Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Serious error message


  • This topic is locked This topic is locked
12 replies to this topic

#1 Rodofedg

Rodofedg

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 10 April 2011 - 10:04 AM

I recently loaded Quikprotect from Iomega website, installed it and ran and got by stop message 0x000000D4 and BSOD. Repaired and re-updated XP home to latest levels and updated all the drivers I could find to latest versions. Everytime I boot up I get 'your system has recovered from a serious error' message, adding a file to Minidump. I believe my system is now OK. There are no yellow exclamation marks in Device Manager. I dismiss the message and have experienced no problems with any of my programs.

The serious error message content is:
Error signature

BCCode : d4 BCP1 : B3B25968 BCP2 : 00000002 BCP3 : 00000000
BCP4 : 805363C6 OSVer : 5_1_2600 SP : 3_0 Product : 768_1

The following files will be included in the error report

F:\DOCUME~1\Rod\LOCALS~1\Temp\WER1975.dir00\Mini040211-05.dmp
F:\DOCUME~1\Rod\LOCALS~1\Temp\WER1975.dir00\sysdata.xml

If I send to MS I get response saying:
Corrupted error report
Unfortunately, the error report you submitted is corrupted and can't be analyzed. Corrupted error reports are rare. They can be caused by hardware or software problems, and usually indicate a serious problem with your computer.
To troubleshoot this problem, follow these steps:
Scenario 1: Click here if this is the first corrupted error report for this computer
Scenario 2: Click here if the corrupted error reports are persistent on this computer

In attempts to get rid of the repeated Serious Error message I deleted the Quikprotect folder from my program files folder and later deleted its folder from HKEY_LOCAL_MACHINE\Software\Iomega folder. Still geting the error message.

How do I find if there is still something wrong, and if so how do I rectify it? If there is nothing wrong how do I stop the error message appearing?

Hope some one can help. It's driving me nuts!

EDIT: OP added log after initial post by Advisor, moving to Malware Removal Logs ~ Hamluis.

Attached Files


Edited by hamluis, 11 April 2011 - 10:33 AM.


BC AdBot (Login to Remove)

 


#2 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:08:42 PM

Posted 18 April 2011 - 07:13 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Please take note:

  • If you have since resolved the original problem you were having, we would appreciate you letting us know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
  • Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Thanks and again sorry for the delay.

Best Regards,
oneof4.


#3 Rodofedg

Rodofedg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 23 April 2011 - 11:34 AM

Thanks for your reply and apologies for not replying sooner. The reason is that I have been unable to save a gmer report. The scan runs (for about 3 hours) and seems to complete OK but when I press 'save' I get a blue screen BAD_POOL_CALLER error and the PC shuts down and reboots. I attach dds.txt and attach.txt and also ark.txt run several days ago. I didn't send the latter at the time because it alo resulted in a blue screen shutdown as I saved it - don't know if it's any use.

Am I heading for a fresh XP install? Hope not!Attached File  DDS.txt   24.02KB   2 downloads

Attached Files



#4 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:08:42 AM

Posted 24 April 2011 - 05:34 AM

Hello Rodofedg and welcome to BC. :)

Did you just delete the Quikprotect folder in the Program files directory or you did uninstall it from Add remove programs in the Control Panel?


We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#5 Rodofedg

Rodofedg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 24 April 2011 - 04:13 PM

Hi,

Thanks for your message. Yes - I just deleted the QuikProtect program file from F drive, where I store my programs. I still have F:\Iomega which contaons QikProtect in my recycle bin - I have not tried to restore it. It was deleted 31 March 2011. I also deleted the Quikprotect registry entries under HKEY_LOCAL_MACHINE\Software\IomegaCorp, which is not in the recycle bin. The two reports from OTL.txt are below.

OTL logfile created on: 24/04/2011 21:57:59 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = O:\Downloaded items
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 73.00% Memory free
10.00 Gb Paging File | 10.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0O:\pagefile.sys 0 0 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 146.48 Gb Total Space | 141.28 Gb Free Space | 96.45% Space Free | Partition Type: NTFS
Drive E: | 160.16 Gb Total Space | 142.69 Gb Free Space | 89.10% Space Free | Partition Type: NTFS
Drive F: | 159.11 Gb Total Space | 87.45 Gb Free Space | 54.96% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 699.80 Gb Free Space | 75.13% Space Free | Partition Type: NTFS
Drive I: | 124.48 Mb Total Space | 97.74 Mb Free Space | 78.51% Space Free | Partition Type: FAT
Drive L: | 3.81 Gb Total Space | 0.89 Gb Free Space | 23.26% Space Free | Partition Type: FAT32
Drive O: | 931.51 Gb Total Space | 633.04 Gb Free Space | 67.96% Space Free | Partition Type: NTFS

Computer Name: RJBOFFICE | User Name: Rod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/24 21:57:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- O:\Downloaded items\OTL.exe
PRC - [2011/04/23 11:17:54 | 002,146,496 | ---- | M] (Lavasoft Limited) -- F:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/04/19 17:03:25 | 001,190,680 | ---- | M] (Lavasoft Limited) -- F:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/03/18 18:57:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- F:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/16 15:00:07 | 000,269,480 | ---- | M] (Avira GmbH) -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/09 13:30:08 | 000,247,728 | ---- | M] (TomTom) -- F:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/03/09 13:30:08 | 000,092,592 | ---- | M] (TomTom) -- F:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/11/02 15:04:12 | 000,135,336 | ---- | M] (Avira GmbH) -- F:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/11/02 15:04:11 | 000,281,768 | ---- | M] (Avira GmbH) -- F:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/10/13 12:41:00 | 002,954,608 | ---- | M] (Wacom Technology, Corp.) -- F:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2010/10/13 12:41:00 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) -- F:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2010/10/13 12:40:54 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) -- F:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2010/10/13 12:40:54 | 001,153,392 | ---- | M] (Wacom Technology, Corp.) -- F:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2010/09/22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- F:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/06/18 09:29:18 | 000,186,760 | ---- | M] () -- F:\Program Files\Photodex\ProShowProducer\scsiaccess.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- F:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/12/28 09:28:14 | 000,561,263 | ---- | M] () -- F:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
PRC - [2009/11/20 15:23:40 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- F:\WINDOWS\system32\ASTSRV.EXE
PRC - [2009/09/22 09:30:38 | 000,499,796 | ---- | M] (Atheros) -- F:\WINDOWS\system32\acs.exe
PRC - [2009/09/03 14:20:22 | 000,761,856 | ---- | M] (Epitiro Ltd.) -- F:\Program Files\isposure\IsposureAgent.exe
PRC - [2009/09/01 21:46:56 | 006,407,854 | ---- | M] () -- F:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
PRC - [2009/04/09 22:17:08 | 000,237,568 | ---- | M] (AlcorMicro Co., Ltd.) -- F:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2008/05/02 05:15:46 | 000,015,872 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe
PRC - [2007/01/07 23:31:18 | 000,118,784 | ---- | M] (Wacom Co., Ltd) -- F:\Program Files\JustWrite Office\ScreenMark.exe
PRC - [2006/11/03 20:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2004/06/03 18:30:34 | 000,631,808 | ---- | M] (Rob Decker) -- F:\Program Files\EZBackitup\EZBkuptray.exe
PRC - [2001/11/23 10:52:04 | 000,364,544 | ---- | M] (Common Group) -- F:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
PRC - [2001/08/09 02:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- F:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe


========== Modules (SafeList) ==========

MOD - [2011/04/24 21:57:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- O:\Downloaded items\OTL.exe
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/05/02 05:15:35 | 000,004,608 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (QPCopyEngine)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2011/04/23 11:17:54 | 002,146,496 | ---- | M] (Lavasoft Limited) [Auto | Running] -- F:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/03/16 15:00:07 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/03/09 13:30:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- F:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/11/02 15:04:12 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- F:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/10/13 12:41:00 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- F:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010/10/13 12:40:54 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- F:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2010/06/18 09:29:18 | 000,186,760 | ---- | M] () [Auto | Running] -- F:\Program Files\Photodex\ProShowProducer\scsiaccess.exe -- (ScsiAccess)
SRV - [2010/02/24 18:24:32 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/14 21:07:06 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- F:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/11/20 15:23:40 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- F:\WINDOWS\system32\ASTSRV.EXE -- (astcc)
SRV - [2009/09/22 09:30:38 | 000,499,796 | ---- | M] (Atheros) [Auto | Running] -- F:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2009/09/03 14:20:22 | 000,761,856 | ---- | M] (Epitiro Ltd.) [Auto | Running] -- F:\Program Files\isposure\IsposureAgent.exe -- (isposure_svc)
SRV - [2007/03/20 17:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/11/17 16:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- F:\Program Files\ALDI Photo Service\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2001/08/09 02:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- F:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)


