-27 21:27:27 12598 ----a-w- c:\windows\system32\wpa.bak
2005-04-17 15:02:00 83704 ----a-w- c:\windows\system32\nts.dll
2005-04-17 15:02:00 71416 ----a-w- c:\windows\system32\pds.dll
2005-04-17 15:01:58 46848 ----a-w- c:\windows\system32\msgsys.dll
2005-04-17 15:01:56 34552 ----a-w- c:\windows\system32\cba.dll
2005-04-17 15:00:56 43712 ----a-w- c:\windows\system32\NavLogon.dll
2005-04-12 08:41:20 4608 ------w- c:\windows\system32\drivers\ElbyDelay.sys
2005-04-05 13:47:04 517848 ----a-w- c:\windows\system32\SymNeti.dll
2005-04-05 13:47:04 132824 ----a-w- c:\windows\system32\SymRedir.dll
2005-04-05 13:47:02 267192 ------w- c:\windows\system32\drivers\symtdi.sys
2005-04-05 13:47:00 17976 ------w- c:\windows\system32\drivers\symredrv.sys
2005-04-05 13:46:58 36984 ------w- c:\windows\system32\drivers\symids.sys
2005-04-05 13:46:56 47192 ------w- c:\windows\system32\drivers\symndis.sys
2005-04-05 13:46:54 173208 ------w- c:\windows\system32\drivers\symfw.sys
2005-04-05 13:46:52 11512 ------w- c:\windows\system32\drivers\symdns.sys
2005-04-05 13:38:32 20 ------w- c:\windows\system32\drivers\SymRedir.cat
2005-04-05 13:38:32 1133 ------w- c:\windows\system32\drivers\SymRedir.inf
2005-04-04 20:49:04 22 ----a-w- c:\windows\system32\ati64hlp.stb
2005-04-04 15:39:28 35840 ----a-w- c:\windows\system32\znlib7.dll
2005-04-03 17:45:40 575704 -c----w- c:\windows\system32\dllcache\wuapi.dll
2005-04-03 17:45:40 35552 -c----w- c:\windows\system32\dllcache\wups.dll
2005-04-03 17:45:40 217816 -c----w- c:\windows\system32\dllcache\wuaucpl.cpl
2005-04-03 17:45:40 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2005-04-03 17:45:40 194328 ----a-w- c:\windows\system32\wuaueng1.dll
2005-04-03 17:45:40 172312 ----a-w- c:\windows\system32\wuauclt1.exe
2005-03-29 03:34:44 10368 ------w- c:\windows\system32\drivers\pfc.sys
2005-03-29 03:32:19 0 d-----w- c:\program files\common files\Sonic
2005-03-29 03:31:11 0 d-----w- c:\program files\Sonic
2005-03-27 21:22:25 26624 ----a-w- c:\windows\system32\PRTdlink.dll
2005-03-27 21:22:25 220160 ----a-w- c:\windows\PRINTERS.EXE
2005-03-27 21:22:25 0 d-----w- c:\program files\D-Link
2005-02-24 14:59:14 162176 ------w- c:\windows\system32\drivers\pfc027.sys
2005-02-24 14:02:22 48640 ----a-w- c:\windows\system32\SP207.ax
2005-02-24 11:53:28 57344 ----a-r- c:\windows\system32\znsl6.dll
2005-01-25 17:45:42 10240 ----a-w- c:\windows\system32\PA207Usd.dll
2004-11-22 16:07:38 40960 ----a-w- c:\windows\98Setup.exe
2004-10-26 22:39:05 3375104 ----a-w- c:\windows\system32\qt-mt331.dll
2004-10-26 22:39:04 53248 ----a-w- c:\windows\system32\dpv10.dll
2004-10-26 22:39:03 602112 ----a-w- c:\windows\system32\dpuGUI10.dll
2004-10-26 22:39:03 335872 ----a-w- c:\windows\system32\dpus10.dll
2004-10-26 22:39:03 290816 ----a-w- c:\windows\system32\dpu10.dll
2004-10-26 22:38:24 1335296 ----a-w- c:\windows\system32\PSIKey.dll
2004-10-26 22:38:18 528384 ----a-w- c:\windows\system32\divx_xx11.dll
2004-10-26 22:38:18 206336 ----a-w- c:\windows\system32\divx_xx0c.dll
2004-10-26 22:38:17 206848 ----a-w- c:\windows\system32\divx_xx07.dll
2004-10-26 22:11:30 245408 ----a-w- c:\windows\system32\unicows.dll
2004-10-15 22:20:20 15295 ------w- c:\windows\system32\drivers\BrScnUsb.sys
2004-10-12 22:03:20 98576 ----a-w- c:\windows\system32\ctxsetup.exe
2004-09-23 01:45:44 360448 ----a-w- c:\windows\system32\l3codecp.acm
2004-09-23 01:45:36 276992 ----a-w- c:\windows\system32\audiodev.dll
2004-08-18 18:56:38 143360 ----a-w- c:\windows\system32\GDIPlusImage.dll
2004-08-18 18:44:04 208896 ----a-w- c:\windows\system32\znlib6.dll
2004-08-04 04:26:58 293376 ----a-w- c:\windows\system32\wisptis.exe
2004-08-04 04:26:44 207360 ----a-w- c:\windows\system32\inked.dll
2004-07-29 06:43:28 46779 ------w- c:\windows\system32\drivers\PQIMount.sys
2004-07-29 06:03:08 138780 ------w- c:\windows\system32\drivers\PQV2i.sys
2004-07-29 05:23:58 53248 ----a-w- c:\windows\system32\gearsec.exe
2004-06-29 12:41:28 2560000 ----a-w- c:\windows\system\cmicnfg.cpl
2004-06-27 15:57:26 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2004-06-27 15:57:26 20480 ----a-w- c:\windows\system32\IVIresize.dll
2004-06-27 15:57:26 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2004-06-27 15:57:26 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2004-06-27 15:57:26 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2004-06-27 15:57:26 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2004-06-27 15:57:09 0 d-----w- c:\program files\InterVideo
2004-06-27 15:57:06 0 d-----w- c:\program files\common files\InterVideo
2004-06-27 15:57:01 0 d-----w- c:\program files\InterActual
2004-06-27 15:57:00 831600 ----a-w- c:\windows\system32\Ctaa1.dat
2004-06-27 15:57:00 77824 ----a-w- c:\windows\system32\ctdvda32.dll
2004-06-27 15:56:32 333600 ------w- c:\windows\system32\drivers\ctdvda2k.sys
2004-06-27 15:56:31 122880 ----a-w- c:\windows\system32\cddvdint.dll
2004-06-27 15:56:31 0 d-----w- c:\program files\Creative
2004-06-27 15:23:31 0 d-----w- C:\Downloads
2004-06-27 15:22:00 0 d-----w- c:\program files\FlashGet
2004-06-27 14:12:18 0 d-----w- c:\windows\system32\windows media
2004-06-27 14:11:59 0 d--h--w- c:\windows\msdownld.tmp
2004-06-27 14:11:56 0 d-----w- c:\program files\Windows Media Components
2004-06-27 13:26:15 0 d-----w- c:\program files\Stealther
2004-06-27 13:26:04 796672 ----a-w- c:\windows\GPInstall.exe
2004-06-27 13:26:04 7883 ----a-w- c:\windows\Eng_UK.gpl
2004-06-27 13:23:52 8703 ------w- c:\windows\system32\drivers\EIO.sys
2004-06-27 12:57:07 0 d-----w- c:\program files\ATI Technologies
2004-06-27 12:56:53 114688 ------w- c:\windows\system32\ati2sgag.exe
2004-06-27 12:21:21 396 ----a-w- c:\windows\NJCOM.INI
2004-06-27 12:21:12 26000 ------w- c:\windows\system32\CTL3D.DLL
2004-06-27 12:21:12 0 d-----w- c:\program files\NJStar Communicator
2004-06-27 01:00:25 0 d-----w- c:\program files\PrintKey2000
2004-06-27 01:00:01 0 d-----w- c:\program files\QuickVCD Player
2004-06-27 00:57:11 0 d-----w- c:\program files\common files\ScanSoft Shared
2004-06-27 00:57:05 0 d-----w- c:\program files\ScanSoft
2004-06-27 00:51:54 63 ----a-w- c:\windows\mdm.ini
2004-06-27 00:50:09 0 d-----w- c:\windows\ShellNew
2004-06-27 00:48:06 0 d-----w- c:\windows\Twain32
2004-06-27 00:15:01 0 d-----w- c:\program files\Executive Software
2004-06-27 00:14:46 0 d-----w- c:\windows\Downloaded Installations
2004-06-27 00:11:25 0 d-----w- c:\program files\PowerQuest
2004-06-26 23:52:08 376 ----a-w- c:\windows\ODBC.INI
2004-06-26 23:52:08 0 d-----w- c:\windows\system32\CBA
2004-06-26 23:52:07 0 d-----w- c:\program files\Symantec
2004-06-26 23:52:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Symantec
2004-06-26 23:52:06 0 d-----w- c:\program files\common files\Symantec Shared
2004-06-25 19:43:42 818816 ------w- c:\windows\system32\drivers\cmuda.sys
2004-06-24 19:39:28 155648 ----a-w- c:\windows\system32\cmuda.dll
2004-06-24 07:41:28 0 ----a-w- c:\windows\system32\px.ini
2004-06-10 19:20:30 86016 ----a-w- c:\windows\system32\PXWMA.dll
2004-04-23 17:32:10 233472 ----a-w- c:\windows\system32\cmirmdrv.exe
2004-04-22 10:02:00 20368 ------w- c:\windows\system32\drivers\pxhelp20.sys
2004-02-25 19:30:37 333 ----a-w- c:\windows\system32\$ncsp$.inf
2004-02-17 13:21:56 1458176 ----a-w- c:\windows\system\SmWizard.exe
2004-02-12 05:45:41 0 d-----w- c:\windows\java
2004-02-12 05:41:00 0 d-----w- c:\program files\Microsoft Hardware
2004-02-12 05:04:48 49152 ----a-w- c:\windows\system32\MultiSZ.dll
2004-02-11 22:00:20 0 d-sh--w- C:\System Recovery
2004-01-31 20:47:04 241664 ----a-w- c:\windows\system32\Keyhook.exe
2004-01-31 20:47:02 667648 ----a-w- c:\windows\system32\sistray.exe
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\xircom
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\wins
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\wbem\xml
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\wbem\snmp
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\wbem\Performance
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\wbem\mof
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\wbem\Logs
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\wbem
2004-01-31 20:47:00 0 d-----w- c:\windows\system32\usmt
2004-01-31 20:47:00 0 d-----w- c:\windows\SiS
2004-01-31 20:46:48 0 d-----w- c:\program files\Multimedia V3.53.01
2004-01-31 20:44:04 404736 ------w- c:\windows\system32\drivers\ALCXSENS.SYS
2004-01-31 20:40:46 65152 ------w- c:\windows\system32\drivers\Rtlnic51.sys
2004-01-31 20:40:04 57344 ----a-w- c:\windows\SOUNDMAN.EXE
2004-01-31 20:40:00 765952 ----a-w- c:\windows\system\crlds3d.dll
2004-01-31 20:39:59 720896 ----a-w- c:\windows\system32\Audio3D.dll
2004-01-31 20:39:59 720896 ----a-w- c:\windows\system32\a3d.dll
2004-01-31 20:39:59 141016 ----a-w- c:\windows\system32\ALSNDMGR.WAV
2004-01-31 20:39:55 10435072 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2004-01-31 20:39:54 481596 ------w- c:\windows\system32\drivers\ALCXWDM.sys
2004-01-31 20:39:54 462684 ------w- c:\windows\system32\drivers\ALCXWDM.sys.bak
2004-01-31 20:39:01 0 d-----w- C:\PnPDrivers
2004-01-31 20:35:38 16256 ------w- c:\windows\system32\drivers\usbohci.sys
2004-01-31 13:40:34 40960 ------w- c:\windows\system32\drivers\fetnd5b.sys
2004-01-31 06:29:38 12160 -c----w- c:\windows\system32\dllcache\mouhid.sys
2004-01-31 06:29:38 12160 ------w- c:\windows\system32\drivers\mouhid.sys
2004-01-31 06:29:35 9600 -c----w- c:\windows\system32\dllcache\hidusb.sys
2004-01-31 06:29:35 9600 ------w- c:\windows\system32\drivers\hidusb.sys
2004-01-31 05:58:36 2238 ----a-w- c:\windows\system32\futureshop_ca.ico
2004-01-31 05:56:17 6144 ------w- c:\windows\system32\drivers\splitter.sys
2004-01-31 05:56:13 77952 ------w- c:\windows\system32\drivers\wdmaud.sys
2004-01-31 05:56:12 50304 ------w- c:\windows\system32\drivers\dmusic.sys
2004-01-31 05:56:11 54272 -c----w- c:\windows\system32\dllcache\swmidi.sys
2004-01-31 05:56:11 54272 ------w- c:\windows\system32\drivers\swmidi.sys
2004-01-31 05:56:10 142208 -c----w- c:\windows\system32\dllcache\aec.sys
2004-01-31 05:56:10 142208 ------w- c:\windows\system32\drivers\aec.sys
2004-01-31 05:56:08 169600 ------w- c:\windows\system32\drivers\kmixer.sys
2004-01-31 05:56:07 2816 ------w- c:\windows\system32\drivers\drmkaud.sys
2004-01-31 05:56:06 57088 ------w- c:\windows\system32\drivers\sysaudio.sys
2004-01-31 05:55:43 58368 ------w- c:\windows\system32\drivers\drmk.sys
2004-01-31 05:55:43 134144 ------w- c:\windows\system32\drivers\portcls.sys
2004-01-31 05:55:37 10112 ------w- c:\windows\system32\drivers\gameenum.sys
2004-01-14 20:35:04 315392 ----a-w- c:\windows\system32\kdu_v41R.dll
2004-01-07 09:01:00 49152 ----a-w- c:\windows\system32\umloader.dll
2003-12-16 23:59:38 332800 ------w- c:\windows\system32\netsetup.exe
2003-12-15 23:42:20 34816 ------w- c:\windows\system32\pidgen.dll
2003-05-28 01:05:12 0 d-----w- c:\windows\VALUEADD
2003-05-27 23:15:55 21 ----a-w- C:\MINI
2003-05-27 23:15:55 21 ----a-w- C:\LOCAL
2003-05-27 23:14:35 0 d-----w- c:\windows\OPTIONS
2003-05-27 23:11:11 0 d-s---w- c:\windows\system32\Microsoft
2003-05-27 23:11:11 0 d-----w- c:\windows\system32\ReinstallBackups
2003-05-27 23:11:11 0 d-----w- c:\windows\system32\MsDtc
2003-05-27 23:11:11 0 d-----w- c:\windows\system32\IME
2003-05-27 23:11:11 0 d-----w- c:\windows\system32\DirectX
2003-05-27 23:11:11 0 d-----w- c:\windows\system32\Com
2003-05-27 23:07:58 0 d-----w- c:\program files\Future Photo
2003-05-27 23:00:50 0 d-sh--w- c:\windows\Installer
2003-05-27 23:00:50 0 d--h--w- c:\windows\inf
2003-05-27 22:55:36 0 d-sh--w- c:\documents and settings\all users\DRM
2003-05-27 22:54:30 0 d-----w- c:\program files\common files\MSSoap
2003-05-27 22:53:14 0 d--h--w- c:\program files\WindowsUpdate
2003-05-27 22:53:14 0 d-----w- c:\program files\Online Services
2003-05-27 22:53:06 0 d-----w- c:\program files\Messenger
2003-05-27 22:53:03 0 d-----w- c:\program files\MSN Gaming Zone
2003-05-27 22:52:46 0 d-----w- c:\program files\Windows NT
2003-05-27 15:48:51 0 d-----w- c:\program files\common files\ODBC
2003-05-27 15:48:48 0 d-----w- c:\program files\common files\SpeechEngines
2003-05-27 08:48:28 0 d-----r- c:\documents and settings\all users\Documents
2003-01-01 03:39:32 0 d-----w- c:\docume~1\nelson\applic~1\IsolatedStorage
2003-01-01 03:32:52 0 d-----w- c:\docume~1\nelson\applic~1\Azureus
2003-01-01 03:14:59 0 d-----w- c:\docume~1\nelson\applic~1\Xilisoft
2003-01-01 03:14:15 0 d-----w- c:\program files\Xilisoft
2003-01-01 03:11:58 0 d-----w- c:\docume~1\nelson\applic~1\GetRightToGo