========== Driver Services (SafeList) ==========

DRV - [2011/04/02 14:13:56 | 000,015,600 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2011/03/16 15:00:08 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/03/08 16:49:57 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/02/24 18:21:10 | 006,340,200 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/11/22 14:51:29 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/11/16 19:59:06 | 000,010,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\ampa.sys -- (ampa)
DRV - [2010/11/05 10:47:43 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2010/10/05 14:26:00 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2010/08/14 14:51:08 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2010/08/12 13:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/07/25 14:38:06 | 000,020,088 | ---- | M] (REALiX™) [Kernel | System | Running] -- F:\Program Files\HWiNFO32\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2010/06/24 16:04:06 | 000,019,384 | R--- | M] (Windows ® Win 7 DDK provider) [File_System | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\QsFsFltr.sys -- (QsFsFltr)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/09/22 11:32:12 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2009/09/22 09:31:02 | 001,570,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/09/22 09:31:02 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2009/09/18 10:53:55 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\giveio.sys -- (giveio)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- F:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/22 14:28:08 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2009/04/22 14:28:06 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2008/10/06 12:53:00 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008/09/08 18:26:22 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\Spyder3.sys -- (Spyder3)
DRV - [2007/06/28 12:46:42 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/06/28 12:46:40 | 000,045,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/02/16 11:12:00 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- F:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/27 07:06:00 | 000,044,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\EyeOneDp.sys -- (eyeonedp)
DRV - [2005/03/27 07:01:24 | 000,014,416 | ---- | M] (Portrait Displays, Inc.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\pdihwctl.sys -- (PDIHWCTL)
DRV - [2004/03/22 19:16:26 | 000,338,176 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2003/02/18 09:08:04 | 000,017,504 | ---- | M] ( ) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-484763869-1035525444-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
IE - HKU\S-1-5-21-484763869-1035525444-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/
IE - HKU\S-1-5-21-484763869-1035525444-839522115-1004\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - F:\Program Files\TorrentMan\prxtbTor2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-484763869-1035525444-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484763869-1035525444-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "http://www.talktalk.co.uk"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: F:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/15 10:55:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2011/03/29 07:36:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins [2011/04/24 21:15:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: F:\Program Files\Mozilla Thunderbird\components [2011/03/05 11:03:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: F:\Program Files\Mozilla Thunderbird\plugins

[2010/03/24 12:56:23 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Rod\Application Data\Mozilla\Extensions
[2010/03/24 12:56:23 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Rod\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/01/26 17:48:41 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Rod\Application Data\Mozilla\Extensions\home2@tomtom.com
[2011/04/07 12:07:52 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Rod\Application Data\Mozilla\Firefox\Profiles\i9qgqi20.default\extensions
[2011/03/02 09:17:11 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- F:\Documents and Settings\Rod\Application Data\Mozilla\Firefox\Profiles\i9qgqi20.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/03/29 07:36:27 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2010/04/28 09:47:42 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/20 07:47:15 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/06 10:40:25 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/20 13:48:13 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/07 18:42:19 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/11/15 13:16:55 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\defaults\profile\i9qgqi20.default\extensions
[2009/11/15 13:16:55 | 000,000,000 | ---D | M] (Adblock Plus) -- F:\Program Files\Mozilla Firefox\defaults\profile\i9qgqi20.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/15 13:16:55 | 000,000,000 | ---D | M] (MediaWrap) -- F:\Program Files\Mozilla Firefox\defaults\profile\i9qgqi20.default\extensions\{dd68c513-9296-4b63-8d8b-8f1c991c8a48}
File not found (No name found) --
() (No name found) -- F:\DOCUMENTS AND SETTINGS\ROD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\I9QGQI20.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2010/04/28 09:47:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- F:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/09/03 20:28:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- F:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/03/18 18:57:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- F:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- F:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/02/14 21:57:58 | 000,000,767 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - F:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - F:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Bitlord Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - F:\Program Files\TorrentMan\prxtbTor2.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - F:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - F:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Bitlord Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - F:\Program Files\TorrentMan\prxtbTor2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-484763869-1035525444-839522115-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-484763869-1035525444-839522115-1004\..\Toolbar\WebBrowser: (Bitlord Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - F:\Program Files\TorrentMan\prxtbTor2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-484763869-1035525444-839522115-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] F:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] F:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] F:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] F:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] F:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] F:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] F:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ALDI Photo Service] F:\Program Files\ALDI Photo Service\ALDI_Photo_Service\FotoSuite.exe (MAGIX AG)
O4 - HKLM..\Run: [AmIcoSinglun] F:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [avgnt] F:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [JWOSetup] F:\WINDOWS\JWOSetup.exe (Wacom Co., Ltd)
O4 - HKLM..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] F:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] F:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] F:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SMKRun] F:\Program Files\JustWrite Office\ScreenMark.exe (Wacom Co., Ltd)
O4 - HKLM..\Run: [SwitchBoard] F:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TWCU] F:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] F:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Windows Defender] F:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-484763869-1035525444-839522115-1004..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-484763869-1035525444-839522115-1004..\Run: [EZBack-it-up Tray Scheduler] F:\Program Files\EZBackitup\EZBkuptray.exe (Rob Decker)
O4 - HKU\S-1-5-21-484763869-1035525444-839522115-1004..\Run: [TomTomHOME.exe] F:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-484763869-1035525444-839522115-1004..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = F:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logo Calibration Loader.lnk = F:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\ProfileReminder.lnk = F:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Spyder3Utility.lnk = F:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Watch.lnk = F:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe (Common Group)
O4 - Startup: F:\Documents and Settings\Rod\Start Menu\Programs\Startup\TalkTalk Setup CD Reporting Tool.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-1035525444-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append Link Target to Existing PDF - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Locate Spot on Map by GPS - F:\Program Files\Opanda\IExif 2.3\IExifMap.htm ()
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - F:\Program Files\Opanda\IExif 2.3\IExifCom.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - F:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1233928091406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O24 - Desktop WallPaper: F:\Documents and Settings\Rod\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: F:\Documents and Settings\Rod\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - F:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - msnsspc.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/21 21:44:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - F:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/23 18:50:03 | 000,000,000 | ---D | C] -- F:\Program Files\AnalogX
[2011/04/16 21:43:50 | 000,000,000 | -H-D | C] -- F:\Documents and Settings\All Users\Application Data\{548A1D4B-2523-44B8-9652-350FBF424AE6}
[2011/04/16 21:43:40 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Finance Coordinator 2
[2011/04/16 21:24:16 | 000,000,000 | ---D | C] -- F:\Config.Msi
[2011/04/08 21:34:44 | 000,013,696 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\avcstrm.sys
[2011/04/08 21:34:43 | 000,038,912 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\avc.sys
[2011/04/08 21:34:43 | 000,036,096 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\avcaudio.sys
[2011/04/08 21:34:38 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- F:\WINDOWS\System32\dllcache\atiraged.dll
[2011/04/08 21:34:38 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- F:\WINDOWS\System32\dllcache\atiragem.sys
[2011/04/08 21:34:37 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- F:\WINDOWS\System32\dllcache\atimpab.sys
[2011/04/08 21:34:37 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- F:\WINDOWS\System32\dllcache\atimtai.sys
[2011/04/08 21:34:37 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- F:\WINDOWS\System32\dllcache\atimpae.sys
[2011/04/08 21:34:36 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- F:\WINDOWS\System32\dllcache\atidrab.dll
[2011/04/08 21:34:36 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- F:\WINDOWS\System32\dllcache\atidvai.dll
[2011/04/08 21:34:36 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- F:\WINDOWS\System32\dllcache\atidrae.dll
[2011/04/08 21:34:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\atievxx.exe
[2011/04/08 21:34:34 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- F:\WINDOWS\System32\dllcache\ati.sys
[2011/04/08 21:34:33 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- F:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/04/08 21:34:33 | 000,096,128 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\ati.dll
[2011/04/08 21:34:33 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- F:\WINDOWS\System32\dllcache\asc3550.sys
[2011/04/08 21:34:32 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- F:\WINDOWS\System32\dllcache\asc.sys
[2011/04/08 21:34:32 | 000,022,400 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\asc3350p.sys
[2011/04/08 21:34:24 | 000,006,272 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\apmbatt.sys
[2011/04/08 21:34:23 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- F:\WINDOWS\System32\dllcache\an983.sys
[2011/04/08 21:34:23 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- F:\WINDOWS\System32\dllcache\amb8002.sys
[2011/04/08 21:34:23 | 000,012,032 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\amsint.sys
[2011/04/08 21:34:22 | 000,056,960 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\aic78xx.sys
[2011/04/08 21:34:22 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- F:\WINDOWS\System32\dllcache\ali5261.sys
[2011/04/08 21:34:22 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- F:\WINDOWS\System32\dllcache\alifir.sys
[2011/04/08 21:34:22 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- F:\WINDOWS\System32\dllcache\aliide.sys
[2011/04/08 21:34:21 | 000,055,168 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\aic78u2.sys
[2011/04/08 21:34:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\aha154x.sys
[2011/04/08 21:34:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agcgauge.ax
[2011/04/08 21:33:31 | 000,101,888 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\adpu160m.sys
[2011/04/08 21:33:30 | 000,747,392 | ---- | C] (Aureal, Inc.) -- F:\WINDOWS\System32\dllcache\adm8830.sys
[2011/04/08 21:33:30 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- F:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/04/08 21:33:30 | 000,010,880 | ---- | C] (Aureal, Inc.) -- F:\WINDOWS\System32\dllcache\admjoy.sys
[2011/04/08 21:33:29 | 000,584,448 | ---- | C] (Aureal, Inc.) -- F:\WINDOWS\System32\dllcache\adm8810.sys
[2011/04/08 21:33:29 | 000,553,984 | ---- | C] (Aureal, Inc.) -- F:\WINDOWS\System32\dllcache\adm8820.sys
[2011/04/08 21:33:29 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- F:\WINDOWS\System32\dllcache\adm8511.sys
[2011/04/08 21:33:29 | 000,007,424 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\adicvls.sys
[2011/04/08 21:33:28 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- F:\WINDOWS\System32\dllcache\acerscad.dll
[2011/04/08 21:33:27 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- F:\WINDOWS\System32\dllcache\ac97sis.sys
[2011/04/08 21:33:27 | 000,096,256 | ---- | C] (Intel Corporation) -- F:\WINDOWS\System32\dllcache\ac97intc.sys
[2011/04/08 21:33:27 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- F:\WINDOWS\System32\dllcache\ac97via.sys
[2011/04/08 21:33:26 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- F:\WINDOWS\System32\dllcache\ac97ali.sys
[2011/04/08 21:33:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\abp480n5.sys
[2011/04/08 21:33:25 | 000,462,848 | ---- | C] (Aureal Inc.) -- F:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/04/08 21:33:25 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- F:\WINDOWS\System32\dllcache\a3d.dll
[2011/04/08 21:33:25 | 000,038,400 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\8514a.dll
[2011/04/08 21:33:24 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- F:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/04/08 21:33:24 | 000,048,128 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\61883.sys
[2011/04/08 21:33:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\4mmdat.sys
[2011/04/08 21:33:23 | 000,762,780 | ---- | C] (3Com, Inc.) -- F:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/04/08 21:33:23 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- F:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/04/08 21:33:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\1394vdbg.sys
[2011/04/08 21:33:10 | 000,066,048 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\s3legacy.dll
[2011/04/07 18:53:43 | 000,139,264 | ---- | C] (SEIKO EPSON CORPORATION) -- F:\WINDOWS\System32\EBAPI2.dll
[2011/04/07 18:52:51 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\EPSON Printers
[2011/04/05 10:52:51 | 000,000,000 | ---D | C] -- E:\My Documents\Dump from data stick
[2011/04/04 11:02:32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/04/04 11:02:25 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\windowspowershell
[2011/04/02 16:21:13 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\RegCure
[2011/04/02 16:21:12 | 000,000,000 | ---D | C] -- F:\Program Files\RegCure
[2011/04/02 14:20:51 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvunrm.exe
[2011/04/01 17:36:34 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvdispco322090.dll
[2011/04/01 17:36:04 | 000,000,000 | ---D | C] -- F:\NVIDIA
[2011/04/01 17:22:04 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvudisp.exe
[2011/04/01 17:22:04 | 000,000,000 | ---D | C] -- F:\WINDOWS\nview
[2011/04/01 17:13:29 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\NVUNINST.EXE
[2011/04/01 14:32:17 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Phyxion.net
[2011/04/01 14:32:16 | 000,000,000 | ---D | C] -- F:\Program Files\Phyxion.net
[2011/04/01 10:41:12 | 011,080,704 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\ieframe.dll
[2011/04/01 10:41:12 | 001,991,680 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\iertutil.dll
[2011/04/01 10:41:12 | 000,743,424 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/04/01 10:41:12 | 000,602,112 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/04/01 10:41:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/04/01 10:05:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msado27.tlb
[2011/04/01 10:04:31 | 000,357,888 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\srv.sys
[2011/04/01 10:04:27 | 000,119,808 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\t2embed.dll
[2011/04/01 10:04:27 | 000,081,920 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\fontsub.dll
[2011/04/01 10:03:21 | 000,455,936 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/04/01 10:03:17 | 000,040,960 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/04/01 10:01:18 | 000,744,448 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/04/01 09:56:34 | 002,192,768 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2011/04/01 09:56:32 | 002,027,008 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/04/01 09:54:50 | 001,172,480 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msxml3.dll
[2011/04/01 09:54:25 | 003,558,912 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\moviemk.exe
[2011/04/01 09:53:40 | 000,203,136 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\rmcast.sys
[2011/04/01 09:48:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\wab.exe