==================== Find3M ====================

2010-04-11 12:22:26 20144 ----a-w- c:\windows\fonts\VersaFontCD2.ttf
2010-04-11 12:22:26 18044 ----a-w- c:\windows\fonts\VersaFontBRV.ttf
2010-04-11 12:22:26 18028 ----a-w- c:\windows\fonts\VersaFontUD.ttf
2010-04-11 12:22:26 16932 ----a-w- c:\windows\fonts\VersaFontUL.ttf
2010-04-11 12:22:26 158788 ----a-w- c:\windows\fonts\VersaFontOX.ttf
2010-04-11 12:21:13 22848 ----a-w- c:\windows\fonts\VersaFontACU.ttf
2010-04-11 12:21:13 22284 ----a-w- c:\windows\fonts\VersaFontCED.ttf
2010-04-11 12:21:13 21440 ----a-w- c:\windows\fonts\VersaFontDEG.ttf
2010-04-11 12:21:13 21372 ----a-w- c:\windows\fonts\VersaFontTIL.ttf
2010-04-11 12:21:13 20708 ----a-w- c:\windows\fonts\VersaFontCIR.ttf
2010-04-11 12:21:13 19548 ----a-w- c:\windows\fonts\VersaFontDT.ttf
2010-04-11 12:20:28 19300 ----a-w- c:\windows\fonts\VersaFontOxIPA.ttf
2010-04-11 12:18:59 30320 ----a-w- c:\windows\fonts\VersaFontHebrew.ttf
2010-04-11 12:18:30 25916 ----a-w- c:\windows\fonts\VersaFontLN.ttf
2010-04-11 12:18:30 18568 ----a-w- c:\windows\fonts\VersaFontHAC.ttf
2010-04-11 12:18:30 12960 ----a-w- c:\windows\fonts\VersaFontGK.ttf
2010-04-11 12:18:29 33992 ----a-w- c:\windows\fonts\VersaFont01.ttf
2010-04-11 12:18:29 159612 ----a-w- c:\windows\fonts\VersaFont02.ttf
2008-11-07 21:25:30 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2008-02-08 23:12:56 511292 ----a-w- c:\windows\fonts\segoeui.ttf
2008-02-08 23:12:56 491860 ----a-w- c:\windows\fonts\segoeuib.ttf
2008-02-08 23:12:56 392028 ----a-w- c:\windows\fonts\segoeuiz.ttf
2008-02-08 23:12:56 379716 ----a-w- c:\windows\fonts\segoeuii.ttf
2008-02-04 19:26:34 151040 --sh--w- c:\windows\system32\VistaUltm.dll
2007-12-17 13:43:00 27648 --sh--w- c:\windows\system32\Smab0.dll
2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2006-10-19 00:28:00 8704 ----a-w- c:\windows\system32\wdfmgr.exe
2006-10-19 00:28:00 8704 ----a-w- c:\windows\system32\uwdf.exe
2006-10-18 22:33:58 100864 ----a-w- c:\windows\system32\logagent.exe
2006-10-18 22:30:00 38528 ------w- c:\windows\system32\drivers\wpdusb.sys
2006-08-25 15:53:55 561664 ------w- c:\windows\system32\_002991_.tmp
2006-05-19 12:15:32 103936 ------w- c:\windows\system32\_002987_.tmp
2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2006-01-02 22:38:03 260608 ------w- c:\windows\system32\_002985_.tmp
2005-12-02 07:27:16 6800 ----a-r- c:\windows\fonts\ZWAdobeF.TTF
2005-06-03 17:30:55 30208 ----a-w- c:\windows\fonts\REF_ICON.FON
2005-05-04 18:15:36 884736 ----a-w- c:\windows\system32\msimsg.dll
2005-05-04 18:15:36 78848 ----a-w- c:\windows\system32\msiexec.exe
2005-05-04 18:15:36 271360 ----a-w- c:\windows\system32\msihnd.dll
2005-05-04 18:15:36 15360 ----a-w- c:\windows\system32\msisip.dll
2005-05-04 18:15:32 2890240 ----a-w- c:\windows\system32\msi.dll
2004-12-20 10:03:26 679936 ----a-w- c:\windows\system32\xvidcore.dll
2004-12-07 19:34:37 79872 ------w- c:\windows\system32\_002946_.tmp
2004-10-26 22:38:18 94208 ----a-w- c:\windows\system32\divxdec_0411.dll
2004-10-26 22:38:18 94208 ----a-w- c:\windows\system32\divxdec_040c.dll
2004-10-26 22:38:18 94208 ----a-w- c:\windows\system32\divxdec_0407.dll
2004-09-23 01:46:38 10752 ----a-w- c:\windows\system32\wpdtrace.dll
2004-09-23 01:46:36 331776 ----a-w- c:\windows\system32\wpdmtpdr.dll
2004-09-23 01:46:24 175104 ----a-w- c:\windows\system32\wmpsrcwp.dll
2004-09-23 01:46:20 1589760 ----a-w- c:\windows\system32\wmpencen.dll
2004-08-04 11:30:00 187776 ------w- c:\windows\system32\drivers\acpi.sys
2004-08-03 17:34:40 185624 ----a-w- c:\windows\system32\iuengine.dll
2004-02-10 10:15:36 344064 ----a-w- c:\windows\system32\xvid.dll
2003-12-17 00:02:22 1740 ----a-w- c:\windows\system32\dcache.bin
2003-12-16 23:58:18 88456 ----a-w- c:\windows\system32\rdpdd.dll
2003-12-16 23:58:18 8584 ----a-w- c:\windows\system32\tsddd.dll
2003-12-16 23:58:18 82568 ----a-w- c:\windows\system32\rdpwsx.dll
2003-12-16 23:58:18 39176 ------w- c:\windows\system32\drivers\termdd.sys
2003-12-16 23:58:18 122248 ------w- c:\windows\system32\drivers\rdpwd.sys
2003-12-16 23:54:58 47616 ----a-w- c:\windows\system32\SET3CA.tmp
2003-12-16 23:28:54 125440 ----a-w- c:\windows\system32\dpcdll.dll
2003-12-16 00:26:16 1756928 ----a-w- c:\windows\system32\win32k.sys
2003-12-16 00:25:36 169856 ------w- c:\windows\system32\drivers\rdbss.sys
2003-12-16 00:12:34 28928 ------w- c:\windows\system32\drivers\modem.sys
2003-12-16 00:12:04 17792 ------w- c:\windows\system32\drivers\tdi.sys
2003-12-16 00:11:54 211520 ------w- c:\windows\system32\drivers\tcpip6.sys
2003-12-16 00:04:44 13824 ------w- c:\windows\system32\drivers\asyncmac.sys
2003-12-16 00:04:14 33536 ------w- c:\windows\system32\drivers\wanarp.sys
2003-12-16 00:03:52 84352 ------w- c:\windows\system32\drivers\ipnat.sys
2003-12-16 00:02:12 66176 ------w- c:\windows\system32\drivers\psched.sys
2003-12-16 00:00:26 86016 ------w- c:\windows\system32\drivers\nwlnkipx.sys
2003-12-16 00:00:04 33536 ------w- c:\windows\system32\drivers\netbios.sys
2003-12-15 23:59:56 11904 ------w- c:\windows\system32\drivers\tunmp.sys
2003-12-15 23:59:52 12288 ------w- c:\windows\system32\drivers\ndisuio.sys
2003-12-15 23:54:08 10752 ------w- c:\windows\system32\drivers\irenum.sys
2003-12-15 23:50:58 251904 ------w- c:\windows\system32\drivers\http.sys
2003-12-15 23:49:34 30720 ------w- c:\windows\system32\drivers\ip6fw.sys
2003-12-15 23:48:44 69248 ------w- c:\windows\system32\drivers\bridge.sys
2003-12-15 23:48:12 16128 ------w- c:\windows\system32\drivers\bthenum.sys
2003-12-15 23:48:10 35584 ------w- c:\windows\system32\drivers\bthmodem.sys
2003-12-15 23:48:08 56448 ------w- c:\windows\system32\drivers\rfcomm.sys
2003-12-15 23:48:08 255872 ------w- c:\windows\system32\drivers\bthport.sys
2003-12-15 23:48:04 33920 ------w- c:\windows\system32\drivers\bthprint.sys
2003-12-15 23:48:04 22528 ------w- c:\windows\system32\drivers\hidbth.sys
2003-12-15 23:47:56 17920 ------w- c:\windows\system32\drivers\bthusb.sys
2003-12-15 23:47:30 38912 ------w- c:\windows\system32\drivers\nmnt.sys
2003-12-15 23:47:22 75008 ------w- c:\windows\system32\drivers\usbvideo.sys
2003-12-15 23:47:10 52480 ------w- c:\windows\system32\drivers\msdv.sys
2003-12-15 23:47:06 24576 ------w- c:\windows\system32\drivers\sonydcam.sys
2003-12-15 23:46:02 71168 ------w- c:\windows\system32\drivers\sr.sys
2003-12-15 23:44:48 46720 ------w- c:\windows\system32\drivers\stream.sys
2003-12-15 23:44:46 5632 ------w- c:\windows\system32\drivers\smbali.sys
2003-12-15 23:44:08 17280 ----a-w- c:\windows\system32\watchdog.sys
2003-12-15 23:43:08 75392 ------w- c:\windows\system32\drivers\videoprt.sys
2003-12-15 23:43:08 20224 ------w- c:\windows\system32\drivers\vga.sys
2003-12-15 23:39:42 73728 ----a-w- c:\windows\system32\uniime.dll
2003-12-15 23:38:24 165376 ----a-w- c:\windows\system32\SETDE2.tmp
2003-12-15 23:37:46 88192 ------w- c:\windows\system32\drivers\ksecdd.sys
2003-12-15 23:36:58 13184 ------w- c:\windows\system32\drivers\wacompen.sys
2003-12-15 23:36:52 12160 ------w- c:\windows\system32\drivers\mutohpen.sys

============= FINISH: 1:30:48.84 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 08 September 2010 - 06:15 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.

We need to create an OTL report,
  • Please download OTL from this link.
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Under the Custom Scan box paste this in:

    netsvcs
    msconfig
    drivers32 /all
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.sys /90
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32
    ahcix86s.sys
    nvrd32.sys
    user32.dll
    ws2_32.dll
    /md5stop
    %systemroot%\*. /mp /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    CREATERESTOREPOINT

  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply.

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new OTL log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


In your reply, please post both OTL logs and the GMER log.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#3 paperstars

paperstars
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 09 September 2010 - 05:55 PM

Hi etavares,

Thanks for your reply! The OLT log is posted below, the other OLT log and GMER log are attached because they are too long:

--------------------------------

OTL logfile created on: 01/01/2003 12:19:59 AM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = K:\
Windows XP Home Edition Service Pack 2, v.2055 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2055)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1,022.00 Mb Total Physical Memory | 454.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 40.25 Gb Total Space | 1.16 Gb Free Space | 2.89% Space Free | Partition Type: NTFS
Drive D: | 40.68 Gb Total Space | 5.75 Gb Free Space | 14.15% Space Free | Partition Type: NTFS
Drive E: | 30.73 Gb Total Space | 6.59 Gb Free Space | 21.46% Space Free | Partition Type: NTFS
Drive F: | 20.64 Gb Total Space | 0.74 Gb Free Space | 3.56% Space Free | Partition Type: NTFS
Drive G: | 16.01 Gb Total Space | 3.43 Gb Free Space | 21.44% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
Drive I: | 760.86 Mb Total Space | 611.10 Mb Free Space | 80.32% Space Free | Partition Type: NTFS
Drive K: | 7.74 Gb Total Space | 7.74 Gb Free Space | 99.98% Space Free | Partition Type: FAT32

Computer Name: OFFICE
Current User Name: Nelson
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/08 22:10:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- K:\OTL.exe
PRC - [2010/07/02 11:20:12 | 000,671,608 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010/06/22 13:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010/06/14 14:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/06/09 00:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009/12/17 10:23:54 | 000,272,896 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2007/12/09 21:35:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2007/08/18 06:21:43 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/05/10 22:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2007/01/19 19:27:34 | 000,356,352 | R--- | M] (VIA Technologies, Inc.) -- C:\Program Files\VBTUCopy\VBTUCopy.exe
PRC - [2006/04/06 21:11:02 | 000,339,968 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2006/03/28 15:48:54 | 000,622,592 | R--- | M] () -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2005/11/10 13:03:52 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2005/09/05 04:25:08 | 000,339,968 | R--- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2005/06/03 14:00:17 | 000,301,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Encarta\Encarta Premium DVD 2006\EDICT.EXE
PRC - [2005/04/17 11:30:48 | 000,085,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2005/04/17 11:30:40 | 001,706,176 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2005/04/17 11:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2005/04/08 14:54:52 | 000,161,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/04/08 14:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005/04/08 14:52:30 | 000,048,752 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005/02/16 23:03:50 | 000,106,496 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
PRC - [2005/01/31 09:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/07/29 03:41:08 | 001,122,304 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
PRC - [2004/07/29 03:02:34 | 001,269,760 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
PRC - [2004/07/29 01:53:58 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
PRC - [2003/12/16 20:25:18 | 001,009,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/12/16 20:25:18 | 000,239,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\msagent\agentsvr.exe
PRC - [2003/08/15 11:04:50 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2002/03/30 08:12:12 | 000,057,344 | ---- | M] (Elaborate Bytes) -- C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
PRC - [2002/03/22 09:11:56 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
PRC - [1999/10/01 01:01:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Program Files\PrintKey2000\Printkey2000.exe
PRC - [1999/03/18 01:08:10 | 008,798,260 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE
PRC - [1997/07/28 13:42:34 | 000,024,576 | ---- | M] (Logitech INC) -- C:\WINDOWS\twain_32\LGTWAIN\LGWAKEUP.EXE


========== Modules (SafeList) ==========

MOD - [2010/09/08 22:10:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- K:\OTL.exe
MOD - [2003/12/16 20:25:22 | 000,927,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2055_x-ww_a7ce0fc0\comctl32.dll
MOD - [2003/12/16 20:24:44 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========


========== Driver Services (SafeList) ==========


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKU\.DEFAULT\..\URLSearchHook: {982CB676-38F0-4D9A-BB72-D9371ABE876E} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKU\S-1-5-18\..\URLSearchHook: {982CB676-38F0-4D9A-BB72-D9371ABE876E} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\..\URLSearchHook: {982CB676-38F0-4D9A-BB72-D9371ABE876E} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {da684c80-6ad7-4a95-80ec-959e8ab082fd}:1.9
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..keyword.URL: "http://radiobar.toolbarhome.com/search.aspx?srch=ku&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/08/21 17:17:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/26 11:25:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2002/12/31 23:08:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/08/21 17:17:51 | 000,000,000 | ---D | M]

[2010/03/10 16:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\Mozilla\Extensions
[2010/08/28 09:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\Mozilla\Firefox\Profiles\w0ujun6t.default\extensions
[2010/05/12 16:57:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nelson\Application Data\Mozilla\Firefox\Profiles\w0ujun6t.default\extensions\{da684c80-6ad7-4a95-80ec-959e8ab082fd}
[2010/07/09 22:07:15 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\Nelson\Application Data\Mozilla\Firefox\Profiles\w0ujun6t.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2003/01/01 00:00:21 | 000,001,589 | ---- | M] () -- C:\Documents and Settings\Nelson\Application Data\Mozilla\Firefox\Profiles\w0ujun6t.default\searchplugins\web-search.xml
[2003/01/01 00:09:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2002/08/29 15:30:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation)
O2 - BHO: (Encarta Web Companion Helper Object) - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL (Microsoft Corporation)
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Encarta Web Companion) - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (PopUpCop) - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\Program Files\PopUpCop\PopUpCop.dll (EdenSoft ™)
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\..\Toolbar\WebBrowser: (Encarta Web Companion) - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL (Microsoft Corporation)
O3 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\..\Toolbar\WebBrowser: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe File not found
O4 - HKLM..\Run: [CloneCDElbyCDFL] C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe (Elaborate Bytes)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe (Elaborate Bytes)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IESAddr] File not found
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [IntelliType] C:\Program Files\Microsoft Hardware\Keyboard\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MsgCenterExe] C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [VBTUCopy] C:\Program Files\VBTUCopy\VBTUCopy.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [WinDVR SchSvr] C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe (InterVideo Inc.)
O4 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013..\Run: [] File not found
O4 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013..\Run: [E06AXLRD_327421] C:\Program Files\Microsoft Encarta\Encarta Premium DVD 2006\EDICT.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Wakeup.lnk = C:\WINDOWS\twain_32\LGTWAIN\LGWAKEUP.EXE (Logitech INC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Printkey2000.lnk = C:\Program Files\PrintKey2000\Printkey2000.exe (Fred's Software)
O4 - Startup: C:\Documents and Settings\Cindy\Start Menu\Programs\Startup\Stealther.lnk = C:\Program Files\Stealther\stealth27.exe (Photono Software)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Open Image in New Window - C:\Program Files\PopUpCop\PopUpCop.dll (EdenSoft ™)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O15 - HKU\S-1-5-21-3685698554-2501954535-3646181656-1013\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {0EC4C9E3-EC6A-11CF-8E3B-444553540000} file://J:\setup\RiffLick.cab (WaveTab Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} http://software-dl.real.com/1929553523124b...ip/RdxIE601.cab (RdxIE Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1271893512296 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll File not found
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\System32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Nelson\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nelson\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/05/01 21:07:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/03/02 11:35:04 | 000,000,000 | ---D | M] - D:\Auto CD run Files -- [ NTFS ]
O32 - AutoRun File - [2001/04/28 11:27:00 | 000,000,043 | ---- | M] () - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: TermService - File not found
NetSvcs: IP6FwHlp - C:\WINDOWS\system32\ip6fwhlp.dll (Microsoft Corporation)

MsConfig - Services: "winsecure"
MsConfig - StartUpReg: AnyDVD - hkey= - key= - C:\Program Files\SlySoft\AnyDVD\AnyDVD_.exe (Team {RES},)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: VIDC.GTCC - C:\WINDOWS\System32\gtcodec.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746534284132352)