[2011/04/01 09:48:30 | 000,590,848 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\rpcrt4.dll
[2011/03/31 18:27:13 | 000,000,000 | ---D | C] -- F:\Program Files\SystemRequirementsLab
[2011/03/31 18:27:11 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Rod\Application Data\SystemRequirementsLab
[2011/03/31 16:04:31 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\NVIDIA
[2011/03/31 16:02:29 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvgenco322040.dll
[2011/03/31 14:02:37 | 000,064,104 | ---- | C] (Realtek Semiconductor Corp.) -- F:\WINDOWS\ALCMTR.EXE
[2011/03/31 13:07:08 | 000,000,000 | ---D | C] -- F:\WINDOWS\Prefetch
[2011/03/31 13:02:06 | 001,372,672 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msxml6.dll
[2011/03/31 13:02:06 | 000,079,872 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msxml6r.dll
[2011/03/31 13:01:52 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0411.dll
[2011/03/31 13:01:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0404.dll
[2011/03/31 13:01:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0804.dll
[2011/03/31 13:01:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0401.dll
[2011/03/31 13:00:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0412.dll
[2011/03/31 13:00:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt040d.dll
[2011/03/31 11:17:33 | 000,000,000 | R-SD | C] -- F:\WINDOWS\Fonts
[2011/03/31 11:17:33 | 000,000,000 | -H-D | C] -- F:\WINDOWS\inf
[2011/03/31 11:17:33 | 000,000,000 | ---D | C] -- F:\WINDOWS\Help
[2011/03/31 11:17:33 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\drivers\disdn
[2011/03/31 11:07:59 | 000,000,000 | -HSD | C] -- F:\found.000
[2011/03/31 10:57:57 | 000,380,416 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\irprops.cpl
[2011/03/31 10:57:57 | 000,217,816 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2011/03/31 10:57:15 | 000,331,264 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\aqueue.dll
[2011/03/31 10:44:33 | 000,000,000 | -H-D | C] -- F:\WINDOWS\$ntservicepackuninstall$
[2011/03/31 10:35:24 | 000,156,672 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\winzm.ime
[2011/03/31 10:35:23 | 000,156,672 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\winsp.ime
[2011/03/31 10:35:23 | 000,156,672 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\winpy.ime
[2011/03/31 10:35:23 | 000,079,360 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\winar30.ime
[2011/03/31 10:35:23 | 000,072,704 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\wingb.ime
[2011/03/31 10:35:23 | 000,065,536 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\winime.ime
[2011/03/31 10:35:22 | 000,048,256 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\w32.dll
[2011/03/31 10:35:22 | 000,041,600 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/03/31 10:35:22 | 000,031,232 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/03/31 10:35:21 | 000,426,041 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\voicepad.dll
[2011/03/31 10:35:21 | 000,086,073 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\voicesub.dll
[2011/03/31 10:35:20 | 000,076,288 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\uniime.dll
[2011/03/31 10:35:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\unicdime.ime
[2011/03/31 10:35:19 | 000,571,392 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/03/31 10:35:19 | 000,455,168 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/03/31 10:35:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/03/31 10:35:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\tsprof.exe
[2011/03/31 10:35:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/03/31 10:35:18 | 000,185,344 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/03/31 10:35:18 | 000,021,896 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\tdipx.sys
[2011/03/31 10:35:18 | 000,019,464 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\tdspx.sys
[2011/03/31 10:35:18 | 000,013,192 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\tdasync.sys
[2011/03/31 10:35:16 | 000,143,422 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\softkey.dll
[2011/03/31 10:35:16 | 000,101,376 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/03/31 10:35:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/03/31 10:35:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/03/31 10:35:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/03/31 10:35:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2011/03/31 10:35:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/03/31 10:35:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/03/31 10:35:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/03/31 10:35:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/03/31 10:35:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\smb6w.dll
[2011/03/31 10:35:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sma3w.dll
[2011/03/31 10:35:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm87w.dll
[2011/03/31 10:35:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm81w.dll
[2011/03/31 10:35:14 | 000,029,184 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/03/31 10:35:14 | 000,026,624 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm93w.dll
[2011/03/31 10:35:14 | 000,026,624 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm92w.dll
[2011/03/31 10:35:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm90w.dll
[2011/03/31 10:35:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/03/31 10:35:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/03/31 10:35:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm89w.dll
[2011/03/31 10:35:14 | 000,025,088 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\sm59w.dll
[2011/03/31 10:35:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\simptcp.dll
[2011/03/31 10:35:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/03/31 10:35:11 | 000,205,824 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2011/03/31 10:35:11 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- F:\WINDOWS\System32\dllcache\rwia330.dll
[2011/03/31 10:35:11 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- F:\WINDOWS\System32\dllcache\rwia001.dll
[2011/03/31 10:35:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/03/31 10:35:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2011/03/31 10:35:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\romanime.ime
[2011/03/31 10:35:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/03/31 10:35:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\register.exe
[2011/03/31 10:35:08 | 000,077,824 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\quick.ime
[2011/03/31 10:35:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\quser.exe
[2011/03/31 10:35:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\query.exe
[2011/03/31 10:35:07 | 000,482,304 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/03/31 10:35:07 | 000,131,584 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/03/31 10:35:07 | 000,070,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/03/31 10:35:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/03/31 10:35:07 | 000,053,760 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/03/31 10:35:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/03/31 10:35:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/03/31 10:35:06 | 000,079,360 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\phon.ime
[2011/03/31 10:35:06 | 000,036,927 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\padrs411.dll
[2011/03/31 10:35:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\padrs404.dll
[2011/03/31 10:35:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\padrs804.dll
[2011/03/31 10:35:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\padrs412.dll
[2011/03/31 10:35:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/03/31 10:35:01 | 000,229,439 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\multibox.dll
[2011/03/31 10:34:58 | 001,875,968 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/03/31 10:34:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/03/31 10:34:53 | 000,092,416 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\mga.sys
[2011/03/31 10:34:52 | 000,092,032 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\mga.dll
[2011/03/31 10:34:52 | 000,065,536 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/03/31 10:34:50 | 000,070,656 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/03/31 10:34:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/03/31 10:34:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/03/31 10:34:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/03/31 10:34:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/03/31 10:34:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/03/31 10:34:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/03/31 10:34:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/03/31 10:34:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/03/31 10:34:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/03/31 10:34:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/03/31 10:34:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/03/31 10:34:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/03/31 10:34:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/03/31 10:34:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/03/31 10:34:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/03/31 10:34:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/03/31 10:34:48 | 000,005,120 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/03/31 10:34:47 | 000,018,432 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\jupiw.dll
[2011/03/31 10:34:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/03/31 10:34:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbda3.dll
[2011/03/31 10:34:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbda2.dll
[2011/03/31 10:34:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbda1.dll
[2011/03/31 10:34:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/03/31 10:34:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/03/31 10:34:45 | 000,471,102 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imskdic.dll
[2011/03/31 10:34:45 | 000,315,455 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imskf.dll
[2011/03/31 10:34:45 | 000,307,257 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/03/31 10:34:45 | 000,274,489 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/03/31 10:34:45 | 000,262,200 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjputy.exe
[2011/03/31 10:34:45 | 000,233,527 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjprw.exe
[2011/03/31 10:34:45 | 000,208,952 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/03/31 10:34:45 | 000,155,705 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/03/31 10:34:45 | 000,102,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imlang.dll
[2011/03/31 10:34:45 | 000,059,904 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/03/31 10:34:45 | 000,045,109 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/03/31 10:34:44 | 000,811,064 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/03/31 10:34:44 | 000,716,856 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/03/31 10:34:44 | 000,368,696 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/03/31 10:34:44 | 000,340,023 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjp81.ime
[2011/03/31 10:34:44 | 000,311,359 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/03/31 10:34:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/03/31 10:34:44 | 000,102,463 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/03/31 10:34:44 | 000,094,720 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imekr61.ime
[2011/03/31 10:34:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/03/31 10:34:44 | 000,081,976 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/03/31 10:34:44 | 000,057,398 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/03/31 10:34:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/03/31 10:34:42 | 010,129,408 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/03/31 10:34:31 | 010,096,640 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/03/31 10:34:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/03/31 10:34:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/03/31 10:34:28 | 000,043,520 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/03/31 10:34:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\flattemp.exe
[2011/03/31 10:34:27 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- F:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/03/31 10:34:27 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- F:\WINDOWS\System32\dllcache\esunid.dll
[2011/03/31 10:34:27 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- F:\WINDOWS\System32\dllcache\esucmd.dll
[2011/03/31 10:34:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\et4000.sys
[2011/03/31 10:34:23 | 000,078,848 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\dayi.ime
[2011/03/31 10:34:22 | 000,057,399 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\cplexe.exe
[2011/03/31 10:34:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\cprofile.exe
[2011/03/31 10:34:21 | 000,480,256 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/03/31 10:34:20 | 000,198,656 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\cintime.dll
[2011/03/31 10:34:20 | 000,097,792 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/03/31 10:34:20 | 000,056,320 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/03/31 10:34:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/03/31 10:34:19 | 000,838,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/03/31 10:34:18 | 001,677,824 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/03/31 10:34:18 | 000,078,336 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\chajei.ime
[2011/03/31 10:34:18 | 000,015,872 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\chgport.exe
[2011/03/31 10:34:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\chgusr.exe
[2011/03/31 10:34:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\chglogon.exe
[2011/03/31 10:34:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\change.exe
[2011/03/31 10:34:17 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- F:\WINDOWS\System32\dllcache\cap7146.sys
[2011/03/31 10:34:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/03/31 10:34:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/03/31 10:34:11 | 000,312,832 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2011/03/31 10:34:11 | 000,045,056 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/03/31 10:34:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/03/31 10:34:07 | 002,134,528 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2011/03/31 10:34:07 | 000,175,104 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2011/03/31 10:32:39 | 000,045,568 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\safrslv.dll
[2011/03/31 10:32:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\safrcdlg.dll
[2011/03/31 10:32:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\racpldlg.dll
[2011/03/31 10:32:39 | 000,029,696 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\safrdm.dll
[2011/03/31 10:32:34 | 000,032,768 | ---- | C] (Intel Corporation) -- F:\WINDOWS\System32\isrdbg32.dll
[2011/03/31 10:32:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\inetres.dll
[2011/03/31 10:32:29 | 000,274,432 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\inetcfg.dll
[2011/03/31 10:32:29 | 000,081,920 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\isign32.dll
[2011/03/31 10:32:29 | 000,073,728 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\icwdial.dll
[2011/03/31 10:32:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\icwphbk.dll
[2011/03/31 10:32:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\icwtutor.exe
[2011/03/31 10:32:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\icwres.dll
[2011/03/31 10:32:27 | 000,040,960 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\trialoc.dll
[2011/03/31 10:32:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\isignup.exe
[2011/03/31 10:32:26 | 000,554,008 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\dao360.dll
[2011/03/31 10:32:25 | 000,065,536 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\oledb32r.dll
[2011/03/31 10:32:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msader15.dll
[2011/03/31 10:32:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdasqlr.dll
[2011/03/31 10:32:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msaddsr.dll
[2011/03/31 10:32:24 | 000,020,480 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadcer.dll
[2011/03/31 10:32:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaremr.dll
[2011/03/31 10:32:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaprsr.dll
[2011/03/31 10:32:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadcor.dll
[2011/03/31 10:32:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadcfr.dll
[2011/03/31 10:32:19 | 000,018,944 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\qmgrprxy.dll
[2011/03/31 10:32:11 | 000,239,104 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\srrstr.dll
[2011/03/31 10:32:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/03/31 10:32:10 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- F:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/03/31 10:32:10 | 000,081,920 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\ils.dll
[2011/03/31 10:32:10 | 000,034,560 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mnmdd.dll
[2011/03/31 10:32:10 | 000,004,639 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/03/31 10:32:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\msconf.dll
[2011/03/31 10:32:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\nmmkcert.dll
[2011/03/31 10:32:05 | 000,252,928 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\msoeacct.dll
[2011/03/31 10:32:05 | 000,105,984 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\msoert2.dll
[2011/03/31 10:32:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mstinit.exe
[2011/03/31 10:32:00 | 000,487,424 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\oledb32.dll
[2011/03/31 10:31:59 | 000,204,800 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaps.dll
[2011/03/31 10:31:59 | 000,077,824 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaosp.dll
[2011/03/31 10:31:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msxactps.dll
[2011/03/31 10:31:59 | 000,020,480 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdatt.dll
[2011/03/31 10:31:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaurl.dll
[2011/03/31 10:31:58 | 000,315,392 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdasql.dll
[2011/03/31 10:31:58 | 000,233,472 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaora.dll
[2011/03/31 10:31:58 | 000,200,704 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadox.dll
[2011/03/31 10:31:58 | 000,180,224 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadomd.dll
[2011/03/31 10:31:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msjro.dll
[2011/03/31 10:31:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msado21.tlb
[2011/03/31 10:31:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msado20.tlb
[2011/03/31 10:31:58 | 000,057,344 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadrh15.dll
[2011/03/31 10:31:58 | 000,057,344 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msador15.dll
[2011/03/31 10:31:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdasc.dll
[2011/03/31 10:31:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaer.dll
[2011/03/31 10:31:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaenum.dll
[2011/03/31 10:31:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdadc.dll
[2011/03/31 10:31:57 | 000,536,576 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msado15.dll
[2011/03/31 10:31:57 | 000,200,704 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdaprst.dll
[2011/03/31 10:31:57 | 000,155,648 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadds.dll
[2011/03/31 10:31:57 | 000,118,784 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdarem.dll
[2011/03/31 10:31:57 | 000,036,864 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msdfmap.dll
[2011/03/31 10:31:56 | 000,331,776 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadce.dll
[2011/03/31 10:31:56 | 000,143,360 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadco.dll
[2011/03/31 10:31:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadcf.dll
[2011/03/31 10:31:56 | 000,053,248 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msadcs.dll
[2011/03/31 10:31:19 | 000,184,320 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\accwiz.exe
[2011/03/31 10:31:19 | 000,184,320 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\accwiz.exe
[2011/03/31 10:31:19 | 000,068,608 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\access.cpl
[2011/03/31 10:31:19 | 000,068,608 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\access.cpl
[2011/03/31 10:31:18 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- F:\WINDOWS\System32\hypertrm.dll
[2011/03/31 10:31:18 | 000,131,584 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\sndrec32.exe
[2011/03/31 10:31:14 | 000,161,792 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\msdtcuiu.dll
[2011/03/31 10:31:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mtxoci.dll
[2011/03/31 10:31:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\rdshost.exe
[2011/03/31 10:31:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\qprocess.exe
[2011/03/31 10:31:13 | 000,956,928 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\msdtctm.dll
[2011/03/31 10:31:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\msdtclog.dll
[2011/03/31 10:31:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\xolehlp.dll
[2011/03/31 10:31:11 | 000,097,792 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\comrepl.dll
[2011/03/31 10:31:11 | 000,060,416 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\colbact.dll
[2011/03/31 10:31:11 | 000,034,304 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mtxlegih.dll
[2011/03/31 10:31:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mtxdm.dll
[2011/03/31 10:31:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\comaddin.dll
[2011/03/31 10:31:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dcomcnfg.exe
[2011/03/31 10:31:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mtxex.dll
[2011/03/31 10:31:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\catsrv.dll
[2011/03/31 10:31:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\clbcatex.dll
[2011/03/31 10:31:10 | 000,085,504 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\catsrvps.dll
[2011/03/31 10:31:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\stclient.dll
[2011/03/31 10:31:09 | 000,539,648 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\comuid.dll
[2011/03/31 10:31:09 | 000,167,424 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\comsnap.dll
[2011/03/31 10:31:04 | 000,185,344 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\cmprops.dll
[2011/03/31 10:31:04 | 000,056,320 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\servdeps.dll
[2011/03/31 10:31:04 | 000,017,408 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mmfutil.dll
[2011/03/31 10:31:00 | 000,343,040 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mspaint.exe
[2011/03/31 10:31:00 | 000,123,392 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mplay32.exe
[2011/03/31 10:30:59 | 000,538,624 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\spider.exe
[2011/03/31 10:30:59 | 000,102,912 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\clipbrd.exe
[2011/03/31 10:30:58 | 001,929,952 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\wuaueng.dll
[2011/03/31 10:30:58 | 000,053,472 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\wuauclt.exe
[2011/03/31 10:30:57 | 000,093,696 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\tscfgwmi.dll
[2011/03/31 10:30:56 | 000,147,968 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\rdchost.dll
[2011/03/31 10:30:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\tscupgrd.exe
[2011/03/31 10:30:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\rdsaddin.exe
[2011/03/31 10:30:55 | 000,087,176 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\rdpwsx.dll
[2011/03/31 10:30:55 | 000,062,976 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\rdpclip.exe
[2011/03/31 10:30:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\cfgbkend.dll
[2011/03/31 10:30:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\rdpsnd.dll
[2011/03/31 10:30:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\icaapi.dll
[2011/03/31 10:30:54 | 000,428,032 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\msdtcprx.dll
[2011/03/31 10:30:53 | 000,625,664 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\catsrvut.dll
[2011/03/31 10:30:52 | 001,267,200 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\comsvcs.dll
[2011/03/31 10:30:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\licwmi.dll
[2011/03/31 10:26:33 | 000,022,016 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0408.dll
[2011/03/31 10:26:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt041f.dll
[2011/03/31 10:26:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0419.dll
[2011/03/31 10:26:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0415.dll
[2011/03/31 10:26:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt040e.dll
[2011/03/31 10:26:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\agt0405.dll
[2011/03/31 10:26:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System\winspool.drv
[2011/03/31 10:26:28 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- F:\WINDOWS\System32\spxcoins.dll
[2011/03/31 10:26:28 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- F:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/03/31 10:26:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\irclass.dll
[2011/03/31 10:26:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\irclass.dll
[2011/03/31 10:26:27 | 000,074,752 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\storprop.dll
[2011/03/31 08:58:21 | 000,019,384 | R--- | C] (Windows ® Win 7 DDK provider) -- F:\WINDOWS\System32\drivers\QsFsFltr.sys
[2011/03/31 08:58:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Iomega
[2009/01/22 16:56:36 | 000,017,504 | ---- | C] ( ) -- F:\WINDOWS\System32\drivers\gt680x.sys
[4 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]
[11 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/24 21:55:45 | 000,000,330 | -H-- | M] () -- F:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/04/24 21:53:19 | 000,000,486 | ---- | M] () -- F:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/04/24 21:52:53 | 000,000,868 | ---- | M] () -- F:\WINDOWS\tasks\Google Software Updater.job
[2011/04/24 21:52:45 | 000,000,880 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/24 21:52:45 | 000,000,260 | ---- | M] () -- F:\WINDOWS\tasks\RegistryBooster.job
[2011/04/24 21:52:39 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2011/04/24 21:50:00 | 000,000,884 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/24 21:09:49 | 000,013,646 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2011/04/23 18:23:02 | 000,000,368 | ---- | M] () -- F:\WINDOWS\tasks\RegCure.job
[2011/04/23 17:00:07 | 000,000,386 | ---- | M] () -- F:\WINDOWS\tasks\RegCure Program Check.job
[2011/04/23 16:00:00 | 000,000,366 | ---- | M] () -- F:\WINDOWS\tasks\At2.job
[2011/04/23 16:00:00 | 000,000,366 | ---- | M] () -- F:\WINDOWS\tasks\At1.job
[2011/04/23 11:35:00 | 000,000,284 | ---- | M] () -- F:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/23 11:16:41 | 000,000,064 | ---- | M] () -- F:\WINDOWS\System32\rp_stats.dat
[2011/04/23 11:16:41 | 000,000,044 | ---- | M] () -- F:\WINDOWS\System32\rp_rules.dat
[2011/04/22 16:45:43 | 000,000,903 | ---- | M] () -- F:\WINDOWS\ScreenMark.INI
[2011/04/21 12:24:20 | 000,000,128 | ---- | M] () -- F:\WINDOWS\KMSTMVM.ini
[2011/04/20 19:56:59 | 000,014,529 | ---- | M] () -- E:\My Documents\St Peter's 04.dotx
[2011/04/20 17:09:30 | 000,122,136 | ---- | M] () -- F:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/20 02:00:00 | 000,000,338 | ---- | M] () -- F:\WINDOWS\tasks\AdobeAAMUpdater-1.0-RJBOFFICE-Rod.job
[2011/04/16 21:43:46 | 000,001,852 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Finance Coordinator.lnk
[2011/04/16 21:40:34 | 000,000,704 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\FOXUSER.FPT
[2011/04/16 21:40:22 | 000,000,665 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\FOXUSER.DBF
[2011/04/15 08:42:51 | 000,065,587 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\P4091643_4.jpg
[2011/04/13 09:45:28 | 000,001,374 | ---- | M] () -- F:\WINDOWS\imsins.BAK
[2011/04/13 09:44:42 | 000,507,270 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2011/04/13 09:44:42 | 000,090,062 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2011/04/12 12:23:23 | 007,433,148 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\SWScan00001A.psd
[2011/04/12 12:14:16 | 007,874,174 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\SWScan00001.psd
[2011/04/12 12:09:08 | 009,438,054 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\SWScan00001.bmp
[2011/04/08 11:46:44 | 000,001,536 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\Registry copy 2011-04-08.reg
[2011/04/07 18:53:42 | 000,000,893 | ---- | M] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk
[2011/04/07 18:53:32 | 000,010,264 | ---- | M] () -- F:\WINDOWS\EPSTPLOG.BAK
[2011/04/07 17:36:22 | 000,002,439 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\DiCentra 3.8.lnk
[2011/04/07 17:33:23 | 000,252,924 | ---- | M] () -- F:\WINDOWS\System32\nvdrsdb1.bin
[2011/04/07 17:33:23 | 000,000,001 | ---- | M] () -- F:\WINDOWS\System32\nvdrssel.bin
[2011/04/07 17:33:16 | 000,252,920 | ---- | M] () -- F:\WINDOWS\System32\nvdrsdb0.bin
[2011/04/03 19:34:09 | 000,001,456 | ---- | M] () -- F:\Documents and Settings\Rod\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/04/02 16:21:13 | 000,000,738 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\RegCure.lnk
[2011/04/02 14:36:33 | 000,000,057 | ---- | M] () -- F:\WINDOWS\System32\mapisvc.inf