========== Files/Folders - Created Within 90 Days ==========

[2010/08/29 04:24:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\MSN6
[2010/08/21 19:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\My Documents\Ovi
[2010/08/21 17:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Nokia
[2010/08/21 17:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\NokiaAccount
[2010/08/21 17:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Nokia
[2010/08/21 17:17:38 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010/08/21 17:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010/08/21 17:14:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/08/21 17:14:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/08/21 17:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010/08/21 16:35:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/08/21 16:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\PC Suite
[2010/08/21 16:30:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/08/21 16:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/08/21 16:25:27 | 000,008,320 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys
[2010/08/21 16:25:26 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010/08/21 16:25:24 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010/08/21 16:25:23 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010/08/21 16:25:22 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010/08/21 16:25:20 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010/08/21 16:25:20 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010/08/21 16:25:06 | 000,092,672 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2010/08/21 16:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010/08/21 16:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2010/08/21 16:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/08/21 16:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/07/16 21:40:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/07/09 20:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/07/09 20:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/07/09 15:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\SharePod
[2010/07/09 14:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/07/07 03:20:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\My Documents\InterVideo
[2010/07/07 03:19:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\InterVideo
[2010/07/06 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\My Documents\Games
[2010/07/01 00:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\ImgBurn
[2010/07/01 00:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Identities
[2010/07/01 00:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010/06/30 23:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Ahead
[2010/06/30 23:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Jasc Software Inc
[2010/06/29 01:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/06/28 23:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/06/28 23:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\uTorrent
[2010/06/24 20:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/06/17 03:54:53 | 000,000,000 | ---D | C] -- C:\Nexon
[2010/06/10 05:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/06/10 03:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/06/10 03:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010/06/09 03:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\WinRAR
[2010/06/07 21:49:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\My Documents\My Received Files
[2010/05/18 16:08:33 | 000,000,000 | ---D | C] -- C:\USA_Canada_and_Mexico_P_845_2670
[2010/04/21 20:19:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/04/21 20:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Sun
[2010/04/21 19:36:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/04/14 16:34:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ApplicationHistory
[2010/04/14 16:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Malwarebytes
[2010/04/14 16:11:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/14 16:11:02 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/14 16:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/14 16:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/14 10:40:02 | 000,590,848 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\UMDF\PCCSWpdDriver.dll
[2010/04/11 08:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Excite Prime Ministers CD
[2010/04/11 08:46:37 | 001,294,336 | ---- | C] (Centigram Communications Corp.) -- C:\WINDOWS\System32\Cgrm_en.dll
[2010/04/11 08:46:37 | 000,188,416 | ---- | C] (Net Results) -- C:\WINDOWS\System32\VbMediaControl.ocx
[2010/04/11 08:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\TCE-LEC 2000
[2010/04/06 19:09:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\U3
[2010/04/01 22:16:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/04/01 21:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Apple Computer
[2010/04/01 21:07:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/01 21:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Apple
[2010/04/01 21:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Apple Computer
[2010/04/01 20:39:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\My Documents\Downloads
[2010/03/30 16:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/03/22 19:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/03/22 19:12:57 | 000,000,000 | ---D | C] -- C:\Program Files\Datel
[2010/03/22 19:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Journal Viewer
[2010/03/22 19:07:44 | 000,019,805 | ---- | C] (Thesycon GmbH, Germany) -- C:\WINDOWS\System32\drivers\usbio.sys
[2010/03/15 21:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Temp
[2010/03/15 21:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/03/15 21:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Google
[2010/03/15 21:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Google
[2010/03/14 15:02:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\.jagex_cache_32
[2010/03/11 21:27:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\My Documents\Updater5
[2010/03/11 18:40:42 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Nelson\UserData
[2010/03/11 16:36:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Tracing
[2010/02/22 22:54:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2010/02/20 14:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/02/20 14:40:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/02/20 14:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/02/20 14:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/02/20 14:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/02/14 19:00:57 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2010/02/14 19:00:57 | 000,318,976 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2010/02/14 19:00:56 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010/02/14 19:00:56 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\i420vfw.dll
[2010/02/14 19:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/02/14 18:48:08 | 000,186,880 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLOgg.ax
[2010/02/14 18:48:08 | 000,092,672 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLVorbisDec.ax
[2010/02/14 18:48:08 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\WINDOWS\System32\RLTheoraDec.ax
[2010/02/14 18:48:08 | 000,054,784 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLAPEDec.ax
[2010/02/14 18:48:08 | 000,037,888 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLMPCDec.ax
[2010/02/14 18:48:07 | 000,179,200 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\DiracSplitter.ax
[2010/02/14 18:48:07 | 000,169,472 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaDX.ax
[2010/02/14 18:48:07 | 000,163,328 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\flvDX.dll
[2010/02/14 18:48:07 | 000,161,792 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\RealMediaDX.ax
[2010/02/14 18:48:07 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\WINDOWS\System32\msfDX.dll
[2010/02/14 18:48:06 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\WINDOWS\System32\AVCDX.ax
[2010/02/14 18:47:35 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2010/02/07 19:10:33 | 000,000,000 | -HSD | C] -- C:\found.001
[2009/10/12 03:00:22 | 000,421,888 | ---- | C] (Gabest) -- C:\WINDOWS\System32\RealMediaSplitter.ax
[2009/10/12 03:00:22 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2007/12/21 20:15:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2007/12/09 21:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2007/12/09 20:46:51 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2007/12/09 20:46:46 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2007/12/09 20:46:45 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2007/12/09 20:46:45 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2007/12/09 20:46:44 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2007/12/09 20:46:44 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2007/12/09 20:46:42 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2007/12/09 20:46:31 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2007/12/09 18:43:59 | 000,000,000 | -HSD | C] -- C:\found.000
[2007/12/05 18:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Zeon
[2007/11/25 16:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Mozilla
[2007/11/25 16:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Mozilla
[2007/11/17 22:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Adobe
[2007/11/17 22:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Adobe
[2007/11/10 18:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2007/11/10 18:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2007/11/04 20:03:44 | 000,000,000 | ---D | C] -- C:\PaperPort
[2007/11/03 20:48:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\CACHE
[2007/11/03 18:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2007/11/03 18:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2007/11/03 18:01:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2007/11/03 13:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2007/11/03 13:22:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2007/11/03 13:22:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2007/11/03 13:20:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2007/11/03 13:17:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2007/11/03 12:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\old agentdpv.dll
[2007/10/08 09:38:05 | 000,000,000 | ---D | C] -- C:\Program Files\MagicISO
[2007/09/21 21:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2007/09/03 08:08:23 | 000,000,000 | ---D | C] -- C:\Program Files\vanBasco's Karaoke Player
[2007/09/01 12:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2007/08/29 20:29:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2007/08/26 09:56:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2007/08/19 22:00:16 | 000,000,000 | ---D | C] -- C:\Program Files\NeoTracePro
[2007/08/07 20:04:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Motive
[2007/08/07 20:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2007/08/07 20:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\Motive
[2007/08/07 20:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\Aliant
[2007/08/07 19:55:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
[2007/08/07 19:55:19 | 001,069,056 | ---- | C] (Motive Communications, Inc.) -- C:\WINDOWS\System32\ActiveUtils.dll
[2007/08/07 19:55:19 | 000,327,680 | ---- | C] (Motive Communications, Inc.) -- C:\WINDOWS\System32\snmpaxctrl.dll
[2007/08/07 19:55:19 | 000,087,040 | ---- | C] (Motive Communications, Inc.) -- C:\WINDOWS\System32\WebFlowIDPersist.dll
[2007/08/07 19:55:19 | 000,073,728 | ---- | C] (Motive Communications, Inc.) -- C:\WINDOWS\System32\BinaryAggregator1.dll
[2007/08/07 19:55:19 | 000,037,376 | ---- | C] (Motive Communications, Inc.) -- C:\WINDOWS\System32\ReportReader.dll
[2007/06/19 16:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ViceVersa PRO 2
[2007/06/19 16:32:36 | 000,000,000 | ---D | C] -- C:\Program Files\ViceVersa Pro 2
[2007/06/19 13:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\VBTUCopy
[2007/06/19 13:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2007/05/14 20:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2007/05/14 20:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Google
[2007/05/13 14:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Diskeeper Corporation
[2007/04/06 18:16:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\zeon
[2007/04/06 18:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DocucomRes6
[2007/03/25 18:07:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2007/03/25 10:47:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2007/03/15 19:12:09 | 000,077,000 | ---- | C] (SlySoft, Inc.) -- C:\WINDOWS\System32\drivers\AnyDVD.sys
[2007/02/28 19:35:26 | 000,086,016 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\System32\ElbyCDIO.dll
[2007/02/28 17:26:07 | 000,015,440 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\System32\drivers\ElbyCDIO.sys
[2007/02/15 21:26:49 | 000,011,984 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\System32\drivers\RegKill.sys
[2007/01/06 15:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2006/12/27 13:55:25 | 000,176,128 | ---- | C] (brother) -- C:\WINDOWS\System32\Pdrvinst.dll
[2006/12/27 13:55:25 | 000,069,632 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2006/12/27 13:55:25 | 000,061,440 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE
[2006/12/27 13:55:22 | 000,126,976 | ---- | C] (Brother Industries,LTD) -- C:\WINDOWS\System32\BrfxD05a.dll
[2006/12/27 13:35:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2006/12/27 13:35:20 | 000,052,736 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2006/12/27 13:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2006/12/27 13:34:36 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2006/12/27 13:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2006/12/25 11:46:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/12/23 22:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\RM Converter
[2006/12/23 11:44:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2006/12/23 10:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative
[2006/12/22 13:08:37 | 000,086,016 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2006/12/22 13:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\XviD
[2006/12/22 12:58:30 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2006/12/22 12:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\Codec Pack - All In 1
[2006/10/29 12:16:30 | 000,000,000 | ---D | C] -- C:\Program Files\kmp
[2006/10/28 17:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\Smart Projects
[2006/09/10 18:03:24 | 000,061,440 | R--- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2006/09/10 18:03:21 | 000,053,248 | R--- | C] ( ) -- C:\WINDOWS\vsnpstd3.dll
[2006/09/09 12:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2006/09/09 12:13:19 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2006/09/09 12:11:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\PixArt
[2006/09/09 12:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCCamera
[2006/09/09 12:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\PC Camera
[2006/08/08 13:45:12 | 000,000,000 | ---D | C] -- C:\Destiny
[2006/06/22 19:58:14 | 000,000,000 | ---D | C] -- C:\Program Files\VSO
[2006/05/30 22:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2006/05/30 22:32:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2006/05/30 22:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2006/05/30 22:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\QSuite
[2006/05/24 05:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Power Video Converter
[2006/04/25 13:58:52 | 000,135,168 | ---- | C] (Black Ice Software, Inc.) -- C:\WINDOWS\System32\BiRemoveNT.dll
[2006/03/12 21:04:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Apps
[2006/03/10 20:27:31 | 000,314,792 | ---- | C] (Grandtech Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\gt891x1.sys
[2006/03/10 20:27:31 | 000,018,088 | ---- | C] (Grandtech Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\gt890x.sys
[2006/03/10 20:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FashionCam53
[2006/03/10 20:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\Micro TravelCam
[2006/02/24 23:27:06 | 001,492,480 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia06a.dll
[2006/02/22 15:17:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\IJ4PYNS5EJS16ZWH
[2006/01/23 17:24:44 | 002,752,580 | ---- | C] (Zeon Corporation) -- C:\WINDOWS\System32\PDFCore6.dll
[2006/01/14 08:50:44 | 000,282,624 | ---- | C] (Nuance Communications, Inc.) -- C:\WINDOWS\System32\ZnMacroUI.dll
[2005/12/29 12:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2005/12/13 16:53:32 | 000,038,912 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUsi06a.dll
[2005/11/26 18:54:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\PopupCop
[2005/11/26 17:08:38 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft
[2005/11/19 15:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink DVD Solution
[2005/11/07 20:56:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\PopupCop
[2005/10/03 23:02:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2005/09/26 07:23:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\p4p
[2005/09/23 15:03:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\p4p
[2005/09/23 15:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\p4p
[2005/09/23 15:02:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\temp
[2005/09/23 15:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\P4P
[2005/09/23 15:01:42 | 000,023,040 | ---- | C] (CNNIC) -- C:\WINDOWS\System32\cdnns.dll
[2005/09/23 15:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\CNNIC
[2005/09/23 14:28:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2005/09/21 03:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Jasc Software Inc
[2005/09/21 03:35:08 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2005/09/18 15:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2005/09/18 15:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2005/09/18 15:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2005/09/18 15:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2005/09/17 16:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ulead Systems
[2005/09/17 16:39:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/09/17 16:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\Ulead Systems
[2005/09/16 06:32:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2005/09/10 21:34:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\ApplicationHistory
[2005/09/10 21:31:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\ScanSoft
[2005/09/10 21:31:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\My Documents\My PaperPort Documents
[2005/09/10 14:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Encarta
[2005/09/10 14:32:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\speech
[2005/09/10 14:29:32 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2005/09/10 14:29:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2005/09/10 14:29:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2005/09/10 09:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Symantec
[2005/09/07 11:00:48 | 000,307,200 | ---- | C] (Black Ice Software) -- C:\WINDOWS\System32\BiMMonNT.dll
[2005/09/07 11:00:48 | 000,307,200 | ---- | C] (Black Ice Software) -- C:\WINDOWS\System32\BiCMonNT.dll
[2005/09/07 11:00:44 | 000,233,472 | ---- | C] (Black Ice Software, Inc.) -- C:\WINDOWS\System32\TIFF32.DLL
[2005/08/15 19:07:19 | 000,123,200 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2005/08/15 19:07:19 | 000,091,856 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2005/08/15 19:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec AntiVirus
[2005/08/08 13:01:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Resource
[2005/08/08 13:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2005/08/05 22:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Cucusoft
[2005/08/03 21:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\Ontrack
[2005/08/03 21:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\FarStone
[2005/08/01 18:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\GiPo@Utilities
[2005/08/01 18:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Gibinsoft Shared
[2005/07/31 15:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2005/07/31 15:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2005/07/31 09:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2005/07/31 07:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2005/07/30 12:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2005/07/25 07:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2005/07/24 07:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2005/07/20 20:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2005/07/19 08:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2005/07/19 08:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2005/07/19 08:03:06 | 000,000,000 | ---D | C] -- C:\My Downloads
[2005/07/17 13:42:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\FONTS
[2005/07/17 13:42:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\COLOR
[2005/07/17 13:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2005/07/17 13:42:03 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\UNINST.EXE
[2005/07/07 14:27:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2005/07/02 12:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2005/07/02 12:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\Jasc Software Inc
[2005/07/01 17:51:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2005/06/30 20:09:44 | 000,045,056 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\WNASPI32.DLL
[2005/06/30 20:09:44 | 000,016,877 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS
[2005/06/30 20:09:44 | 000,005,600 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WINASPI.DLL
[2005/06/30 20:09:44 | 000,004,672 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WOWPOST.EXE
[2005/06/23 13:16:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2005/06/23 12:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2005/05/30 19:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2005/05/27 19:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\PopUpCop
[2005/04/17 11:30:56 | 000,043,712 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\NavLogon.dll
[2005/04/12 05:11:20 | 000,004,608 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\System32\drivers\ElbyDelay.sys
[2005/04/05 17:39:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nelson\My Documents\My Videos
[2005/04/05 17:19:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Macromedia
[2005/04/05 10:17:04 | 000,517,848 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\SymNeti.dll
[2005/04/05 10:17:04 | 000,132,824 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\SymRedir.dll
[2005/04/05 10:17:02 | 000,267,192 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symtdi.sys
[2005/04/05 10:17:00 | 000,017,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symredrv.sys
[2005/04/05 10:16:58 | 000,036,984 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symids.sys
[2005/04/05 10:16:56 | 000,047,192 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symndis.sys
[2005/04/05 10:16:54 | 000,173,208 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symfw.sys
[2005/04/05 10:16:52 | 000,011,512 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symdns.sys
[2005/04/04 17:23:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2005/04/04 12:09:28 | 000,035,840 | ---- | C] (Zeon Corporation) -- C:\WINDOWS\System32\znlib7.dll
[2005/04/03 14:15:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2005/04/03 14:09:33 | 001,581,136 | ---- | C] (None) -- C:\Documents and Settings\Nelson\Desktop\VisualBoyAdvance.exe
[2005/04/02 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Sonic
[2005/04/02 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Help
[2005/04/02 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Help
[2005/03/29 00:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic
[2005/03/29 00:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Sonic
[2005/03/27 17:52:25 | 000,000,000 | ---D | C] -- C:\Program Files\D-Link
[2005/02/24 10:32:22 | 000,048,640 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\SP207.ax
[2005/02/24 08:23:28 | 000,057,344 | R--- | C] (Zeon Corporation) -- C:\WINDOWS\System32\znsl6.dll
[2005/02/17 08:01:58 | 000,774,144 | ---- | C] (Gabest) -- C:\WINDOWS\System32\DVobSub.ax