[2011/04/02 14:13:56 | 000,015,600 | ---- | M] (Windows ® 2000 DDK provider) -- F:\WINDOWS\gdrv.sys
[2011/04/01 17:25:11 | 000,186,097 | ---- | M] () -- F:\WINDOWS\System32\nvapps.xml
[2011/04/01 16:30:54 | 000,000,664 | ---- | M] () -- F:\WINDOWS\System32\d3d9caps.dat
[2011/04/01 14:32:17 | 000,000,798 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Driver Sweeper.lnk
[2011/04/01 10:48:36 | 000,000,815 | ---- | M] () -- F:\Documents and Settings\Rod\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/31 17:42:13 | 000,001,792 | ---- | M] () -- F:\Documents and Settings\Rod\Desktop\Spyder3Elite 3.1.3.lnk
[2011/03/31 17:42:13 | 000,000,968 | ---- | M] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Spyder3Utility.lnk
[2011/03/31 17:15:50 | 000,001,839 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\TP-LINK Wireless Client Utility.lnk
[2011/03/31 15:42:39 | 000,000,813 | ---- | M] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Watch.lnk
[2011/03/31 15:40:10 | 000,000,726 | ---- | M] () -- F:\WINDOWS\bitsetup.bak
[2011/03/31 13:07:34 | 000,316,640 | ---- | M] () -- F:\WINDOWS\WMSysPr9.prx
[2011/03/31 11:57:07 | 000,000,804 | ---- | M] () -- F:\Documents and Settings\Rod\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/31 11:25:16 | 2145,386,496 | ---- | M] () -- F:\WINDOWS\MEMORY.DMP
[2011/03/31 10:43:15 | 000,025,065 | ---- | M] () -- F:\WINDOWS\System32\wmpscheme.xml
[2011/03/31 10:37:29 | 000,000,288 | ---- | M] () -- F:\WINDOWS\System32\$winnt$.inf
[2011/03/31 10:33:49 | 000,023,392 | ---- | M] () -- F:\WINDOWS\System32\nscompat.tlb
[2011/03/31 10:33:49 | 000,016,832 | ---- | M] () -- F:\WINDOWS\System32\amcompat.tlb
[2011/03/31 10:33:48 | 000,299,552 | ---- | M] () -- F:\WINDOWS\WMSysPrx.prx
[2011/03/31 10:33:42 | 000,004,295 | ---- | M] () -- F:\WINDOWS\ODBCINST.INI
[2011/03/31 10:31:48 | 000,023,348 | ---- | M] () -- F:\WINDOWS\System32\emptyregdb.dat
[2011/03/31 08:58:21 | 000,115,840 | ---- | M] () -- F:\WINDOWS\setupapi.old
[2011/03/29 07:36:42 | 000,000,742 | ---- | M] () -- F:\Documents and Settings\Rod\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/29 07:36:42 | 000,000,724 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/03/28 09:26:58 | 000,001,592 | ---- | M] () -- F:\WINDOWS\QUICKEN.INI
[4 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]
[11 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/22 16:45:43 | 000,000,903 | ---- | C] () -- F:\WINDOWS\ScreenMark.INI
[2011/04/20 19:56:59 | 000,014,529 | ---- | C] () -- E:\My Documents\St Peter's 04.dotx
[2011/04/16 21:43:46 | 000,001,852 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Finance Coordinator.lnk
[2011/04/16 21:39:52 | 000,000,704 | ---- | C] () -- F:\Documents and Settings\Rod\Desktop\FOXUSER.FPT
[2011/04/16 21:39:51 | 000,000,665 | ---- | C] () -- F:\Documents and Settings\Rod\Desktop\FOXUSER.DBF
[2011/04/15 08:42:51 | 000,065,587 | ---- | C] () -- F:\Documents and Settings\Rod\Desktop\P4091643_4.jpg
[2011/04/12 18:14:55 | 000,000,064 | ---- | C] () -- F:\WINDOWS\System32\rp_stats.dat
[2011/04/12 18:14:55 | 000,000,044 | ---- | C] () -- F:\WINDOWS\System32\rp_rules.dat
[2011/04/12 12:20:06 | 007,433,148 | ---- | C] () -- F:\Documents and Settings\Rod\Desktop\SWScan00001A.psd
[2011/04/12 12:11:44 | 007,874,174 | ---- | C] () -- F:\Documents and Settings\Rod\Desktop\SWScan00001.psd
[2011/04/12 12:09:08 | 009,438,054 | ---- | C] () -- F:\Documents and Settings\Rod\Desktop\SWScan00001.bmp
[2011/04/08 21:34:40 | 000,026,624 | ---- | C] () -- F:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/04/08 21:34:40 | 000,023,552 | ---- | C] () -- F:\WINDOWS\System32\dllcache\atixbar.sys
[2011/04/08 21:34:40 | 000,019,456 | ---- | C] () -- F:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/04/08 21:34:40 | 000,009,472 | ---- | C] () -- F:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/04/08 21:34:39 | 000,049,920 | ---- | C] () -- F:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/04/08 21:34:39 | 000,026,880 | ---- | C] () -- F:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/04/08 21:34:39 | 000,017,152 | ---- | C] () -- F:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/04/08 21:34:39 | 000,017,152 | ---- | C] () -- F:\WINDOWS\System32\dllcache\atitunep.sys
[2011/04/08 21:34:38 | 000,010,240 | ---- | C] () -- F:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/04/08 21:34:35 | 000,046,464 | ---- | C] () -- F:\WINDOWS\System32\dllcache\atibt829.sys
[2011/04/08 10:50:41 | 000,001,536 | ---- | C] () -- F:\Documents and Settings\Rod\Desktop\Registry copy 2011-04-08.reg
[2011/04/07 18:53:42 | 000,000,893 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk
[2011/04/07 18:52:37 | 000,010,264 | ---- | C] () -- F:\WINDOWS\EPSTPLOG.BAK
[2011/04/02 16:21:24 | 000,000,386 | ---- | C] () -- F:\WINDOWS\tasks\RegCure Program Check.job
[2011/04/02 16:21:24 | 000,000,368 | ---- | C] () -- F:\WINDOWS\tasks\RegCure.job
[2011/04/02 16:21:13 | 000,000,738 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\RegCure.lnk
[2011/04/02 14:20:51 | 000,003,903 | ---- | C] () -- F:\WINDOWS\System32\nvnrm.nvu
[2011/04/01 17:22:42 | 000,186,097 | ---- | C] () -- F:\WINDOWS\System32\nvapps.xml
[2011/04/01 17:22:04 | 000,018,070 | ---- | C] () -- F:\WINDOWS\System32\nvdisp.nvu
[2011/04/01 14:32:17 | 000,000,798 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Driver Sweeper.lnk
[2011/03/31 17:22:40 | 000,000,664 | ---- | C] () -- F:\WINDOWS\System32\d3d9caps.dat
[2011/03/31 15:39:31 | 000,000,726 | ---- | C] () -- F:\WINDOWS\bitsetup.bak
[2011/03/31 15:38:46 | 000,000,813 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Watch.lnk
[2011/03/31 11:17:32 | 2145,386,496 | ---- | C] () -- F:\WINDOWS\MEMORY.DMP
[2011/03/31 10:35:07 | 000,175,104 | ---- | C] () -- F:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/03/31 10:34:50 | 001,158,818 | ---- | C] () -- F:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/03/31 10:34:45 | 000,196,665 | ---- | C] () -- F:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/03/31 10:34:45 | 000,059,392 | ---- | C] () -- F:\WINDOWS\System32\dllcache\imscinst.exe
[2011/03/31 10:34:44 | 000,134,339 | ---- | C] () -- F:\WINDOWS\System32\dllcache\imekr.lex
[2011/03/31 10:34:37 | 013,463,552 | ---- | C] () -- F:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/03/31 10:34:30 | 000,108,827 | ---- | C] () -- F:\WINDOWS\System32\dllcache\hanja.lex
[2011/03/31 10:34:20 | 000,173,568 | ---- | C] () -- F:\WINDOWS\System32\dllcache\chtskf.dll
[2011/03/31 10:26:15 | 000,797,189 | ---- | C] () -- F:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/03/31 10:26:15 | 000,399,645 | ---- | C] () -- F:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/03/31 10:26:15 | 000,037,484 | ---- | C] () -- F:\WINDOWS\System32\dllcache\MW770.CAT
[2011/03/31 10:26:15 | 000,013,472 | ---- | C] () -- F:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/03/31 10:26:15 | 000,008,574 | ---- | C] () -- F:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/03/31 10:26:15 | 000,007,382 | ---- | C] () -- F:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/03/29 07:36:42 | 000,000,730 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/02/06 12:07:09 | 000,262,216 | ---- | C] () -- F:\WINDOWS\System32\IPTests.dll
[2011/02/06 12:06:56 | 000,077,824 | ---- | C] () -- F:\WINDOWS\System32\wgapiloc.dll
[2011/02/06 12:06:55 | 000,422,000 | ---- | C] () -- F:\WINDOWS\System32\wgapi.dll
[2010/12/15 15:46:34 | 000,252,920 | ---- | C] () -- F:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/15 15:46:32 | 000,252,924 | ---- | C] () -- F:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/15 15:46:32 | 000,000,001 | ---- | C] () -- F:\WINDOWS\System32\nvdrssel.bin
[2010/12/10 12:06:03 | 004,014,080 | ---- | C] () -- F:\WINDOWS\System32\qt-mt333.dll
[2010/12/10 12:04:55 | 000,000,197 | ---- | C] () -- F:\WINDOWS\i1Share.ini
[2010/11/23 15:23:45 | 000,968,120 | ---- | C] () -- F:\WINDOWS\ampa.exe
[2010/11/23 15:23:45 | 000,010,936 | ---- | C] () -- F:\WINDOWS\System32\ampa.sys
[2010/10/09 11:00:02 | 000,001,456 | ---- | C] () -- F:\Documents and Settings\Rod\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2010/09/08 19:13:51 | 000,016,432 | ---- | C] () -- F:\WINDOWS\System32\lsdelete.exe
[2010/08/23 18:04:02 | 000,105,016 | -H-- | C] () -- F:\WINDOWS\System32\mlfcache.dat
[2010/08/14 14:50:55 | 000,651,264 | ---- | C] () -- F:\WINDOWS\System32\libeay32.dll
[2010/08/14 14:50:55 | 000,266,240 | ---- | C] () -- F:\WINDOWS\System32\PlugPlayPCIDevice.exe
[2010/08/14 14:50:55 | 000,147,456 | ---- | C] () -- F:\WINDOWS\System32\ssleay32.dll
[2010/08/14 14:50:55 | 000,110,592 | ---- | C] () -- F:\WINDOWS\System32\AegisI5.exe
[2010/08/14 14:50:55 | 000,045,056 | ---- | C] () -- F:\WINDOWS\System32\wltrysvc.exe
[2010/08/14 14:50:55 | 000,002,535 | ---- | C] () -- F:\WINDOWS\System32\bcmwlhom.ini
[2010/08/14 14:50:55 | 000,000,417 | ---- | C] () -- F:\WINDOWS\System32\layout.bin
[2010/06/22 11:14:12 | 000,001,025 | ---- | C] () -- F:\WINDOWS\System32\sysprs7.dll
[2010/06/22 11:14:12 | 000,001,025 | ---- | C] () -- F:\WINDOWS\System32\clauth2.dll
[2010/06/22 11:14:12 | 000,001,025 | ---- | C] () -- F:\WINDOWS\System32\clauth1.dll
[2010/06/22 11:14:12 | 000,000,205 | ---- | C] () -- F:\WINDOWS\System32\lsprst7.dll
[2010/06/22 11:14:12 | 000,000,073 | ---- | C] () -- F:\WINDOWS\System32\ssprs.dll
[2010/06/22 11:14:12 | 000,000,021 | ---- | C] () -- F:\WINDOWS\SurCode.INI
[2009/11/28 15:31:48 | 000,000,145 | ---- | C] () -- F:\WINDOWS\Eudcedit.ini
[2009/11/18 17:04:40 | 000,000,027 | ---- | C] () -- F:\WINDOWS\EZSET_SP.INI
[2009/11/18 13:12:40 | 000,000,000 | ---- | C] () -- F:\WINDOWS\Ui.INI
[2009/11/01 17:26:38 | 000,001,732 | ---- | C] () -- F:\WINDOWS\System32\drivers\nvphy.bin
[2009/11/01 14:13:51 | 002,292,678 | ---- | C] () -- F:\WINDOWS\System32\nvdata.bin
[2009/10/21 12:10:10 | 001,663,488 | ---- | C] () -- F:\WINDOWS\System32\BootMan.exe
[2009/10/21 12:10:10 | 000,086,408 | ---- | C] () -- F:\WINDOWS\System32\setupempdrv03.exe
[2009/10/21 12:10:10 | 000,014,848 | ---- | C] () -- F:\WINDOWS\System32\EuEpmGdi.dll
[2009/10/21 12:10:10 | 000,008,704 | ---- | C] () -- F:\WINDOWS\System32\epmntdrv.sys
[2009/10/21 12:10:10 | 000,003,072 | ---- | C] () -- F:\WINDOWS\System32\EuGdiDrv.sys
[2009/09/20 01:33:32 | 000,000,488 | ---- | C] () -- F:\WINDOWS\JustWrite.INI
[2009/09/20 01:27:37 | 000,036,864 | ---- | C] () -- F:\WINDOWS\System32\TaskKeyHook.dll
[2009/09/18 10:53:55 | 000,005,248 | ---- | C] () -- F:\WINDOWS\System32\giveio.sys
[2009/08/03 20:36:07 | 000,002,560 | ---- | C] () -- F:\WINDOWS\_MSRSTRT.EXE
[2009/08/03 20:25:20 | 000,017,920 | ---- | C] () -- F:\WINDOWS\System32\implode.dll
[2009/07/19 21:08:35 | 000,044,544 | ---- | C] () -- F:\WINDOWS\System32\Gif89.dll
[2009/04/29 11:34:31 | 000,000,126 | ---- | C] () -- F:\Documents and Settings\Rod\Local Settings\Application Data\fusioncache.dat
[2009/04/10 17:06:07 | 000,044,344 | ---- | C] () -- F:\WINDOWS\System32\drivers\SEQCAL.SYS
[2009/04/10 17:06:01 | 000,045,056 | ---- | C] () -- F:\WINDOWS\System32\Mplps.dll
[2009/04/01 09:38:20 | 000,000,039 | ---- | C] () -- F:\WINDOWS\ImageViewer.INI
[2009/03/14 15:00:33 | 000,000,116 | ---- | C] () -- F:\WINDOWS\NeroDigital.ini
[2009/03/14 12:41:17 | 000,000,128 | ---- | C] () -- F:\WINDOWS\KMSTMVM.ini
[2009/03/11 15:32:28 | 006,772,736 | ---- | C] () -- F:\WINDOWS\System32\tliadjust30.dll
[2009/03/04 16:21:08 | 000,120,200 | ---- | C] () -- F:\WINDOWS\System32\DLLDEV32i.dll
[2009/03/04 16:20:38 | 000,006,211 | ---- | C] () -- F:\WINDOWS\mgxoschk.ini
[2009/02/27 14:38:03 | 000,482,816 | ---- | C] () -- F:\WINDOWS\System32\RGT001.DLL
[2009/02/26 16:08:54 | 000,000,034 | ---- | C] () -- F:\WINDOWS\AutoRun.ini
[2009/02/16 18:54:26 | 000,045,056 | ---- | C] () -- F:\WINDOWS\System32\vusetup.dll
[2009/02/15 19:01:21 | 000,001,582 | ---- | C] () -- F:\WINDOWS\System32\odbcinst.ini
[2009/02/08 09:52:00 | 000,003,584 | ---- | C] () -- F:\Documents and Settings\Rod\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/24 12:47:25 | 000,000,000 | ---- | C] () -- F:\WINDOWS\Irremote.ini
[2009/01/23 10:11:10 | 000,000,074 | ---- | C] () -- F:\WINDOWS\MPLAYER.INI
[2009/01/22 16:59:36 | 000,000,492 | ---- | C] () -- F:\WINDOWS\MAXLINK.INI
[2009/01/22 16:56:37 | 000,118,784 | ---- | C] () -- F:\WINDOWS\System32\MKCoInstaller.dll
[2009/01/22 15:06:12 | 000,000,224 | -H-- | C] () -- F:\Documents and Settings\All Users\Application Data\{268EB95C-7C1C-4826-B79E-0E50B1A64C5A}.dss
[2009/01/22 11:52:26 | 000,000,175 | ---- | C] () -- F:\WINDOWS\qwimp.ini
[2009/01/22 11:22:27 | 002,463,976 | ---- | C] () -- F:\WINDOWS\System32\NPSWF32.dll
[2009/01/22 11:00:42 | 000,001,592 | ---- | C] () -- F:\WINDOWS\QUICKEN.INI
[2009/01/22 11:00:42 | 000,000,523 | ---- | C] () -- F:\WINDOWS\intuprof.ini
[2009/01/22 09:29:17 | 000,000,606 | ---- | C] () -- F:\WINDOWS\ODBC.INI
[2009/01/22 05:34:52 | 000,004,295 | ---- | C] () -- F:\WINDOWS\ODBCINST.INI
[2009/01/22 05:34:00 | 000,122,136 | ---- | C] () -- F:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/21 23:02:26 | 000,000,000 | ---- | C] () -- F:\WINDOWS\nsreg.dat
[2009/01/21 21:57:02 | 000,049,152 | R--- | C] () -- F:\WINDOWS\System32\ChCfg.exe
[2009/01/21 21:45:08 | 000,002,048 | --S- | C] () -- F:\WINDOWS\bootstat.dat
[2009/01/21 21:42:38 | 000,023,348 | ---- | C] () -- F:\WINDOWS\System32\emptyregdb.dat
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/08 18:26:22 | 000,012,288 | ---- | C] () -- F:\WINDOWS\System32\drivers\Spyder3.sys
[2008/08/20 01:26:51 | 000,000,038 | ---- | C] () -- F:\WINDOWS\System32\watdeco79.bin
[2008/07/22 01:26:51 | 000,000,038 | ---- | C] () -- F:\WINDOWS\KB913446r21.ini
[2008/05/16 19:31:00 | 000,286,720 | ---- | C] () -- F:\WINDOWS\System32\nvnt4cpl.dll
[2005/03/27 07:06:00 | 000,044,344 | ---- | C] () -- F:\WINDOWS\System32\drivers\EyeOneDp.sys
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- F:\WINDOWS\System32\secupd.dat
[2003/03/31 13:00:00 | 013,107,200 | ---- | C] () -- F:\WINDOWS\System32\oembios.bin
[2003/03/31 13:00:00 | 000,673,088 | ---- | C] () -- F:\WINDOWS\System32\mlang.dat
[2003/03/31 13:00:00 | 000,507,270 | ---- | C] () -- F:\WINDOWS\System32\perfh009.dat
[2003/03/31 13:00:00 | 000,272,128 | ---- | C] () -- F:\WINDOWS\System32\perfi009.dat
[2003/03/31 13:00:00 | 000,218,003 | ---- | C] () -- F:\WINDOWS\System32\dssec.dat
[2003/03/31 13:00:00 | 000,090,062 | ---- | C] () -- F:\WINDOWS\System32\perfc009.dat
[2003/03/31 13:00:00 | 000,046,258 | ---- | C] () -- F:\WINDOWS\System32\mib.bin
[2003/03/31 13:00:00 | 000,028,626 | ---- | C] () -- F:\WINDOWS\System32\perfd009.dat
[2003/03/31 13:00:00 | 000,004,461 | ---- | C] () -- F:\WINDOWS\System32\oembios.dat
[2003/03/31 13:00:00 | 000,001,804 | ---- | C] () -- F:\WINDOWS\System32\dcache.bin
[2003/03/31 13:00:00 | 000,000,741 | ---- | C] () -- F:\WINDOWS\System32\noise.dat
[2001/09/03 20:04:00 | 000,000,145 | ---- | C] () -- F:\WINDOWS\System32\EBPPORT.DAT
[2001/06/18 10:23:40 | 000,057,344 | ---- | C] () -- F:\WINDOWS\System32\bpenhan.dll
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- F:\WINDOWS\System32\MSRTEDIT.DLL
[1998/06/11 19:08:06 | 000,095,232 | ---- | C] () -- F:\WINDOWS\System32\lfkodak.dll
[1993/07/23 18:31:02 | 000,210,944 | ---- | C] () -- F:\WINDOWS\System32\MSVCRT10.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >


OTL Extras logfile created on: 24/04/2011 21:57:59 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = O:\Downloaded items
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 73.00% Memory free
10.00 Gb Paging File | 10.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0O:\pagefile.sys 0 0 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 146.48 Gb Total Space | 141.28 Gb Free Space | 96.45% Space Free | Partition Type: NTFS
Drive E: | 160.16 Gb Total Space | 142.69 Gb Free Space | 89.10% Space Free | Partition Type: NTFS
Drive F: | 159.11 Gb Total Space | 87.45 Gb Free Space | 54.96% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 699.80 Gb Free Space | 75.13% Space Free | Partition Type: NTFS
Drive I: | 124.48 Mb Total Space | 97.74 Mb Free Space | 78.51% Space Free | Partition Type: FAT
Drive L: | 3.81 Gb Total Space | 0.89 Gb Free Space | 23.26% Space Free | Partition Type: FAT32
Drive O: | 931.51 Gb Total Space | 633.04 Gb Free Space | 67.96% Space Free | Partition Type: NTFS

Computer Name: RJBOFFICE | User Name: Rod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-484763869-1035525444-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ALDI print service.exe] -- "F:\Program Files\ALDI\ALDI print service\ALDI print service.exe" "%1" ()
Directory [ALDI Print Software] -- "F:\Program Files\ALDI\ALDI Print Software\ALDI Print Software.exe" "%1" ()
Directory [Bridge] -- F:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS4 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS4 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"51000:TCP" = 51000:TCP:*:Enabled:Adobe Version Cue CS4 Server
"51001:TCP" = 51001:TCP:*:Enabled:Adobe Version Cue CS4 Server