[2005/02/17 08:01:58 | 000,577,536 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec.ax
[2005/02/17 08:01:58 | 000,094,208 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec_0411.dll
[2005/02/17 08:01:58 | 000,094,208 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec_040c.dll
[2005/02/17 08:01:58 | 000,094,208 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec_0407.dll
[2005/02/17 08:01:57 | 000,503,808 | ---- | C] (Elecard Ltd.) -- C:\WINDOWS\System32\mpeg2dmx.ax
[2005/02/17 08:01:57 | 000,210,432 | ---- | C] (Moonlight Cordless Ltd.) -- C:\WINDOWS\System32\mpgdec.ax
[2005/02/17 08:01:57 | 000,062,464 | ---- | C] (Morgan Multimedia) -- C:\WINDOWS\System32\MMSwitch.ax
[2004/10/26 19:09:04 | 000,053,248 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpv10.dll
[2004/10/26 19:09:03 | 000,602,112 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI10.dll
[2004/10/26 19:09:03 | 000,335,872 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpus10.dll
[2004/10/26 19:09:03 | 000,290,816 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpu10.dll
[2004/10/26 19:08:24 | 001,335,296 | ---- | C] (Protexis Inc.) -- C:\WINDOWS\System32\PSIKey.dll
[2004/10/26 19:08:18 | 000,528,384 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2004/10/26 19:08:18 | 000,206,336 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2004/10/26 19:08:17 | 000,206,848 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2004/10/15 18:50:20 | 000,015,295 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys
[2004/08/18 15:26:38 | 000,143,360 | ---- | C] (Zeon) -- C:\WINDOWS\System32\GDIPlusImage.dll
[2004/08/18 15:14:04 | 000,208,896 | ---- | C] (Zeon Corporation) -- C:\WINDOWS\System32\znlib6.dll
[2004/07/29 03:13:28 | 000,046,779 | ---- | C] (PowerQuest Corporation) -- C:\WINDOWS\System32\drivers\PQIMount.sys
[2004/07/29 02:33:08 | 000,138,780 | ---- | C] (StorageCraft) -- C:\WINDOWS\System32\drivers\PQV2i.sys
[2004/07/29 01:53:58 | 000,053,248 | ---- | C] (GEAR Software) -- C:\WINDOWS\System32\gearsec.exe
[2004/06/29 09:11:28 | 002,560,000 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System\cmicnfg.cpl
[2004/06/27 12:27:09 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2004/06/27 12:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo
[2004/06/27 12:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\InterActual
[2004/06/27 12:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2004/06/27 11:53:31 | 000,000,000 | ---D | C] -- C:\Downloads
[2004/06/27 11:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet
[2004/06/27 10:42:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windows media
[2004/06/27 10:41:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2004/06/27 10:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2004/06/27 09:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\Stealther
[2004/06/27 09:56:04 | 000,796,672 | ---- | C] (Qsc) -- C:\WINDOWS\GPInstall.exe
[2004/06/27 09:53:52 | 000,008,703 | ---- | C] (ASUSTeK Computer Inc.) -- C:\WINDOWS\System32\drivers\EIO.sys
[2004/06/27 09:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2004/06/27 08:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\NJStar Communicator
[2004/06/26 22:02:15 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Nelson\Application Data\Microsoft
[2004/06/26 22:02:15 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Nelson\Cookies
[2004/06/26 22:02:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nelson\SendTo
[2004/06/26 22:02:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nelson\Recent
[2004/06/26 22:02:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nelson\Application Data
[2004/06/26 22:02:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nelson\Start Menu
[2004/06/26 22:02:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nelson\My Documents\My Pictures
[2004/06/26 22:02:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nelson\My Documents\My Music
[2004/06/26 22:02:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nelson\My Documents
[2004/06/26 22:02:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nelson\Favorites
[2004/06/26 22:02:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nelson\Templates
[2004/06/26 22:02:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nelson\PrintHood
[2004/06/26 22:02:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nelson\NetHood
[2004/06/26 22:02:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nelson\Local Settings
[2004/06/26 22:02:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\WINDOWS
[2004/06/26 22:02:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Local Settings\Application Data\Microsoft
[2004/06/26 22:02:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Identities
[2004/06/26 22:02:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Desktop
[2004/06/26 21:30:25 | 000,000,000 | ---D | C] -- C:\Program Files\PrintKey2000
[2004/06/26 21:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\QuickVCD Player
[2004/06/26 21:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2004/06/26 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2004/06/26 21:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2004/06/26 21:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2004/06/26 21:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2004/06/26 21:20:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2004/06/26 21:18:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Twain32
[2004/06/26 21:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2004/06/26 20:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Executive Software
[2004/06/26 20:44:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2004/06/26 20:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\PowerQuest
[2004/06/26 20:22:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CBA
[2004/06/26 20:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2004/06/26 20:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2004/06/26 20:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2004/06/26 19:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2004/06/24 16:09:28 | 000,155,648 | ---- | C] (C-Media) -- C:\WINDOWS\System32\cmuda.dll
[2004/02/17 09:51:56 | 001,458,176 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\SmWizard.exe
[2004/02/12 02:15:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2004/02/12 02:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Hardware
[2004/02/12 01:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2004/02/11 18:30:20 | 000,000,000 | -HSD | C] -- C:\System Recovery
[2004/01/31 17:17:01 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2004/01/31 17:17:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2004/01/31 17:17:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2004/01/31 17:17:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2004/01/31 17:17:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2004/01/31 17:17:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\SiS
[2004/01/31 17:16:48 | 000,000,000 | ---D | C] -- C:\Program Files\Multimedia V3.53.01
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2004/01/31 17:16:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2004/01/31 17:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2004/01/31 17:10:46 | 000,065,152 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtlnic51.sys
[2004/01/31 17:09:01 | 000,000,000 | ---D | C] -- C:\PnPDrivers
[2004/01/31 10:09:54 | 000,110,592 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2004/01/31 10:09:54 | 000,102,400 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2004/01/31 10:09:54 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2004/01/31 10:09:51 | 000,034,816 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2004/01/31 10:09:51 | 000,028,672 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2004/01/31 10:09:08 | 000,075,904 | ---- | C] (VIA Technologies inc,.ltd) -- C:\WINDOWS\System32\drivers\viasraid.sys
[2004/01/14 17:05:04 | 000,315,392 | ---- | C] (The University of New South Wales) -- C:\WINDOWS\System32\kdu_v41R.dll
[2003/05/27 21:35:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\VALUEADD
[2003/05/27 19:44:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2003/05/27 19:41:11 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2003/05/27 19:41:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2003/05/27 19:41:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2003/05/27 19:41:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2003/05/27 19:41:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2003/05/27 19:41:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2003/05/27 19:41:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2003/05/27 19:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Future Photo
[2003/05/27 19:30:50 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2003/05/27 19:30:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2003/05/27 19:30:33 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2003/05/27 19:30:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2003/05/27 19:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2003/05/27 19:30:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2003/05/27 19:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2003/05/27 19:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2003/05/27 19:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2003/05/27 19:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2003/05/27 19:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2003/05/27 19:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2003/05/27 19:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2003/05/27 19:25:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2003/05/27 19:25:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2003/05/27 19:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2003/05/27 19:24:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2003/05/27 19:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2003/05/27 19:24:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2003/05/27 19:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2003/05/27 19:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2003/05/27 19:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2003/05/27 19:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2003/05/27 19:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2003/05/27 19:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2003/05/27 19:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2003/05/27 19:23:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2003/05/27 19:23:14 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2003/05/27 19:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2003/05/27 19:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2003/05/27 19:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2003/05/27 19:23:03 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2003/05/27 19:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2003/05/27 19:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2003/05/27 19:20:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2003/05/27 12:38:22 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2003/05/27 12:30:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2003/05/27 12:25:21 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2003/05/27 12:24:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2003/05/27 12:24:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2003/05/27 12:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2003/05/27 12:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2003/05/27 12:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2003/05/27 12:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2003/05/27 12:18:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2003/05/27 12:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2003/05/27 12:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2003/05/27 12:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2003/05/27 12:18:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2003/05/27 12:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2003/05/27 12:15:23 | 000,000,000 | -HSD | C] -- C:\WINDOWS\security
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\sysprep
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2003/05/27 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2003/05/27 12:10:47 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2003/05/27 12:10:38 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\sparrow.sys
[2003/05/27 12:10:38 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2003/05/27 12:10:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2003/05/27 12:10:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2003/05/27 12:10:22 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2003/05/27 12:09:31 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\drivers\mraid35x.sys
[2003/05/27 12:09:31 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2003/05/27 12:07:05 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2003/05/27 12:06:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\I386
[2003/05/27 05:18:48 | 000,000,000 | R--D | C] -- C:\Program Files
[2003/05/27 05:18:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2003/05/27 05:18:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2003/05/27 05:18:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2003/05/27 05:15:23 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2003/05/27 05:15:23 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2003/05/27 05:15:23 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2003/05/01 21:46:10 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2003/04/24 12:29:08 | 000,032,768 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System32\udaprop.dll
[2003/03/31 18:13:38 | 000,620,094 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2003/02/24 13:16:46 | 000,051,712 | ---- | C] (Zeon Corporation) -- C:\WINDOWS\System32\znlib3.dll
[2003/02/24 13:09:38 | 000,086,528 | ---- | C] (Zeon Corporation) -- C:\WINDOWS\System32\znlib2.dll
[2003/01/01 00:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\IsolatedStorage
[2003/01/01 00:02:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Azureus
[2002/12/31 23:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\Xilisoft
[2002/12/31 23:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2002/12/31 23:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Desktop\Downloads
[2002/12/31 23:41:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nelson\Application Data\GetRightToGo
[2002/12/31 23:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[246 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/28 17:14:50 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/22 11:57:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/08/21 20:48:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/21 20:48:25 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010/08/21 20:26:59 | 000,001,822 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nokia Ovi Suite.lnk
[2010/08/21 17:36:47 | 000,001,407 | ---- | M] () -- C:\Documents and Settings\Nelson\Desktop\cmd.lnk
[2010/08/21 17:14:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/08/21 16:32:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010/08/21 16:32:46 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/07/16 21:40:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/15 21:47:53 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ulead DVD MovieFactory 5 Launcher.lnk
[2010/07/15 21:47:53 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ulead QuickDrop 2.0.lnk
[2010/07/15 21:47:52 | 000,002,320 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ulead DVD MovieFactory 4.0 Launcher.lnk
[2010/07/15 21:47:52 | 000,001,677 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TCE-LEC 2000.lnk
[2010/07/15 21:47:36 | 000,000,891 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickVCD Player 3.4.lnk
[2010/07/15 21:47:35 | 000,001,399 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2010/07/15 21:46:28 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Keyboard.lnk
[2010/07/15 21:46:27 | 000,002,185 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keyboard Quick Start Guide.lnk
[2010/07/15 21:46:27 | 000,001,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD Creator 2.lnk
[2010/07/15 21:46:27 | 000,001,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVR 3.lnk
[2010/07/15 21:46:26 | 000,001,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD 4.lnk
[2010/07/15 21:46:26 | 000,001,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD 6.lnk
[2010/07/15 21:46:25 | 000,002,023 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Encarta Premium DVD 2006.lnk
[2010/07/15 21:46:25 | 000,002,004 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Encarta Kids 2006.lnk
[2010/07/15 21:46:25 | 000,001,969 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Encarta Dictionary Tools.lnk
[2010/07/15 21:46:24 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2010/07/15 21:46:21 | 000,002,060 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CyberLink Multimedia Launcher.lnk
[2010/07/15 21:46:21 | 000,001,686 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Movies.lnk
[2010/07/15 21:46:20 | 000,001,012 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CloneDVD2.lnk
[2010/07/15 21:46:14 | 000,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CloneCD.lnk
[2010/07/15 21:46:13 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2010/07/15 21:46:12 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 8 Professional.lnk
[2010/07/15 21:46:12 | 000,001,873 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/07/15 21:46:12 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\礣orrent.lnk
[2010/07/09 20:20:41 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/07/08 20:25:08 | 000,053,864 | ---- | M] () -- C:\Documents and Settings\Nelson\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/07 04:05:04 | 002,112,064 | -H-- | M] () -- C:\Documents and Settings\Nelson\Local Settings\Application Data\IconCache.db
[2010/07/01 02:19:26 | 000,000,081 | ---- | M] () -- C:\WINDOWS\bi_group.ini
[2010/07/01 00:12:26 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2010/07/01 00:12:26 | 000,001,562 | ---- | M] () -- C:\Documents and Settings\Nelson\Desktop\ImgBurn.lnk
[2010/06/30 23:46:01 | 000,004,184 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/06/30 23:45:57 | 000,000,104 | RHS- | M] () -- C:\WINDOWS\System32\22B8C0E195.sys
[2010/06/29 16:14:34 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/06/29 16:14:34 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/06/28 23:09:41 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\礣orrent.lnk
[2010/06/25 10:18:52 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Nelson\My Documents\English 3283 2010-2012.doc
[2010/06/25 10:18:46 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Nelson\My Documents\Readers Response.doc
[2010/06/25 10:18:40 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Nelson\My Documents\~$mmer Reading 2010.doc
[2010/06/13 20:50:06 | 001,013,248 | ---- | M] () -- C:\2010 Claude Berthiaume 2nd Disc.dwz
[2010/06/13 20:45:46 | 001,207,296 | ---- | M] () -- C:\2010 Claude Berthiaume 1st Disc.dwz
[2010/06/13 19:59:47 | 000,000,000 | ---- | M] () -- C:\Program Files\error.dat
[2010/06/13 19:59:47 | 000,000,000 | ---- | M] () -- C:\WINDOWS\brmx2001.ini
[2010/06/13 19:59:20 | 000,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/06/13 19:59:20 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010/05/16 22:16:04 | 000,000,204 | ---- | M] () -- C:\10 Claude Disc2.iso.adp
[2010/05/16 19:55:39 | 000,361,984 | ---- | M] () -- C:\2010 Claude Berthiaume 1st Disc 4 class.dwz
[2010/05/12 20:57:47 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Print @ Future Shop.lnk
[2010/04/23 06:20:44 | 000,000,162 | -H-- | M] () -- C:\~$cket Richard.doc
[2010/04/23 01:01:47 | 000,019,968 | ---- | M] () -- C:\Rocket Richard.doc
[2010/04/22 23:46:59 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Nelson\Desktop\Microsoft Word.lnk
[2010/04/14 16:11:07 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/14 10:40:02 | 000,590,848 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\UMDF\PCCSWpdDriver.dll
[2010/04/11 16:07:00 | 002,201,391 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\DSC06548.JPG
[2010/04/11 16:05:42 | 002,269,431 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\DSC06547.JPG
[2010/04/11 10:46:09 | 000,193,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/10 18:20:38 | 002,338,869 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\DSC06529.JPG
[2010/04/06 19:28:44 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Nelson\My Documents\What do you mean by hunger.doc
[2010/04/04 21:02:21 | 000,000,040 | ---- | M] () -- C:\Auth.prof
[2010/04/03 11:43:14 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/03/29 23:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/29 23:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/23 21:05:32 | 002,023,828 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\DSC06515.JPG
[2010/03/21 10:43:22 | 002,184,735 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\DSC06513.JPG
[2010/03/21 10:43:16 | 002,482,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\DSC06512.JPG
[2010/03/14 16:26:10 | 000,002,381 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RuneScape.lnk
[2010/03/10 16:34:36 | 000,001,654 | ---- | M] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/03/10 16:34:36 | 000,001,636 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010/02/26 13:32:52 | 000,662,016 | ---- | M] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010/02/26 13:32:50 | 000,092,672 | ---- | M] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010/02/26 13:21:22 | 000,137,344 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010/02/26 13:21:22 | 000,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys
[2010/02/14 18:48:11 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPER Uninstall.lnk
[2010/02/14 18:48:11 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPER .lnk
[2010/02/07 23:33:57 | 000,000,193 | RHS- | M] () -- C:\boot.ini
[2009/10/12 03:00:22 | 000,421,888 | ---- | M] (Gabest) -- C:\WINDOWS\System32\RealMediaSplitter.ax
[2009/10/12 03:00:22 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2008/02/05 13:34:02 | 000,009,884 | -H-- | M] () -- C:\WINDOWS\super.chm
[2008/02/04 15:56:34 | 000,151,040 | -HS- | M] () -- C:\WINDOWS\System32\VistaUltm.dll
[2007/12/21 21:18:19 | 000,000,611 | ---- | M] () -- C:\WINDOWS\win.ini
[2007/12/21 21:18:19 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2007/12/21 21:02:27 | 000,000,040 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/12/17 10:13:00 | 000,027,648 | -HS- | M] () -- C:\WINDOWS\System32\Smab0.dll
[2007/12/09 20:47:02 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2007/11/17 21:59:19 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2007/11/17 21:59:10 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2007/11/13 09:31:46 | 000,399,360 | ---- | M] () -- C:\WINDOWS\System32\Smab.dll
[2007/11/03 20:58:25 | 000,000,060 | ---- | M] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2007/11/03 20:49:05 | 000,000,000 | ---- | M] () -- C:\SMINST
[2007/11/03 19:21:50 | 020,436,243 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Westinghouse Power Transformer.pdf
[2007/11/03 17:59:13 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2007/11/03 17:57:02 | 000,236,720 | RHS- | M] () -- C:\ntldr
[2007/11/03 17:57:02 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2007/11/03 17:40:12 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2007/10/10 19:26:50 | 000,000,396 | ---- | M] () -- C:\WINDOWS\NJCOM.INI
[2007/09/12 20:00:24 | 000,000,121 | ---- | M] () -- C:\pdfinfo.ini
[2007/09/12 19:25:07 | 000,000,075 | ---- | M] () -- C:\WINDOWS\winDecrypt.INI
[2007/09/12 19:22:28 | 000,000,036 | ---- | M] () -- C:\WINDOWS\verypdf.ini
[2007/09/01 09:04:49 | 000,003,323 | ---- | M] () -- C:\WINDOWS\mozver.dat
[2007/06/19 16:33:55 | 000,010,752 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/06/19 13:15:44 | 000,000,032 | ---- | M] () -- C:\WINDOWS\CDStart.INI
[2007/05/17 17:30:48 | 000,318,976 | ---- | M] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2007/05/13 10:57:47 | 000,001,905 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2007/05/13 10:57:47 | 000,001,905 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2007/04/08 19:11:20 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System32\pwdremover.dat
[2007/04/06 18:16:01 | 000,000,033 | ---- | M] () -- C:\WINDOWS\BiMonitor.ini
[2007/04/06 18:15:55 | 000,030,846 | ---- | M] () -- C:\WINDOWS\maxlink.ini
[2007/03/15 19:12:09 | 000,077,000 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\System32\drivers\AnyDVD.sys
[2007/02/28 19:35:26 | 000,086,016 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\System32\ElbyCDIO.dll
[2007/02/28 17:26:07 | 000,015,440 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\System32\drivers\ElbyCDIO.sys
[2007/02/21 08:17:16 | 000,031,232 | RHS- | M] (Hans Mayerl) -- C:\WINDOWS\System32\msfDX.dll
[2007/02/15 21:26:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\System32\drivers\RegKill.sys
[2007/02/05 20:58:45 | 004,870,472 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Document (4).max
[2007/02/05 20:00:28 | 001,692,776 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Document.max
[2007/01/06 15:33:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2006/12/28 14:49:21 | 000,000,034 | ---- | M] () -- C:\WINDOWS\webica.ini
[2006/12/27 13:55:47 | 000,000,212 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2006/12/27 13:55:47 | 000,000,093 | ---- | M] () -- C:\WINDOWS\brpcfx.ini
[2006/12/27 13:55:47 | 000,000,050 | ---- | M] () -- C:\WINDOWS\System32\bridf06a.dat
[2006/12/23 11:41:51 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2006/12/20 10:51:52 | 000,010,752 | ---- | M] () -- C:\WINDOWS\System32\cdda.dll
[2006/10/07 17:43:42 | 000,502,784 | ---- | M] () -- C:\WINDOWS\x2.64.exe
[2006/10/04 10:36:21 | 001,197,294 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2006/10/04 10:36:20 | 000,764,868 | ---- | M] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2006/10/04 10:36:13 | 000,217,118 | ---- | M] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2006/09/12 08:16:24 | 000,227,328 | RHS- | M] () -- C:\WINDOWS\System32\ac3DX.ax
[2006/08/16 11:23:32 | 000,175,104 | RHS- | M] () -- C:\WINDOWS\System32\CoreAAC.ax
[2006/05/30 20:22:03 | 000,000,303 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini
[2006/05/03 06:36:54 | 000,163,328 | RHS- | M] (Gabest) -- C:\WINDOWS\System32\flvDX.dll
[2006/04/25 13:58:52 | 000,135,168 | ---- | M] (Black Ice Software, Inc.) -- C:\WINDOWS\System32\BiRemoveNT.dll
[2006/04/12 09:47:22 | 000,217,073 | ---- | M] () -- C:\WINDOWS\meta4.exe
[2006/04/05 08:09:16 | 000,066,560 | ---- | M] () -- C:\WINDOWS\MOTA113.exe
[2006/03/10 18:18:48 | 000,169,472 | RHS- | M] (Gabest) -- C:\WINDOWS\System32\MatroskaDX.ax
[2006/02/24 23:27:06 | 001,492,480 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia06a.dll
[2006/02/16 18:49:00 | 000,052,736 | ---- | M] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2006/01/29 11:31:30 | 000,031,300 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdnprot.vxd
[2006/01/23 17:24:44 | 002,752,580 | ---- | M] (Zeon Corporation) -- C:\WINDOWS\System32\PDFCore6.dll
[2006/01/17 01:03:00 | 000,126,976 | ---- | M] (Brother Industries,LTD) -- C:\WINDOWS\System32\BrfxD05a.dll
[2006/01/14 08:50:44 | 000,282,624 | ---- | M] (Nuance Communications, Inc.) -- C:\WINDOWS\System32\ZnMacroUI.dll
[2006/01/12 19:53:26 | 000,123,904 | RHS- | M] (CoreCodec) -- C:\WINDOWS\System32\AVCDX.ax
[2005/12/13 16:53:32 | 000,038,912 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUsi06a.dll
[2005/11/25 17:16:34 | 000,161,792 | RHS- | M] (Gabest) -- C:\WINDOWS\System32\RealMediaDX.ax
[2005/11/07 07:08:18 | 008,718,848 | ---- | M] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2005/10/26 05:41:44 | 000,053,248 | R--- | M] ( ) -- C:\WINDOWS\vsnpstd3.dll
[2005/09/23 15:05:06 | 000,509,449 | ---- | M] () -- C:\WINDOWS\System32\setuprun.exe
[2005/09/21 04:04:14 | 000,000,054 | ---- | M] () -- C:\WINDOWS\JascCmdFile.INI
[2005/09/18 11:04:18 | 000,000,062 | ---- | M] () -- C:\WINDOWS\pcvcdbr.INI
[2005/09/18 11:04:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PCVCDVW.INI
[2005/09/16 06:32:07 | 000,001,783 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
[2005/09/10 13:45:49 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Nelson\My Documents\Moi.doc
[2005/09/07 11:00:48 | 000,307,200 | ---- | M] (Black Ice Software) -- C:\WINDOWS\System32\BiMMonNT.dll
[2005/09/07 11:00:48 | 000,307,200 | ---- | M] (Black Ice Software) -- C:\WINDOWS\System32\BiCMonNT.dll
[2005/09/07 11:00:44 | 000,257,536 | ---- | M] () -- C:\WINDOWS\System32\BiImg.dll
[2005/09/07 11:00:44 | 000,233,472 | ---- | M] (Black Ice Software, Inc.) -- C:\WINDOWS\System32\TIFF32.DLL
[2005/09/07 11:00:44 | 000,110,592 | ---- | M] () -- C:\WINDOWS\System32\JPEG32.DLL
[2005/09/05 04:25:08 | 000,339,968 | R--- | M] () -- C:\WINDOWS\vsnpstd3.exe
[2005/08/18 07:50:02 | 000,176,128 | ---- | M] (brother) -- C:\WINDOWS\System32\Pdrvinst.dll
[2005/08/15 20:31:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\vpc32.INI
[2005/07/17 13:46:44 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Wakeup.lnk
[2005/07/17 13:42:14 | 000,000,203 | ---- | M] () -- C:\WINDOWS\LGSETUP.INI
[2005/07/17 13:42:12 | 000,000,203 | ---- | M] () -- C:\WINDOWS\LGPSCP.INI
[2005/07/15 12:54:47 | 000,000,032 | ---- | M] () -- C:\WINDOWS\basefx.INI
[2005/07/14 12:31:20 | 000,027,648 | ---- | M] () -- C:\WINDOWS\System32\AVSredirect.dll
[2005/07/01 08:05:36 | 000,061,440 | ---- | M] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE
[2005/07/01 08:05:12 | 000,069,632 | ---- | M] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2005/06/30 21:03:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\iPlayer.INI
[2005/06/28 13:51:44 | 000,000,337 | ---- | M] () -- C:\WINDOWS\SIERRA.INI
[2005/06/14 05:37:48 | 000,023,040 | ---- | M] (CNNIC) -- C:\WINDOWS\System32\cdnns.dll
[2005/04/17 11:30:56 | 000,043,712 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\NavLogon.dll
[2005/04/12 05:11:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\System32\drivers\ElbyDelay.sys
[2005/04/05 17:39:45 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2005/04/05 17:39:45 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Nelson\Desktop\Windows Media Player.lnk
[2005/04/05 10:17:04 | 000,517,848 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\SymNeti.dll
[2005/04/05 10:17:04 | 000,132,824 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\SymRedir.dll
[2005/04/05 10:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symtdi.sys
[2005/04/05 10:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symredrv.sys
[2005/04/05 10:16:58 | 000,036,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symids.sys
[2005/04/05 10:16:56 | 000,047,192 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symndis.sys
[2005/04/05 10:16:54 | 000,173,208 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symfw.sys
[2005/04/05 10:16:52 | 000,011,512 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symdns.sys
[2005/04/05 10:08:32 | 000,001,133 | ---- | M] () -- C:\WINDOWS\System32\drivers\SymRedir.inf
[2005/04/05 10:08:32 | 000,000,020 | ---- | M] () -- C:\WINDOWS\System32\drivers\SymRedir.cat
[2005/04/04 17:19:04 | 000,000,022 | ---- | M] () -- C:\WINDOWS\System32\ati64hlp.stb
[2005/04/04 12:09:28 | 000,035,840 | ---- | M] (Zeon Corporation) -- C:\WINDOWS\System32\znlib7.dll
[2005/04/01 19:36:04 | 000,123,200 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2005/04/01 19:36:04 | 000,091,856 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2005/03/31 22:17:42 | 000,040,960 | ---- | M] () -- C:\Program Files\Uninstall_CDS.exe
[2005/03/29 00:01:16 | 000,001,892 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RecordNow! Deluxe.lnk
[2005/02/28 13:16:22 | 000,240,128 | ---- | M] () -- C:\WINDOWS\System32\x.264.exe
[2005/02/24 11:29:14 | 000,162,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\pfc027.sys
[2005/02/24 10:32:22 | 000,048,640 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\SP207.ax
[2005/02/24 08:23:28 | 000,057,344 | R--- | M] (Zeon Corporation) -- C:\WINDOWS\System32\znsl6.dll
[2005/02/22 13:25:02 | 000,081,920 | RHS- | M] () -- C:\WINDOWS\System32\aac_parser.ax
[2005/02/12 19:30:00 | 000,186,880 | RHS- | M] (RadLight) -- C:\WINDOWS\System32\RLOgg.ax
[2005/02/12 19:30:00 | 000,067,584 | RHS- | M] (RadLight, LLC) -- C:\WINDOWS\System32\RLTheoraDec.ax
[2005/02/12 19:30:00 | 000,051,712 | RHS- | M] () -- C:\WINDOWS\System32\RLSpeexDec.ax
[2005/02/05 19:30:00 | 000,092,672 | RHS- | M] (RadLight) -- C:\WINDOWS\System32\RLVorbisDec.ax
[2005/01/25 14:15:42 | 000,010,240 | ---- | M] () -- C:\WINDOWS\System32\PA207Usd.dll
[2005/01/17 19:56:36 | 000,179,200 | RHS- | M] (Gabest) -- C:\WINDOWS\System32\DiracSplitter.ax
[2005/01/14 08:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2004/12/20 06:40:50 | 000,061,440 | ---- | M] () -- C:\WINDOWS\System32\xvid.ax
[2004/12/20 06:33:26 | 000,679,936 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/12/10 16:35:06 | 000,147,456 | ---- | M] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2004/11/22 12:37:38 | 000,040,960 | ---- | M] () -- C:\WINDOWS\98Setup.exe
[2004/10/26 19:09:05 | 003,375,104 | ---- | M] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/10/26 19:09:04 | 000,053,248 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpv10.dll
[2004/10/26 19:09:03 | 000,602,112 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI10.dll
[2004/10/26 19:09:03 | 000,335,872 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpus10.dll
[2004/10/26 19:09:03 | 000,290,816 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpu10.dll
[2004/10/26 19:08:24 | 001,335,296 | ---- | M] (Protexis Inc.) -- C:\WINDOWS\System32\PSIKey.dll
[2004/10/26 19:08:24 | 000,577,536 | ---- | M] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec.ax
[2004/10/26 19:08:18 | 000,528,384 | ---- | M] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2004/10/26 19:08:18 | 000,206,336 | ---- | M] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2004/10/26 19:08:18 | 000,094,208 | ---- | M] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec_0411.dll
[2004/10/26 19:08:18 | 000,094,208 | ---- | M] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec_040c.dll
[2004/10/26 19:08:18 | 000,094,208 | ---- | M] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec_0407.dll
[2004/10/26 19:08:17 | 000,206,848 | ---- | M] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2004/10/15 18:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys
[2004/10/12 15:42:30 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2004/10/12 15:40:58 | 002,255,360 | ---- | M] () -- C:\WINDOWS\System32\libavcodec.dll
[2004/10/05 17:16:08 | 000,395,776 | ---- | M] () -- C:\WINDOWS\System32\libmplayer.dll
[2004/10/04 02:50:26 | 000,112,640 | ---- | M] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2004/08/18 15:26:38 | 000,143,360 | ---- | M] (Zeon) -- C:\WINDOWS\System32\GDIPlusImage.dll
[2004/08/18 15:14:04 | 000,208,896 | ---- | M] (Zeon Corporation) -- C:\WINDOWS\System32\znlib6.dll
[2004/07/29 03:13:28 | 000,046,779 | ---- | M] (PowerQuest Corporation) -- C:\WINDOWS\System32\drivers\PQIMount.sys
[2004/07/29 02:33:08 | 000,138,780 | ---- | M] (StorageCraft) -- C:\WINDOWS\System32\drivers\PQV2i.sys
[2004/07/29 01:53:58 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\System32\gearsec.exe
[2004/07/20 17:24:10 | 001,568,768 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2004/07/20 17:24:10 | 000,476,320 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2004/07/20 17:24:10 | 000,471,040 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2004/07/20 17:24:10 | 000,262,144 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2004/07/09 09:43:56 | 000,364,544 | ---- | M] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2004/06/29 09:11:28 | 002,560,000 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\System\cmicnfg.cpl
[2004/06/27 10:39:33 | 000,001,725 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2004/06/27 09:56:04 | 000,796,672 | ---- | M] (Qsc) -- C:\WINDOWS\GPInstall.exe
[2004/06/26 21:30:25 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Printkey2000.lnk
[2004/06/26 21:21:54 | 000,000,063 | ---- | M] () -- C:\WINDOWS\mdm.ini
[2004/06/24 16:09:28 | 000,155,648 | ---- | M] (C-Media) -- C:\WINDOWS\System32\cmuda.dll
[2004/06/24 04:11:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\px.ini
[2004/05/25 12:36:58 | 000,417,792 | ---- | M] () -- C:\WINDOWS\System32\ac3filter.cpl
[2004/05/25 12:36:58 | 000,417,792 | ---- | M] () -- C:\WINDOWS\System32\ac3filter.ax
[2004/04/26 19:30:00 | 000,037,888 | RHS- | M] (RadLight) -- C:\WINDOWS\System32\RLMPCDec.ax
[2004/04/23 14:02:10 | 000,233,472 | ---- | M] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2004/03/07 19:38:42 | 000,774,144 | ---- | M] (Gabest) -- C:\WINDOWS\System32\DVobSub.ax
[2004/02/27 06:06:18 | 000,015,498 | R--- | M] () -- C:\WINDOWS\snpstd3.ini
[2004/02/27 06:06:18 | 000,013,023 | R--- | M] () -- C:\WINDOWS\snpstd3.src
[2004/02/25 16:00:37 | 000,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf
[2004/02/24 15:25:30 | 000,019,188 | ---- | M] () -- C:\WINDOWS\Q883956Readme.rtf
[2004/02/22 10:11:08 | 000,719,872 | ---- | M] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2004/02/17 09:51:56 | 001,458,176 | ---- | M] (C-Media Electronics Inc.) -- C:\WINDOWS\System\SmWizard.exe
[2004/02/16 02:29:52 | 000,061,440 | R--- | M] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2004/02/12 02:15:51 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2004/02/11 18:36:17 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\Nelson\Desktop\Nero Express.lnk
[2004/02/10 06:45:36 | 000,344,064 | ---- | M] () -- C:\WINDOWS\System32\xvid.dll
[2004/02/08 08:35:24 | 001,581,136 | ---- | M] (None) -- C:\Documents and Settings\Nelson\Desktop\VisualBoyAdvance.exe
[2004/01/30 19:29:07 | 000,000,186 | ---- | M] () -- C:\Documents and Settings\Nelson\Desktop\FutureShop.ca.url
[2004/01/30 19:27:59 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Nelson\Desktop\Cicero System Manual.lnk
[2004/01/25 00:00:00 | 000,070,656 | ---- | M] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2004/01/25 00:00:00 | 000,070,656 | ---- | M] (www.helixcommunity.org) -- C:\WINDOWS\System32\i420vfw.dll
[2004/01/14 17:05:04 | 000,315,392 | ---- | M] (The University of New South Wales) -- C:\WINDOWS\System32\kdu_v41R.dll
[2003/12/16 20:32:22 | 000,001,740 | ---- | M] () -- C:\WINDOWS\System32\dcache.bin
[2003/12/16 20:29:18 | 000,079,118 | ---- | M] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2003/12/16 20:25:22 | 000,136,704 | ---- | M] () -- C:\WINDOWS\System32\mpg2splt.ax
[2003/12/16 20:25:22 | 000,110,592 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mpg2data.ax
[2003/12/16 20:25:22 | 000,110,592 | ---- | M] () -- C:\WINDOWS\System32\mpeg2data.ax
[2003/12/16 20:25:22 | 000,052,736 | ---- | M] () -- C:\WINDOWS\System32\msdvbnp.ax
[2003/12/16 20:25:22 | 000,030,208 | ---- | M] () -- C:\WINDOWS\System32\psisrndr.ax
[2003/12/16 20:25:14 | 001,211,392 | ---- | M] () -- C:\WINDOWS\System32\quartz.dll
[2003/12/16 20:25:14 | 000,534,016 | ---- | M] () -- C:\WINDOWS\System32\qedit.dll
[2003/12/16 20:25:14 | 000,358,400 | ---- | M] () -- C:\WINDOWS\System32\qdvd.dll
[2003/12/16 20:25:14 | 000,349,696 | ---- | M] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/12/16 20:25:14 | 000,269,824 | ---- | M] () -- C:\WINDOWS\System32\qdv.dll
[2003/12/16 20:25:14 | 000,222,208 | ---- | M] () -- C:\WINDOWS\System32\sbe.dll
[2003/12/16 20:25:14 | 000,222,208 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2003/12/16 20:25:14 | 000,180,224 | ---- | M] () -- C:\WINDOWS\System32\qcap.dll
[2003/12/16 20:25:12 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\msdmo.dll
[2003/12/16 20:25:10 | 000,034,304 | ---- | M] () -- C:\WINDOWS\System32\mciqtz32.dll
[2003/12/16 20:25:08 | 000,498,205 | ---- | M] () -- C:\WINDOWS\System32\dxmasf.dll
[2003/12/16 20:25:08 | 000,242,688 | ---- | M] () -- C:\WINDOWS\System32\compatui.dll
[2003/12/16 20:25:08 | 000,167,936 | ---- | M] () -- C:\WINDOWS\System32\encdec.dll
[2003/12/16 20:25:08 | 000,167,936 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2003/12/16 20:25:08 | 000,064,512 | ---- | M] () -- C:\WINDOWS\System32\amstream.dll
[2003/12/16 20:25:08 | 000,055,808 | ---- | M] () -- C:\WINDOWS\System32\devenum.dll
[2003/12/16 20:24:56 | 000,843,802 | ---- | M] () -- C:\WINDOWS\System32\msdxm.ocx
[2003/12/16 20:24:50 | 000,004,126 | ---- | M] () -- C:\WINDOWS\System32\msdxmlc.dll
[2003/12/16 20:24:48 | 000,733,184 | ---- | M] () -- C:\WINDOWS\System32\qedwipes.dll
[2003/12/15 19:36:44 | 000,053,840 | ---- | M] () -- C:\WINDOWS\System32\dosx.exe
[2003/12/15 19:33:04 | 000,003,338 | ---- | M] () -- C:\WINDOWS\System32\redir.exe
[2003/12/15 19:30:42 | 000,035,424 | ---- | M] () -- C:\WINDOWS\System32\ntio412.sys
[2003/12/15 19:30:42 | 000,034,560 | ---- | M] () -- C:\WINDOWS\System32\ntio404.sys
[2003/12/15 19:30:40 | 000,034,560 | ---- | M] () -- C:\WINDOWS\System32\ntio804.sys
[2003/12/15 19:30:38 | 000,035,648 | ---- | M] () -- C:\WINDOWS\System32\ntio411.sys
[2003/12/15 19:30:38 | 000,033,840 | ---- | M] () -- C:\WINDOWS\System32\ntio.sys
[2003/12/15 18:51:02 | 000,020,096 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2003/12/15 18:36:22 | 000,196,665 | ---- | M] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2003/11/28 18:57:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\brdfxspd.dat
[2003/11/24 20:13:40 | 000,064,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2003/11/24 11:38:30 | 000,021,980 | ---- | M] () -- C:\WINDOWS\System32\sorttbls.nls
[2003/11/24 11:38:28 | 000,249,188 | ---- | M] () -- C:\WINDOWS\System32\locale.nls
[2003/11/24 11:34:00 | 001,326,080 | ---- | M] () -- C:\WINDOWS\System32\webfldrs.msi
[2003/11/24 11:28:28 | 000,067,866 | ---- | M] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2003/11/24 11:28:28 | 000,067,866 | ---- | M] () -- C:\WINDOWS\System32\dllcache\netwlan5.img
[2003/11/24 11:28:24 | 000,004,310 | ---- | M] () -- C:\WINDOWS\System32\odbcconf.rsp
[2003/11/24 11:27:30 | 000,956,996 | ---- | M] () -- C:\WINDOWS\System32\instcat.sql
[2003/11/20 19:30:00 | 000,054,784 | RHS- | M] (RadLight) -- C:\WINDOWS\System32\RLAPEDec.ax
[2003/10/21 06:49:08 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\PtrcENG.dll
[2003/09/16 07:11:42 | 000,141,194 | R--- | M] () -- C:\WINDOWS\VGAsetup.ini
[2003/09/13 02:05:44 | 000,110,592 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2003/09/13 02:05:30 | 000,102,400 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2003/09/13 02:05:20 | 000,034,816 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2003/09/13 02:05:06 | 000,086,016 | ---- | M] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003/08/05 05:44:34 | 000,065,152 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtlnic51.sys
[2003/07/14 20:19:16 | 000,122,880 | ---- | M] () -- C:\WINDOWS\System32\cddvdint.dll
[2003/07/11 14:50:34 | 000,073,728 | ---- | M] (Motive Communications, Inc.) -- C:\WINDOWS\System32\BinaryAggregator1.dll
[2003/07/11 14:49:52 | 000,040,448 | ---- | M] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2003/07/11 14:48:52 | 001,069,056 | ---- | M] (Motive Communications, Inc.) -- C:\WINDOWS\System32\ActiveUtils.dll
[2003/07/11 14:44:20 | 000,327,680 | ---- | M] (Motive Communications, Inc.) -- C:\WINDOWS\System32\snmpaxctrl.dll
[2003/07/11 14:43:44 | 000,037,376 | ---- | M] (Motive Communications, Inc.) -- C:\WINDOWS\System32\ReportReader.dll
[2003/07/11 14:42:48 | 000,087,040 | ---- | M] (Motive Communications, Inc.) -- C:\WINDOWS\System32\WebFlowIDPersist.dll
[2003/07/11 14:41:54 | 000,086,016 | ---- | M] () -- C:\WINDOWS\System32\BJInstaller.dll
[2003/06/12 21:01:46 | 000,075,904 | ---- | M] (VIA Technologies inc,.ltd) -- C:\WINDOWS\System32\drivers\viasraid.sys
[2003/05/27 19:45:55 | 000,000,021 | ---- | M] () -- C:\MINI
[2003/05/27 19:45:55 | 000,000,021 | ---- | M] () -- C:\LOCAL
[2003/05/27 19:27:01 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2003/05/27 19:24:15 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/05/27 19:23:14 | 000,001,846 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Explorer.lnk
[2003/05/27 19:05:04 | 000,032,347 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2003/05/27 01:06:16 | 000,658,386 | ---- | M] () -- C:\WINDOWS\System32\Cicero System Manual.chm
[2003/05/22 13:27:24 | 000,620,094 | ---- | M] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2003/05/20 14:40:04 | 000,210,432 | ---- | M] (Moonlight Cordless Ltd.) -- C:\WINDOWS\System32\mpgdec.ax
[2003/05/12 09:55:58 | 000,503,808 | ---- | M] (Elecard Ltd.) -- C:\WINDOWS\System32\mpeg2dmx.ax
[2003/05/02 03:17:27 | 000,000,008 | ---- | M] () -- C:\USER
[2003/05/02 03:17:27 | 000,000,008 | ---- | M] () -- C:\WINDOWS\New.flg
[2003/05/02 03:17:26 | 000,181,592 | ---- | M] () -- C:\XP.DAT
[2003/05/01 21:52:45 | 000,000,120 | ---- | M] () -- C:\WINDOWS\picturific.ini
[2003/05/01 21:44:57 | 000,000,061 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2003/05/01 21:12:07 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2003/05/01 21:07:18 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2003/05/01 21:07:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2003/05/01 21:07:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2003/05/01 21:07:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2003/05/01 21:07:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2003/05/01 21:07:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2003/05/01 21:07:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2003/05/01 21:07:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2003/05/01 21:06:56 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2003/05/01 21:05:41 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2003/05/01 21:05:41 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2003/05/01 21:04:03 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2003/05/01 21:04:03 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2003/04/29 06:43:26 | 000,155,136 | ---- | M] () -- C:\WINDOWS\System32\unrar.dll
[2003/04/24 12:29:08 | 000,032,768 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\System32\udaprop.dll
[2003/03/14 04:10:49 | 000,001,534 | ---- | M] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/03/04 03:54:24 | 000,005,995 | ---- | M] () -- C:\WINDOWS\System32\dllcache\Q330994.inf
[2003/02/24 13:16:46 | 000,051,712 | ---- | M] (Zeon Corporation) -- C:\WINDOWS\System32\znlib3.dll
[2003/02/24 13:09:38 | 000,086,528 | ---- | M] (Zeon Corporation) -- C:\WINDOWS\System32\znlib2.dll
[2003/02/18 17:26:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2003/01/29 02:59:34 | 000,008,703 | ---- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\System32\drivers\EIO.sys
[2003/01/27 20:02:18 | 000,831,600 | ---- | M] () -- C:\WINDOWS\System32\Ctaa1.dat
[2003/01/01 08:17:49 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Nelson\ntuser.ini
[2003/01/01 04:41:05 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Nelson\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/01/01 02:28:23 | 000,002,818 | ---- | M] () -- C:\Documents and Settings\Nelson\Desktop\vba.ini
[2003/01/01 01:29:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Nelson\defogger_reenable
[2003/01/01 00:35:04 | 000,357,158 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2003/01/01 00:35:04 | 000,312,220 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2003/01/01 00:35:04 | 000,040,224 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2003/01/01 00:17:34 | 000,000,066 | ---- | M] () -- C:\WINDOWS\Power Video Converter.INI
[2003/01/01 00:10:24 | 000,000,144 | ---- | M] () -- C:\WINDOWS\System32\msexcr.ini
[2003/01/01 00:06:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2003/01/01 00:03:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2003/01/01 00:03:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2003/01/01 00:01:42 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\Nelson\ntuser.dat
[2003/01/01 00:01:37 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2003/01/01 00:01:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2003/01/01 00:01:28 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2002/12/31 23:14:33 | 000,101,086 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\PP11Thumbs.ptn
[2002/12/31 23:14:33 | 000,000,327 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\maxdesk.ini2
[2002/12/31 23:14:33 | 000,000,073 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\PP11Thumbs.ptn2
[2002/12/31 23:09:15 | 000,096,141 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\mun prerequisite waiver.pdf
[2002/11/21 14:27:26 | 000,204,800 | ---- | M] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2002/11/21 14:27:26 | 000,200,704 | ---- | M] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2002/11/21 14:27:26 | 000,192,512 | ---- | M] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2002/11/21 14:27:26 | 000,192,512 | ---- | M] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2002/11/21 14:27:26 | 000,188,416 | ---- | M] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2002/11/21 14:27:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\IVIresize.dll
[2002/11/18 11:45:24 | 000,062,464 | ---- | M] (Morgan Multimedia) -- C:\WINDOWS\System32\MMSwitch.ax
[2002/11/18 11:32:58 | 000,040,960 | ---- | M] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2002/11/15 08:41:28 | 000,077,824 | ---- | M] () -- C:\WINDOWS\System32\MMSwitch.dll
[2002/10/06 15:12:58 | 000,237,568 | ---- | M] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 19:34:26 | 000,921,600 | ---- | M] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002/10/04 19:34:26 | 000,188,416 | ---- | M] () -- C:\WINDOWS\System32\vorbis.dll
[2002/10/04 19:34:18 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\ogg.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[246 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/22 11:57:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/08/21 20:48:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010/08/21 17:36:40 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\Nelson\Desktop\cmd.lnk
[2010/08/21 17:20:53 | 000,001,822 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nokia Ovi Suite.lnk
[2010/08/21 17:15:47 | 000,217,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2010/08/21 17:14:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/08/21 16:32:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010/08/21 16:32:46 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/07/09 20:20:41 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/07/09 20:19:32 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/01 00:12:26 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2010/07/01 00:12:26 | 000,001,562 | ---- | C] () -- C:\Documents and Settings\Nelson\Desktop\ImgBurn.lnk
[2010/06/29 23:58:54 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/06/29 23:58:54 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/06/28 23:09:41 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\礣orrent.lnk
[2010/06/28 23:09:41 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\礣orrent.lnk
[2010/06/25 10:18:52 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\Nelson\My Documents\English 3283 2010-2012.doc
[2010/06/25 10:18:46 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Nelson\My Documents\Readers Response.doc
[2010/06/25 10:18:40 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Nelson\My Documents\~$mmer Reading 2010.doc
[2010/06/13 19:59:47 | 000,000,000 | ---- | C] () -- C:\Program Files\error.dat
[2010/06/13 19:59:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2010/06/13 19:59:17 | 000,003,144 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srgb.icm
[2010/06/13 19:59:06 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\PtrcENG.dll
[2010/06/10 06:19:59 | 000,019,188 | ---- | C] () -- C:\WINDOWS\Q883956Readme.rtf
[2010/06/08 00:42:37 | 000,001,873 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/05/16 22:08:39 | 000,000,204 | ---- | C] () -- C:\10 Claude Disc2.iso.adp
[2010/05/16 20:59:28 | 001,013,248 | ---- | C] () -- C:\2010 Claude Berthiaume 2nd Disc.dwz
[2010/05/16 17:16:20 | 000,361,984 | ---- | C] () -- C:\2010 Claude Berthiaume 1st Disc 4 class.dwz
[2010/05/16 16:52:27 | 001,207,296 | ---- | C] () -- C:\2010 Claude Berthiaume 1st Disc.dwz
[2010/04/23 06:20:44 | 000,000,162 | -H-- | C] () -- C:\~$cket Richard.doc
[2010/04/23 01:01:47 | 000,019,968 | ---- | C] () -- C:\Rocket Richard.doc
[2010/04/14 16:11:07 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/11 16:07:00 | 002,201,391 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\DSC06548.JPG
[2010/04/11 16:05:42 | 002,269,431 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\DSC06547.JPG
[2010/04/11 08:47:02 | 000,001,677 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TCE-LEC 2000.lnk
[2010/04/11 08:46:38 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\VbMCHook.dll
[2010/04/10 18:20:38 | 002,338,869 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\DSC06529.JPG
[2010/04/06 19:28:43 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Nelson\My Documents\What do you mean by hunger.doc
[2010/04/01 17:24:36 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/23 21:05:32 | 002,023,828 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\DSC06515.JPG
[2010/03/21 10:43:22 | 002,184,735 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\DSC06513.JPG
[2010/03/21 10:43:16 | 002,482,349 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\DSC06512.JPG
[2010/03/15 21:05:39 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/14 15:01:28 | 000,002,381 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RuneScape.lnk
[2010/03/10 16:34:36 | 000,001,654 | ---- | C] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/02/14 19:00:57 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2010/02/14 19:00:56 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2010/02/14 19:00:56 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/02/14 19:00:55 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2010/02/14 19:00:54 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2010/02/14 19:00:54 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2010/02/14 18:48:11 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPER Uninstall.lnk
[2010/02/14 18:48:11 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPER .lnk
[2010/02/14 18:48:09 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2010/02/14 18:48:08 | 000,051,712 | RHS- | C] () -- C:\WINDOWS\System32\RLSpeexDec.ax
[2010/02/14 18:48:08 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2010/02/14 18:48:07 | 000,175,104 | RHS- | C] () -- C:\WINDOWS\System32\CoreAAC.ax
[2010/02/14 18:48:06 | 000,227,328 | RHS- | C] () -- C:\WINDOWS\System32\ac3DX.ax
[2010/02/14 18:48:06 | 000,081,920 | RHS- | C] () -- C:\WINDOWS\System32\aac_parser.ax
[2010/02/14 18:48:06 | 000,009,884 | -H-- | C] () -- C:\WINDOWS\super.chm
[2010/02/14 15:58:31 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2007/12/09 21:33:08 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 8 Professional.lnk
[2007/12/09 20:49:02 | 000,001,399 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2007/11/03 20:58:25 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2007/11/03 20:49:05 | 000,000,000 | ---- | C] () -- C:\SMINST
[2007/11/03 17:58:49 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2007/11/03 17:58:48 | 000,222,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2007/11/03 17:58:46 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2007/11/03 17:58:04 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2007/11/03 17:58:01 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2007/11/03 17:57:52 | 000,956,996 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2007/11/03 17:57:45 | 000,136,704 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2007/11/03 17:57:43 | 000,843,802 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2007/11/03 17:57:43 | 000,052,736 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2007/11/03 17:57:29 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2007/11/03 17:57:26 | 000,349,696 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/11/03 17:57:26 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2007/11/03 17:57:23 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2007/11/03 17:57:09 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2007/11/03 17:38:18 | 1072,222,208 | -HS- | C] () -- C:\hiberfil.sys
[2007/11/03 13:22:16 | 000,764,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2007/11/03 13:22:16 | 000,079,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2007/11/03 13:22:14 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2data.ax
[2007/11/03 13:22:13 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netwlan5.img
[2007/11/03 13:22:08 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2007/11/03 13:22:07 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2007/11/03 13:20:16 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2007/11/02 22:58:01 | 000,000,073 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\PP11Thumbs.ptn2
[2007/11/02 22:41:42 | 020,436,243 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Westinghouse Power Transformer.pdf
[2007/11/01 17:41:06 | 000,000,327 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\maxdesk.ini2
[2007/10/31 22:45:51 | 000,101,086 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\PP11Thumbs.ptn
[2007/09/26 15:26:13 | 000,000,081 | ---- | C] () -- C:\WINDOWS\bi_group.ini
[2007/09/12 19:24:02 | 000,000,075 | ---- | C] () -- C:\WINDOWS\winDecrypt.INI
[2007/09/04 19:58:35 | 000,001,636 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2007/08/07 19:55:19 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2007/08/07 19:55:19 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2007/08/07 19:54:34 | 000,003,262 | ---- | C] () -- C:\WINDOWS\app.ico
[2007/08/07 19:51:06 | 000,006,345 | R--- | C] () -- C:\WINDOWS\System32\DevMngr.vxd
[2007/06/19 12:54:19 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CDStart.INI
[2007/05/13 10:55:55 | 000,001,905 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2007/05/13 10:55:55 | 000,001,905 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2007/04/08 19:21:14 | 000,000,121 | ---- | C] () -- C:\pdfinfo.ini
[2007/04/08 19:11:20 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\pwdremover.dat
[2007/04/08 19:11:20 | 000,000,036 | ---- | C] () -- C:\WINDOWS\verypdf.ini
[2007/04/06 18:15:56 | 000,000,033 | ---- | C] () -- C:\WINDOWS\BiMonitor.ini
[2007/04/06 18:15:55 | 000,030,846 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/03/25 10:47:22 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/03/25 10:41:37 | 000,000,919 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2007/02/05 20:59:23 | 004,870,472 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Document (4).max
[2007/02/05 20:59:23 | 001,692,776 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Document.max
[2007/01/06 15:33:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/01/06 15:11:17 | 000,003,323 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/12/27 14:31:38 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006/12/27 14:31:38 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2006/12/27 13:55:22 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.BMP
[2006/12/27 13:55:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2006/12/27 13:35:34 | 000,000,212 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2006/12/27 13:35:34 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2006/12/27 13:35:34 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf06a.dat
[2006/12/10 12:15:19 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\cdda.dll
[2006/10/29 22:06:47 | 000,002,309 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ulead QuickDrop 2.0.lnk
[2006/10/29 22:06:46 | 000,002,316 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ulead DVD MovieFactory 5 Launcher.lnk
[2006/09/10 18:03:23 | 000,015,498 | R--- | C] () -- C:\WINDOWS\snpstd3.ini
[2006/09/10 18:03:23 | 000,013,023 | R--- | C] () -- C:\WINDOWS\snpstd3.src
[2006/09/10 18:03:22 | 000,339,968 | R--- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2006/09/10 18:03:12 | 008,718,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2006/09/09 12:11:54 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2006/08/08 14:00:06 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System\STORAGE.DLL
[2006/08/08 14:00:06 | 000,028,113 | ---- | C] () -- C:\WINDOWS\System\OLE2.REG
[2006/08/08 14:00:06 | 000,014,933 | ---- | C] () -- C:\WINDOWS\System\VSHARE.386
[2006/05/24 05:39:50 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Power Video Converter.INI
[2006/04/15 15:39:55 | 000,001,012 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CloneDVD2.lnk
[2006/03/10 20:27:31 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\infcpy.dll
[2006/03/10 20:27:31 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\gtcodec.dll
[2006/03/10 20:27:31 | 000,000,598 | ---- | C] () -- C:\WINDOWS\FashionCam01.ini
[2006/03/10 20:27:31 | 000,000,025 | ---- | C] () -- C:\WINDOWS\AVIMaker.INI
[2006/03/05 14:33:46 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/01/29 11:32:27 | 000,031,300 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdnprot.vxd
[2005/11/19 15:21:43 | 000,002,060 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CyberLink Multimedia Launcher.lnk
[2005/11/19 15:21:38 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2005/09/23 15:01:36 | 000,509,449 | ---- | C] () -- C:\WINDOWS\System32\setuprun.exe
[2005/09/21 04:04:14 | 000,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI
[2005/09/21 03:36:28 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/09/18 11:04:18 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
[2005/09/18 11:04:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCVCDVW.INI
[2005/09/17 16:41:35 | 000,002,320 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ulead DVD MovieFactory 4.0 Launcher.lnk
[2005/09/16 06:32:06 | 000,001,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVR 3.lnk
[2005/09/11 20:42:06 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Nelson\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/10 14:50:47 | 000,002,023 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Encarta Premium DVD 2006.lnk
[2005/09/10 14:50:47 | 000,002,004 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Encarta Kids 2006.lnk
[2005/09/10 14:50:47 | 000,001,969 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Encarta Dictionary Tools.lnk
[2005/09/10 12:55:33 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Nelson\My Documents\Moi.doc
[2005/09/07 11:00:44 | 000,257,536 | ---- | C] () -- C:\WINDOWS\System32\BiImg.dll
[2005/09/07 11:00:44 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JPEG32.DLL
[2005/08/15 20:31:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2005/08/08 13:02:01 | 000,000,034 | ---- | C] () -- C:\WINDOWS\webica.ini
[2005/08/05 22:04:18 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2005/08/05 22:04:18 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005/08/05 22:04:18 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2005/08/05 22:04:17 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2005/08/03 22:00:07 | 000,000,634 | ---- | C] () -- C:\WINDOWS\System32\MAPISVC.INF
[2005/07/31 11:32:33 | 000,000,040 | ---- | C] () -- C:\Auth.prof
[2005/07/31 09:22:14 | 000,001,686 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Movies.lnk
[2005/07/31 09:22:14 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2005/07/17 13:42:16 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Wakeup.lnk
[2005/07/17 13:42:15 | 000,035,487 | ---- | C] () -- C:\WINDOWS\System32\LPT.VXD
[2005/07/17 13:42:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\lguninst.exe
[2005/07/17 13:42:14 | 000,003,380 | ---- | C] () -- C:\WINDOWS\XIMGKIT.INI
[2005/07/17 13:42:14 | 000,002,573 | ---- | C] () -- C:\WINDOWS\Wavemix.ini
[2005/07/17 13:42:14 | 000,000,224 | ---- | C] () -- C:\WINDOWS\lgunpscp.ini
[2005/07/17 13:42:12 | 000,000,203 | ---- | C] () -- C:\WINDOWS\LGSETUP.INI
[2005/07/17 13:42:12 | 000,000,203 | ---- | C] () -- C:\WINDOWS\LGPSCP.INI
[2005/07/15 12:54:03 | 000,000,032 | ---- | C] () -- C:\WINDOWS\basefx.INI
[2005/07/02 12:26:35 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\22B8C0E195.sys
[2005/06/30 21:03:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/06/28 13:49:50 | 000,000,337 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/06/11 16:58:57 | 000,002,818 | ---- | C] () -- C:\Documents and Settings\Nelson\Desktop\vba.ini
[2005/05/30 19:34:31 | 000,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CloneCD.lnk
[2005/05/27 18:06:45 | 000,000,303 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
[2005/05/27 17:57:27 | 000,012,598 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2005/04/05 17:42:49 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Nelson\Desktop\Windows Media Player.lnk
[2005/04/05 10:08:32 | 000,001,133 | ---- | C] () -- C:\WINDOWS\System32\drivers\SymRedir.inf
[2005/04/05 10:08:32 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\drivers\SymRedir.cat
[2005/04/04 17:19:04 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\ati64hlp.stb
[2005/03/29 00:04:37 | 000,001,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD Creator 2.lnk
[2005/03/29 00:03:27 | 000,001,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD 4.lnk
[2005/03/29 00:01:58 | 000,001,892 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RecordNow! Deluxe.lnk
[2005/03/27 17:52:25 | 000,220,160 | ---- | C] () -- C:\WINDOWS\PRINTERS.EXE
[2005/03/27 17:52:25 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PRTdlink.dll
[2005/02/24 11:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\pfc027.sys
[2005/02/17 08:01:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/02/17 08:01:58 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/02/17 08:01:58 | 000,417,792 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.cpl
[2005/02/17 08:01:58 | 000,417,792 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax
[2005/02/17 08:01:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/02/17 08:01:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/02/17 08:01:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/02/17 08:01:58 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/02/17 08:01:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2005/02/17 08:01:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/02/17 08:01:57 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005/02/17 08:01:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2005/01/25 14:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207Usd.dll
[2004/11/22 12:37:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\98Setup.exe
[2004/10/26 19:09:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/06/27 12:27:35 | 000,001,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD 6.lnk
[2004/06/27 12:27:35 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
[2004/06/27 12:27:26 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/06/27 12:27:26 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/06/27 12:27:26 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/06/27 12:27:26 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/06/27 12:27:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/06/27 12:27:26 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/06/27 12:27:00 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2004/06/27 12:26:31 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2004/06/27 09:56:04 | 000,007,883 | ---- | C] () -- C:\WINDOWS\Eng_UK.gpl
[2004/06/27 09:26:53 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2004/06/27 08:51:21 | 000,000,396 | ---- | C] () -- C:\WINDOWS\NJCOM.INI
[2004/06/26 22:02:39 | 000,002,473 | ---- | C] () -- C:\Documents and Settings\Nelson\Desktop\Microsoft Word.lnk
[2004/06/26 22:02:16 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2004/06/26 22:02:16 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2004/06/26 22:02:16 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\Nelson\Desktop\Nero Express.lnk
[2004/06/26 22:02:16 | 000,000,186 | ---- | C] () -- C:\Documents and Settings\Nelson\Desktop\FutureShop.ca.url
[2004/06/26 22:02:16 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Nelson\Desktop\Cicero System Manual.lnk
[2004/06/26 22:02:16 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Nelson\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2004/06/26 22:02:15 | 004,194,304 | -H-- | C] () -- C:\Documents and Settings\Nelson\ntuser.dat
[2004/06/26 22:02:15 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Nelson\ntuser.dat.LOG
[2004/06/26 22:02:15 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Nelson\ntuser.ini
[2004/06/26 21:30:25 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Printkey2000.lnk
[2004/06/26 21:30:01 | 000,000,891 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickVCD Player 3.4.lnk
[2004/06/26 21:21:54 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2004/06/26 21:21:28 | 000,001,725 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2004/06/26 20:22:08 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/06/26 20:20:59 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2004/06/26 20:20:59 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2004/06/26 20:20:59 | 000,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2004/06/26 20:20:59 | 000,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2004/06/26 20:20:57 | 000,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2004/06/26 20:20:57 | 000,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2004/06/26 20:20:57 | 000,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2004/06/26 20:20:57 | 000,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2004/06/26 20:20:57 | 000,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2004/06/26 20:20:57 | 000,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2004/06/26 20:20:57 | 000,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2004/06/26 20:20:57 | 000,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2004/06/26 20:20:56 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls
[2004/06/26 20:20:56 | 000,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2004/06/26 20:20:56 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls
[2004/06/26 20:20:56 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls
[2004/06/26 20:20:56 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2004/06/26 20:20:56 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2004/06/26 20:20:56 | 000,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP
[2004/06/26 20:20:56 | 000,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP
[2004/06/26 20:20:56 | 000,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2004/06/26 20:20:56 | 000,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2004/06/26 20:20:56 | 000,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2004/06/26 20:20:56 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2004/06/26 20:20:54 | 001,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2004/06/26 20:20:54 | 001,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2004/06/26 20:20:54 | 001,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2004/06/26 20:20:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls
[2004/06/26 20:20:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls
[2004/06/26 20:20:53 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls
[2004/06/26 20:20:53 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2004/06/26 20:20:53 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2004/06/26 20:20:49 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls
[2004/06/26 20:20:49 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls
[2004/06/26 20:20:49 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls
[2004/06/26 20:20:48 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2004/06/26 20:20:42 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls
[2004/06/26 20:20:42 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls
[2004/06/26 20:20:42 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls
[2004/06/26 20:20:42 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls
[2004/06/26 20:20:42 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2004/06/26 20:20:42 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls
[2004/06/26 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls
[2004/06/26 20:20:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls
[2004/06/26 20:20:42 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls
[2004/06/26 20:20:41 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2004/06/26 20:20:40 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2004/06/24 04:11:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/04/23 14:02:10 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2004/02/25 16:00:37 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf
[2004/02/12 02:11:06 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Keyboard.lnk
[2004/02/12 02:11:06 | 000,002,185 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keyboard Quick Start Guide.lnk
[2004/01/31 17:16:56 | 000,141,194 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini
[2004/01/31 17:09:59 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2004/01/31 10:09:51 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/01/31 10:09:51 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/01/31 02:28:36 | 000,002,238 | ---- | C] () -- C:\WINDOWS\System32\futureshop_ca.ico
[2003/05/27 19:45:55 | 000,000,021 | ---- | C] () -- C:\MINI
[2003/05/27 19:45:55 | 000,000,021 | ---- | C] () -- C:\LOCAL
[2003/05/27 19:37:59 | 000,002,533 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Print @ Future Shop.lnk
[2003/05/27 19:27:01 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2003/05/27 19:24:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/05/27 19:21:21 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2003/05/27 19:13:19 | 000,658,386 | ---- | C] () -- C:\WINDOWS\System32\Cicero System Manual.chm
[2003/05/27 19:12:50 | 000,012,598 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2003/05/27 19:12:32 | 000,312,220 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/05/27 19:12:32 | 000,040,224 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/05/27 19:05:04 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Explorer.lnk
[2003/05/27 19:05:02 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2003/05/27 19:05:02 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2003/05/27 12:18:57 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2003/05/27 12:17:48 | 000,193,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/05/27 12:17:08 | 000,032,347 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2003/05/27 12:11:30 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2003/05/27 12:11:30 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2003/05/27 12:11:29 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2003/05/27 12:11:25 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2003/05/27 12:11:22 | 000,032,674 | ---- | C] () -- C:\WINDOWS\System32\winhelp.hlp
[2003/05/27 12:10:59 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2003/05/27 12:10:56 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2003/05/27 12:10:55 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2003/05/27 12:10:55 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2003/05/27 12:10:54 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2003/05/27 12:10:54 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2003/05/27 12:10:54 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2003/05/27 12:10:54 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2003/05/27 12:10:54 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2003/05/27 12:10:54 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2003/05/27 12:10:54 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2003/05/27 12:10:54 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2003/05/27 12:10:54 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2003/05/27 12:10:54 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2003/05/27 12:10:54 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2003/05/27 12:10:54 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2003/05/27 12:10:53 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2003/05/27 12:10:52 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2003/05/27 12:10:51 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2003/05/27 12:10:50 | 000,089,588 | ---- | C] () -- C:\WINDOWS\System32\unicode.nls
[2003/05/27 12:10:49 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2003/05/27 12:10:43 | 000,379,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2003/05/27 12:10:43 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2003/05/27 12:10:43 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2003/05/27 12:10:43 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2003/05/27 12:10:41 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2003/05/27 12:10:41 | 000,030,720 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sstub.dll
[2003/05/27 12:10:40 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2003/05/27 12:10:40 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2003/05/27 12:10:31 | 000,262,148 | ---- | C] () -- C:\WINDOWS\System32\sortkey.nls
[2003/05/27 12:10:31 | 000,021,980 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls
[2003/05/27 12:10:30 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
[2003/05/27 12:10:28 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2003/05/27 12:10:26 | 000,011,753 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2003/05/27 12:10:26 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2003/05/27 12:10:26 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2003/05/27 12:10:25 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2003/05/27 12:10:24 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003/05/27 12:10:22 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2003/05/27 12:10:22 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2003/05/27 12:10:21 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2003/05/27 12:10:19 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2003/05/27 12:10:17 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2003/05/27 12:10:17 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2003/05/27 12:10:17 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2003/05/27 12:10:08 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/05/27 12:10:08 | 000,058,273 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2003/05/27 12:10:07 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/05/27 12:10:07 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2003/05/27 12:10:05 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2003/05/27 12:10:05 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
[2003/05/27 12:10:05 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2003/05/27 12:10:05 | 000,004,483 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/05/27 12:10:05 | 000,004,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2003/05/27 12:09:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/05/27 12:09:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2003/05/27 12:09:55 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2003/05/27 12:09:55 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2003/05/27 12:09:54 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2003/05/27 12:09:54 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2003/05/27 12:09:54 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2003/05/27 12:09:54 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2003/05/27 12:09:54 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2003/05/27 12:09:54 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2003/05/27 12:09:52 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2003/05/27 12:09:52 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2003/05/27 12:09:52 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2003/05/27 12:09:52 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2003/05/27 12:09:52 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2003/05/27 12:09:52 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2003/05/27 12:09:52 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2003/05/27 12:09:51 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2003/05/27 12:09:51 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2003/05/27 12:09:51 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2003/05/27 12:09:51 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2003/05/27 12:09:51 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/05/27 12:09:45 | 000,102,446 | ---- | C] () -- C:\WINDOWS\System32\net.hlp
[2003/05/27 12:09:44 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2003/05/27 12:09:37 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2003/05/27 12:09:32 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2003/05/27 12:09:32 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2003/05/27 12:09:29 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/05/27 12:09:28 | 000,305,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\micross.ttf
[2003/05/27 12:09:28 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/05/27 12:09:24 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2003/05/27 12:09:24 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2003/05/27 12:09:22 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2003/05/27 12:09:22 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2003/05/27 12:09:22 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\l_intl.nls
[2003/05/27 12:09:22 | 000,000,168 | ---- | C] () -- C:\WINDOWS\System32\l_except.nls
[2003/05/27 12:09:21 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2003/05/27 12:09:21 | 000,249,188 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
[2003/05/27 12:09:20 | 000,003,683 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\lmhosts.sam
[2003/05/27 12:09:20 | 000,001,131 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2003/05/27 12:09:07 | 000,001,696 | ---- | C] () -- C:\WINDOWS\System32\noise.cht
[2003/05/27 12:08:22 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2003/05/27 12:08:22 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2003/05/27 12:08:22 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2003/05/27 12:08:21 | 000,014,710 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2003/05/27 12:08:21 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2003/05/27 12:08:21 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2003/05/27 12:08:15 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2003/05/27 12:08:15 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2003/05/27 12:08:14 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2003/05/27 12:08:14 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2003/05/27 12:08:13 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2003/05/27 12:08:12 | 000,019,694 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2003/05/27 12:08:09 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2003/05/27 12:08:09 | 000,024,772 | ---- | C] () -- C:\WINDOWS\System32\geo.nls
[2003/05/27 12:08:09 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2003/05/27 12:08:08 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2003/05/27 12:08:08 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2003/05/27 12:08:08 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2003/05/27 12:08:07 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2003/05/27 12:08:07 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2003/05/27 12:08:07 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2003/05/27 12:08:06 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2003/05/27 12:08:06 | 000,069,886 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2003/05/27 12:08:06 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2003/05/27 12:08:06 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2003/05/27 12:08:06 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2003/05/27 12:08:06 | 000,010,790 | ---- | C] () -- C:\WINDOWS\System32\edit.hlp
[2003/05/27 12:08:06 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2003/05/27 12:08:06 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2003/05/27 12:08:06 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2003/05/27 12:08:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/05/27 12:08:05 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2003/05/27 12:08:04 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2003/05/27 12:07:23 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2003/05/27 12:07:21 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2003/05/27 12:07:21 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2003/05/27 12:07:21 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2003/05/27 12:07:21 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2003/05/27 12:07:20 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2003/05/27 12:07:17 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_950.nls
[2003/05/27 12:07:17 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_949.nls
[2003/05/27 12:07:17 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_936.nls
[2003/05/27 12:07:17 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_932.nls
[2003/05/27 12:07:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_874.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_865.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_863.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_861.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_860.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_850.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_775.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2003/05/27 12:07:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_437.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_500.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28605.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28598.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28593.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28592.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28591.nls
[2003/05/27 12:07:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21866.nls
[2003/05/27 12:07:15 | 000,139,810 | ---- | C] () -- C:\WINDOWS\System32\c_20261.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20905.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20866.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1258.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1257.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1256.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1255.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1254.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1253.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1252.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1251.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1250.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_1026.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10079.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10000.nls
[2003/05/27 12:07:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_037.nls
[2003/05/27 12:07:15 | 000,008,386 | ---- | C] () -- C:\WINDOWS\System32\ctype.nls
[2003/05/27 12:07:14 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2003/05/27 12:07:13 | 000,038,302 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2003/05/27 12:07:08 | 000,050,620 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2003/05/27 12:07:07 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2003/05/27 12:07:07 | 000,082,944 | ---- | C] () -- C:\WINDOWS\clock.avi
[2003/05/27 12:07:07 | 000,071,859 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2003/05/27 12:07:07 | 000,061,172 | ---- | C] () -- C:\WINDOWS\System32\cmmgr32.hlp
[2003/05/27 12:07:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2003/05/27 12:07:06 | 000,041,762 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2003/05/27 12:07:05 | 000,042,339 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2003/05/27 12:07:03 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2003/05/27 12:07:03 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2003/05/27 12:07:03 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2003/05/27 12:06:52 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2003/05/27 12:06:52 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2003/05/27 12:06:52 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2003/05/27 12:06:49 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2003/05/27 12:06:49 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2003/05/27 12:06:49 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2003/05/27 12:06:49 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
[2003/05/02 03:17:27 | 000,181,592 | ---- | C] () -- C:\XP.DAT
[2003/05/02 03:17:27 | 000,000,008 | ---- | C] () -- C:\USER
[2003/05/02 03:17:27 | 000,000,008 | ---- | C] () -- C:\WINDOWS\New.flg
[2003/05/01 21:52:45 | 000,000,120 | ---- | C] () -- C:\WINDOWS\picturific.ini
[2003/05/01 21:44:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/05/01 21:10:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/05/01 21:07:18 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2003/05/01 21:07:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2003/05/01 21:07:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2003/05/01 21:07:18 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2003/05/01 21:07:18 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2003/05/01 21:07:15 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2003/05/01 21:07:14 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2003/05/01 21:07:14 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2003/05/01 21:07:13 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2003/05/01 21:05:41 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2003/05/01 21:05:41 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2003/05/01 21:05:33 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2003/05/01 21:04:48 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2003/05/01 21:04:48 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2003/05/01 21:02:58 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2003/05/01 21:02:58 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2003/05/01 21:02:58 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2003/05/01 21:02:58 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2003/05/01 21:02:58 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2003/05/01 21:02:58 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2003/05/01 21:02:58 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2003/05/01 21:02:58 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2003/05/01 21:02:58 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2003/05/01 21:02:57 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2003/05/01 21:02:56 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2003/05/01 21:02:55 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2003/05/01 20:52:42 | 000,000,193 | RHS- | C] () -- C:\boot.ini
[2003/05/01 20:52:15 | 000,042,064 | ---- | C] () -- C:\WINDOWS\System32\OEMLOGO.BMP
[2003/05/01 20:52:15 | 000,001,758 | ---- | C] () -- C:\WINDOWS\System32\OemLinkIcon.ico
[2003/05/01 20:52:15 | 000,001,534 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/05/01 20:51:58 | 000,236,720 | RHS- | C] () -- C:\ntldr
[2003/05/01 20:51:58 | 000,047,564 | RHS- | C] () -- C:\NTDETECT.COM
[2003/05/01 20:51:47 | 000,001,696 | ---- | C] () -- C:\WINDOWS\System32\noise.chs
[2003/05/01 20:51:23 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\wiasf.ax
[2003/05/01 20:51:23 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wiasf.ax
[2003/05/01 20:51:04 | 000,240,120 | ---- | C] () -- C:\WINDOWS\System32\setup.bmp
[2003/05/01 20:51:04 | 000,059,167 | ---- | C] () -- C:\WINDOWS\System\setup.inf
[2003/05/01 20:51:04 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\services
[2003/05/01 20:51:04 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2003/05/01 20:51:04 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\secupd.sig
[2003/05/01 20:51:04 | 000,004,573 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/05/01 20:51:04 | 000,004,573 | ---- | C] () -- C:\WINDOWS\System32\dllcache\secupd.dat
[2003/05/01 20:51:02 | 000,003,178 | ---- | C] () -- C:\WINDOWS\System32\rsvpcnts.h
[2003/05/01 20:50:58 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\rasctrnm.h
[2003/05/01 20:50:56 | 000,003,010 | ---- | C] () -- C:\WINDOWS\System32\pschdcnt.h
[2003/05/01 20:50:56 | 000,000,799 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\protocol
[2003/05/01 20:50:55 | 000,000,435 | ---- | C] () -- C:\WINDOWS\System32\perfwci.h
[2003/05/01 20:50:54 | 000,000,427 | ---- | C] () -- C:\WINDOWS\System32\perfci.h
[2003/05/01 20:50:54 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\perffilt.h
[2003/05/01 20:50:43 | 000,000,751 | ---- | C] () -- C:\WINDOWS\System32\noise.enu
[2003/05/01 20:50:43 | 000,000,751 | ---- | C] () -- C:\WINDOWS\System32\noise.eng
[2003/05/01 20:50:42 | 000,000,407 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\networks
[2003/05/01 20:50:26 | 000,001,490 | ---- | C] () -- C:\WINDOWS\System32\mmdriver.inf
[2003/05/01 20:50:09 | 000,020,096 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2003/05/01 20:50:07 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\homepage.inf
[2003/05/01 20:50:07 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2003/05/01 20:49:28 | 000,000,075 | ---- | C] () -- C:\WINDOWS\System32\View Channels.scf
[2003/05/01 13:58:50 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2003/03/04 03:54:24 | 000,005,995 | ---- | C] () -- C:\WINDOWS\System32\dllcache\Q330994.inf
[2003/02/18 17:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2003/01/01 01:29:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Nelson\defogger_reenable
[2003/01/01 00:31:51 | 000,001,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\quotes
[2003/01/01 00:10:24 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\msexcr.ini
[2002/12/31 23:09:13 | 000,096,141 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\mun prerequisite waiver.pdf
[2000/01/05 16:21:22 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\Welsof32.dll
[1999/01/22 14:16:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2005/08/01 16:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2007/09/21 21:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/08/21 16:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2005/09/16 06:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2010/06/10 05:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/08/21 16:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/08/21 17:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2005/09/23 15:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\p4p
[2010/08/21 20:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/06/10 06:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2007/11/03 19:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/03/25 10:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2006/10/29 22:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/06/19 16:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ViceVersa PRO 2
[2007/04/06 18:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2010/04/01 21:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2004/06/27 12:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\InterVideo
[2005/07/04 14:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\Jasc
[2005/07/13 19:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\Leadertech
[2005/09/24 23:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\p4p
[2003/01/01 00:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\PopupCop
[2007/09/30 14:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\ScanSoft
[2005/09/23 15:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\p4p
[2005/11/26 18:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\PopupCop
[2007/10/14 19:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mom\Application Data\Azureus
[2006/02/25 11:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mom\Application Data\ICAClient
[2005/11/30 21:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mom\Application Data\InterVideo
[2010/06/04 08:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mom\Application Data\IsolatedStorage
[2010/04/21 10:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mom\Application Data\PopupCop
[2007/05/03 07:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mom\Application Data\ScanSoft
[2010/04/04 20:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mom\Application Data\Ulead Systems
[2007/09/22 15:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mom\Application Data\Zeon
[2010/06/28 01:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\Azureus
[2002/12/31 23:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\GetRightToGo
[2010/07/01 00:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\ImgBurn
[2010/07/07 03:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\InterVideo
[2003/01/01 00:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\IsolatedStorage
[2010/08/21 17:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\Nokia
[2005/09/26 07:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\p4p
[2010/08/21 19:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\PC Suite
[2005/11/07 20:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\PopupCop
[2007/11/17 22:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\ScanSoft
[2010/07/09 15:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\SharePod
[2003/01/01 00:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\uTorrent
[2002/12/31 23:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\Xilisoft
[2007/12/05 18:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nelson\Application Data\Zeon
[2003/01/01 00:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\InterVideo
[2005/11/07 21:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\PopupCop
[2010/03/13 15:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\ScanSoft
[2010/03/25 21:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Zeon

========== Purity Check ==========



========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[246 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.sys /90 >
[2010/06/30 23:45:57 | 000,000,104 | RHS- | M] () -- C:\WINDOWS\system32\22B8C0E195.sys
[2010/06/30 23:46:01 | 000,004,184 | -HS- | M] () -- C:\WINDOWS\system32\KGyGaAvL.sys
[2003/12/15 19:30:38 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2003/12/15 19:30:42 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2003/12/15 19:30:38 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2003/12/15 19:30:42 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2003/12/15 19:30:40 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2003/12/15 20:14:08 | 000,017,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2003/12/15 20:56:16 | 001,756,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[246 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2003/05/27 12:17:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/05/27 12:17:11 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/05/27 12:17:11 | 000,376,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %SYSTEMDRIVE%\*.* >
[2010/05/16 22:16:04 | 000,000,204 | ---- | M] () -- C:\10 Claude Disc2.iso.adp
[2010/05/16 19:55:39 | 000,361,984 | ---- | M] () -- C:\2010 Claude Berthiaume 1st Disc 4 class.dwz
[2010/06/13 20:45:46 | 001,207,296 | ---- | M] () -- C:\2010 Claude Berthiaume 1st Disc.dwz
[2010/06/13 20:50:06 | 001,013,248 | ---- | M] () -- C:\2010 Claude Berthiaume 2nd Disc.dwz
[2010/04/04 21:02:21 | 000,000,040 | ---- | M] () -- C:\Auth.prof
[2003/05/01 21:07:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/04 20:13:19 | 000,138,532 | ---- | M] () -- C:\avi_log.txt
[2010/02/07 23:33:57 | 000,000,193 | RHS- | M] () -- C:\boot.ini
[2006/12/27 14:31:35 | 000,000,025 | ---- | M] () -- C:\Brxpinst.log
[2003/05/01 21:07:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2003/01/01 00:01:28 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2003/05/01 21:07:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2003/05/27 19:45:55 | 000,000,021 | ---- | M] () -- C:\LOCAL
[2003/05/27 19:45:55 | 000,000,021 | ---- | M] () -- C:\MINI
[2003/05/01 21:07:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007/11/03 17:57:02 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2007/11/03 17:57:02 | 000,236,720 | RHS- | M] () -- C:\ntldr
[2003/01/01 00:01:26 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys
[2005/08/03 21:45:32 | 000,030,441 | ---- | M] () -- C:\PartitionCut.log
[2007/09/12 20:00:24 | 000,000,121 | ---- | M] () -- C:\pdfinfo.ini
[2010/04/23 01:01:47 | 000,019,968 | ---- | M] () -- C:\Rocket Richard.doc
[2007/11/03 20:49:05 | 000,000,000 | ---- | M] () -- C:\SMINST
[2007/12/18 16:34:22 | 000,006,144 | -HS- | M] () -- C:\Thumbs.db
[2003/05/02 03:17:27 | 000,000,008 | ---- | M] () -- C:\USER
[2003/05/02 03:17:26 | 000,181,592 | ---- | M] () -- C:\XP.DAT
[2005/09/17 16:41:50 | 000,000,714 | ---- | M] () -- C:\[Debug]u32usc.log
[2005/08/15 19:04:04 | 000,009,901 | -H-- | M] () -- C:\_NavCClt.Log
[2010/04/23 06:20:44 | 000,000,162 | -H-- | M] () -- C:\~$cket Richard.doc

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2005/09/07 11:00:48 | 000,015,016 | ---- | M] (Black Ice Software) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\BiCProNT.dll
[2005/09/07 11:00:48 | 000,015,016 | ---- | M] (Black Ice Software) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\BiMProNT.dll
[2001/11/20 18:07:28 | 000,047,616 | ---- | M] (Black Ice Software) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ppbiPr.dll

< %systemroot%\*. /mp /s >


< MD5 for: AGP440.SYS >
[2003/12/16 20:31:02 | 014,874,722 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2003/12/16 20:31:02 | 014,874,722 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2001/08/18 00:28:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2003/12/15 20:15:00 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=BADDA0D63F0DDC643C9D8EA870EF7515 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2003/12/15 20:15:00 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=BADDA0D63F0DDC643C9D8EA870EF7515 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002/08/29 15:30:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2003/12/16 20:31:02 | 014,874,722 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2002/08/29 01:30:00 | 010,158,890 | R--- | M] () .cab file -- C:\WINDOWS\I386\sp1.cab:atapi.sys
[2003/12/16 20:31:02 | 014,874,722 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002/08/29 01:30:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2002/08/29 01:30:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2003/12/15 20:04:46 | 000,091,008 | ---- | M] (Microsoft Corporation) MD5=BD626A66F995EEA7F034E5E4E29413D4 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2003/12/15 20:04:46 | 000,091,008 | ---- | M] (Microsoft Corporation) MD5=BD626A66F995EEA7F034E5E4E29413D4 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2003/12/16 20:25:08 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=8911ABCC84F4767996B77E876626515B -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2003/12/16 20:25:08 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=8911ABCC84F4767996B77E876626515B -- C:\WINDOWS\system32\eventlog.dll
[2002/08/29 01:30:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2002/08/29 01:30:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2003/12/16 20:25:12 | 000,406,528 | ---- | M] (Microsoft Corporation) MD5=9D8713991974B9F24264EB838CFACB8D -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2003/12/16 20:25:12 | 000,406,528 | ---- | M] (Microsoft Corporation) MD5=9D8713991974B9F24264EB838CFACB8D -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2002/08/29 01:30:00 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2003/12/16 20:25:14 | 000,172,032 | ---- | M] (Microsoft Corporation) MD5=DE4D381262AA995CC0B1213894B65590 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2003/12/16 20:25:14 | 000,172,032 | ---- | M] (Microsoft Corporation) MD5=DE4D381262AA995CC0B1213894B65590 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USER32.DLL >
[2003/12/16 20:25:16 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=041A7A8D6146AFF764B614241B51F8CC -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2003/12/16 20:25:16 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=041A7A8D6146AFF764B614241B51F8CC -- C:\WINDOWS\system32\user32.dll
[2005/03/02 14:49:56 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1800F293BCCC8EDE8A70E12B88D80036 -- C:\WINDOWS\SoftwareDistribution\Download\93c9bb5898f80e6361e0dc6ea165864f\sp2qfe\user32.dll
[2005/03/02 14:49:56 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1800F293BCCC8EDE8A70E12B88D80036 -- C:\WINDOWS\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2qfe\user32.dll
[2005/03/02 14:50:03 | 000,561,152 | ---- | M] (Microsoft Corporation) MD5=74202EB1BD67E8BE9509E38C8D2234B0 -- C:\WINDOWS\SoftwareDistribution\Download\58bffe479c581eda56fcf7412cce5cc0\sp1qfe\user32.dll
[2005/03/02 14:50:03 | 000,561,152 | ---- | M] (Microsoft Corporation) MD5=74202EB1BD67E8BE9509E38C8D2234B0 -- C:\WINDOWS\SoftwareDistribution\Download\93c9bb5898f80e6361e0dc6ea165864f\sp1qfe\user32.dll
[2005/03/02 14:50:03 | 000,561,152 | ---- | M] (Microsoft Corporation) MD5=74202EB1BD67E8BE9509E38C8D2234B0 -- C:\WINDOWS\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp1qfe\user32.dll
[2002/08/29 01:30:00 | 000,560,128 | ---- | M] (Microsoft Corporation) MD5=DD9269230C21EE8FB7FD3FCCC3B1CFCB -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005/03/02 14:39:30 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=DE2DB164BBB35DB061AF0997E4499054 -- C:\WINDOWS\SoftwareDistribution\Download\93c9bb5898f80e6361e0dc6ea165864f\sp2gdr\user32.dll
[2005/03/02 14:39:30 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=DE2DB164BBB35DB061AF0997E4499054 -- C:\WINDOWS\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\user32.dll

< MD5 for: VIASRAID.SYS >
[2003/06/13 04:01:46 | 000,075,904 | ---- | M] (VIA Technologies inc,.ltd) MD5=1493F351E5A4B915FB5BBB735C14004B -- C:\PnPDrivers\viasraid.sys
[2003/06/12 21:01:46 | 000,075,904 | ---- | M] (VIA Technologies inc,.ltd) MD5=1493F351E5A4B915FB5BBB735C14004B -- C:\WINDOWS\system32\drivers\viasraid.sys

< MD5 for: WS2_32.DLL >
[2006/08/16 08:44:23 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=7B6A08441A4F11320421599D7ECF8D41 -- C:\WINDOWS\SoftwareDistribution\Download\fde4a5af73d5aee9b5faba71cbff1d6c\SP1QFE\ws2_32.dll
[2002/08/29 01:30:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=8529C295DF59B564D37A73B5629162B1 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2002/08/29 08:30:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=8529C295DF59B564D37A73B5629162B1 -- C:\WINDOWS\$NtUninstallKB914388$\ws2_32.dll
[2003/12/16 20:25:18 | 000,076,800 | ---- | M] (Microsoft Corporation) MD5=92C201AE8DA0B120C800267F784242FC -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2003/12/16 20:25:18 | 000,076,800 | ---- | M] (Microsoft Corporation) MD5=92C201AE8DA0B120C800267F784242FC -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

========== Alternate Data Streams ==========

@Alternate Data Stream - 212451 bytes -> C:\WINDOWS\system32:explore
< End of report >

Attached Files



#4 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 09 September 2010 - 06:46 PM

Hello, paperstars.

P2P Warning and Request
The log shows that you have been using so called peer-to-peer or file-sharing programmes (in your case uTorrent, BitTorrent, Azereus Vuze). These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come a long way and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of their malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. I recommend that you uninstall this program. That is optional, however. If you decide to not uninstall, please refrain from using it until I let you know your computer is clean.






Step 1


Deleting files could create those kinds of issues. In addition, I notice there's not much free space. That's pretty bad. Let's clean up some temp files and see if that helps.

You said that the internet and computer services no longer work...please say more. Is it just that you can't connect to the internet? Or are the services literally stopped?





Step 2

Please pull anything out of the recycle bin that you want to save. Part of this fix will empty temp files, and that does include the recycle bin.

Please download TFC by OldTimer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista or Windows 7, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Step 3

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

etavares

Edited by etavares, 09 September 2010 - 06:47 PM.


#5 paperstars

paperstars
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 11 September 2010 - 08:28 PM

Hi,

My brother mentioned that he tried to uninstall the P2P programs but (with the exception of Azereus Vuze) couldn't find them in Add/Remove Programs, so he isn't sure if they've been properly removed or not.

The internet connection won't work on his computer, every time I load Firefox, I get the message that Firefox is offline. Same thing for Internet Explorer. He believes it's because he deleted some files from WinRAR, but he can't recall any of the file names. The reason why he deleted those files was because he wanted to clear some space on the computer.

The MBAM log is below (I'm not sure if the scan was done correctly, haha) :

-------------------------------

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 3988

Windows 5.1.2600 Service Pack 2, v.2055
Internet Explorer 6.0.2900.2055

01/01/2003 12:29:47 AM
mbam-log-2003-01-01 (00-29-47).txt

Scan type: Quick scan
Objects scanned: 166072
Time elapsed: 11 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by paperstars, 11 September 2010 - 08:29 PM.


#6 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 12 September 2010 - 07:01 AM

Hello, paperstars.

Deleting WinRAR files shouldn't mess up the internet, that's just an archive/compression program.

Did you manually update the rules per the instructions above? The current MBAM definitions are version 4599, but the one in the log was only in the 3000s. The manual update does lag the real one but nowhere near that much as it's updated weekly. Please update and re-run a quick scan and post the log here.

Next, let's get some info on the network connection.




  1. Please open Notepad.
  2. Copy and paste the text in the box below into Notepad, excluding the word code.
    CODE
    @echo off
    (ipconfig /all
    nslookup google.com
    ping -n 2 google.com
    nslookup yahoo.com
    ping -n 2 yahoo.com
    route print) >Log1.txt
    start Log1.txt

    This fix is custom made for this user's computer.
  3. Select File-->Save As
  4. Select File as Type: All Types (*.*)
  5. Save it to your desktop as fixme.bat
  6. Double-click fixme.bat on your desktop to run the fix.
  7. A window will briefly pop up then close.
  8. A log will open, please copy and paste it into your response.

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#7 paperstars

paperstars
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 12 September 2010 - 11:10 AM

Hi etavares,

I updated the MBAM definitions as you said, and the new log, as well as the log on the network connection are below:

--------------------------

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4563

Windows 5.1.2600 Service Pack 2, v.2055
Internet Explorer 6.0.2900.2055

01/01/2003 12:31:18 AM
mbam-log-2003-01-01 (00-31-18).txt

Scan type: Quick scan
Objects scanned: 196328
Time elapsed: 8 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\CNNIC\CdnClient (Adware.CDN) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\cdnctr (Adware.CDN) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\CNNIC\Cdn (Adware.CDN) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\cdnns.dll (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\cdnglo.dll (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\cdniehlp.dll (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\cdnrenew.exe (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\cdnunins.exe (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\enter.ico (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\imaoe.dll (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\imaol.dll (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\news.ico (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\popup.bmp (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\rbtnhtm.cab (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\soft.ico (Adware.CDN) -> Quarantined and deleted successfully.
C:\Program Files\CNNIC\Cdn\spkw.dat (Adware.CDN) -> Quarantined and deleted successfully.


-----------------------------------------------------



Windows IP Configuration



Host Name . . . . . . . . . . . . : Office

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : nlhydro

Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

Physical Address. . . . . . . . . : 00-01-29-FB-96-D5

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 0.0.0.0

Subnet Mask . . . . . . . . . . . : 0.0.0.0

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

DHCP Server . . . . . . . . . . . : 0.0.0.0

DNS Servers . . . . . . . . . . . : 0.0.0.0

?

?

?



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: UnKnown
Address: (null)

Unable to initialize Windows Sockets interface, error code 0.

Server: UnKnown
Address: (null)

Unable to initialize Windows Sockets interface, error code 0.

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 01 29 fb 96 d5 ...... VIA Rhine II Fast Ethernet Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
===========================================================================
Persistent Routes:
None


#8 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 12 September 2010 - 03:42 PM

OK, looks like the winsock is corrupted.

Go to Start --> Run --> type cmd.exe and press Enter to launch the command prompt.
At the C:\> prompt, type
netsh winsock reset
and Press Enter

Reboot. Can you access the internet now?

Programs that access or monitor the Internet such as antivirus, firewall, or proxy clients may be negatively affected when you run the netsh winsock reset command. If you have a program that no longer functions correctly after you use this resolution, reinstall the program to restore functionality.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#9 paperstars

paperstars
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 12 September 2010 - 04:55 PM

The internet still doesn't work on his computer, though the winsock was restored. Fierfox shows an error of not being able to connect to the homepage (www.google.ca). I don't get any windows related errors upon logging in anymore though (I used to get one about the winsock being corrupt.)

#10 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 12 September 2010 - 05:26 PM

What about IE?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#11 paperstars

paperstars
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 12 September 2010 - 05:42 PM

In IE, I also can not access the internet, I get an error saying that the homepage can not be loaded and also a popup saying "Your current security settings prohibit ActiveX controls from running on this page. As a result, this page may not display correctly." I've had a look at the internet settings (under Tools, Internet Options), and the ActiveX options all look ok to me, eg. signed ActiveX is enabled to run, while unsigned requires prompting.

#12 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 12 September 2010 - 05:58 PM

OK, please run the batch file in Post 6 above again now that winsock is reset.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#13 paperstars

paperstars
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 12 September 2010 - 07:44 PM

Hi etavares,

The log is below (internet is still not working in Firefox or IE):

-------------------------



Windows IP Configuration



Host Name . . . . . . . . . . . . : Office

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : nlhydro

Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

Physical Address. . . . . . . . . : 00-01-29-FB-96-D5

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 0.0.0.0

Subnet Mask . . . . . . . . . . . : 0.0.0.0

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

DHCP Server . . . . . . . . . . . : 0.0.0.0

DNS Servers . . . . . . . . . . . : 0.0.0.0

?

?

?



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: UnKnown
Address: (null)

Unable to initialize Windows Sockets interface, error code 0.

Server: UnKnown
Address: (null)

Unable to initialize Windows Sockets interface, error code 0.

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 01 29 fb 96 d5 ...... VIA Rhine II Fast Ethernet Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
===========================================================================
Persistent Routes:
None

Edited by paperstars, 12 September 2010 - 07:45 PM.


#14 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 13 September 2010 - 05:57 PM

Hello, paperstars.
OK, let's try this.



Step 1

Install ERUNT
This tool will create a complete backup of your registry. After every reboot, a new backup is created to ensure we have a safety net after each step. Do not delete these backups until we are finished.
  • Please download erunt-setup.exe to your desktop.
  • Double click erunt-setup.exe. Follow the prompts and allow ERUNT to be installed with the settings at default. If you do not want a Desktop icon, feel free to uncheck that. When asked if you want to create an ERUNT entry in the startup folder, answer Yes. You can delete the installation file after use.
  • Erunt will open when the installation is finished. Check all items to be backed up in the default location and click OK.

You can find a complete guide to using the program here:
http://www.larshederer.homepage.t-online.de/erunt/erunt.txt

When we are finished with fixing your computer (I will make it clear when we are), you can uninstall ERUNT through Add/Remove Programs. The backups will be stored at C:\WINDOWS\erdnt, and will not be deleted when ERUNT is uninstalled.



Step 2
  • Open notepad.
  • Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
  • Save it to your desktop (click file, save as) as "fixit.reg" with the quotes.

CODE
REGEDIT4

[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock]
[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock2]


NOTICE: This file was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Locate fixit.reg on your Desktop and double-click on it.
You will receive a prompt similar to: "Do you wish to merge the information into the registry?".
Answer "Yes" and wait for a message to appear similar to "Merged Successfully".

Please reply back letting me know if it merged correctly.




Step 3

Reboot.



Step 4

  • Go to the network connections folder, right click the icon for your network connection, and select properties.
  • Click install, choose Protocol, then click add.
  • Click Have Disk..., enter \windows\inf, click OK
  • Select Internet Protocol (TCP/IP) v4 click OK
  • OK your way out.
  • Reboot when done.

Did that work?




etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#15 paperstars

paperstars
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 14 September 2010 - 09:55 PM

Hi etavares,

Internet is now working! There's just one more issue, I was told that while he is browsing through the hard drives, he would occasionally get an error message of

"Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience."

but upon clicking ok, the computer proceeds to function as normal. I was wondering if you had any idea why this would occur?

Apart from that, everything looks fine!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users