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = F:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"F:\Documents and Settings\Rod\Local Settings\Temp\OnlineUpdate8\SetupXu.exe" = F:\Documents and Settings\Rod\Local Settings\Temp\OnlineUpdate8\SetupXu.exe:*:Enabled:Nero ControlCenter
"F:\Program Files\AVG\AVG8\avgupd.exe" = F:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"F:\Program Files\AVG\AVG8\avgnsx.exe" = F:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
"F:\Program Files\Mozilla Firefox\firefox.exe" = F:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"F:\Program Files\Mozilla Thunderbird\thunderbird.exe" = F:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird -- (Mozilla Messaging)
"F:\Program Files\AVG\AVG9\avgupd.exe" = F:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe
"F:\Program Files\AVG\AVG9\avgnsx.exe" = F:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe
"F:\Program Files\BitLord\BitLord.exe" = F:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord -- (www.BitLord.com)
"F:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = F:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"F:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" = F:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server -- (Adobe Systems Incorporated)
"F:\Program Files\uTorrent\uTorrent.exe" = F:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E58B969-9BB4-4012-8D8B-D06005D1CD24}" = TP-LINK Wireless Client Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2E5A5B57-57FC-4C79-A239-9DB280ADEC2A}" = Microsoft RAW Image Thumbnailer and Viewer for Windows XP Version 1.0 (Build 50)
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{366CC735-543D-42CB-9C03-D7512314DE52}" = Quicken 2004
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{5015B233-E46A-4967-9818-8B928837B0EF}" = PhotoTools 2.0.1 Lite
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{527B9B7E-5249-4681-9259-018F7DDB351C}" = Cloudmark Desktop for Mozilla Thunderbird
"{52B99BCA-6251-498F-88CA-420D31CBC8C7}" = Wacom JustWrite Office
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5E684419-44E3-46EE-A43C-A60082CBF4EC}" = Topaz Adjust 3
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5ED5BC4D-CADC-4705-A230-D1FC80882252}" = PhotoTools 2.5.5 Free
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{665551E8-F74B-4979-8337-DD2A80D65EC0}" = TP-LINK Client Installation Program
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89883FFF-054E-4BCE-A131-15F3D9F50E6F}" = EZcolor 2.6.5
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E17CBF0F-02A4-44E9-A77B-652467911B8E}" =
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{970DAC2B-598F-4F9B-BE3C-3279AEA287D5}" = Finance Coordinator 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A35883BD-9C83-4625-82F3-90F86728C662}" = FreeUndelete
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Franēais, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_944" = Adobe Acrobat 9.4.4 - CPSID_83708
"{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1" = Free MP3 Recorder 1.0
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AEF93784-C94B-448B-B9D4-FABBD05FE691}" = DiCentra
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1" = Uniblue SystemTweaker
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F811E029-35C8-4742-933D-0EAEFB5958C9}" = BT Voyager Wireless Utility
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FC0C329F-2851-4859-A2EC-4DCF4874E5D6}" = isposure (installed by tbbMeter)
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"7-Zip" = 7-Zip 4.65
"ABBYY FineReader 4.0 Sprint" = ABBYY FineReader 4.0 Sprint
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Alarm_is1" = Alarm 2.0.4
"ALDI Photo Manager (free) UK" = ALDI Photo Manager (free) 4.1.1.200 (UK)
"ALDI Photo Service UK" = ALDI Photo Service 1.12.0.99 (UK)
"ALDI print service" = ALDI print service
"ALDI Print Software" = ALDI Print Software
"AMP Font Viewer" = AMP Font Viewer
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitLord" = BitLord 1.1
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"CS432_is1" = Tone Mapping Plug-In 2.0
"DriverAgent.exe" = DriverAgent by eSupport.com
"DriverAgent_is1" = DriverAgent by eSupport.com
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.1.7
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 4.0 Home Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON Printer Software
"ESP 1290 890 Guide" = ESP 1290 890 Guide
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.00
"Eye-One Match_is1" = Eye-One Match 3.2
"Eye-One Share" = Eye-One Share
"EyeOneDiagnostics_is1" = EyeOneDiagnostics
"EZBack-it-up_is1" = EZBack-it-up 2.0.1
"Finance Coordinator 2" = Finance Coordinator 2
"Firebird SQL Server UK" = Firebird SQL Server - MAGIX Edition
"Focus Magic" = Focus Magic
"FTW" = Family Tree Maker
"Fujifilm Desktop Kiosk" = Fujifilm Desktop Kiosk
"gBurner" = gBurner
"Google Updater" = Google Updater
"HWiNFO32_is1" = HWiNFO32 Version 3.56
"i1ColorPoint 1.0" = i1ColorPoint 1.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"Kyocera FS-1100 / FS-1300D Printer Library" = Kyocera FS-1100 / FS-1300D Printer Library
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile - PREVIEW
"Mozilla Firefox 4.0 (x86 en-GB)" = Mozilla Firefox 4.0 (x86 en-GB)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mustek 1200 UB Plus v2.0" = Mustek 1200 UB Plus v2.0
"Neat Image_is1" = Neat Image v5 Demo (with plug-in)
"Nero - Burning Rom!UninstallKey" = Nero 6
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opanda IExif_is1" = Opanda IExif 2.3
"Opanda PowerExif Professional Trial_is1" = Opanda PowerExif 1.2 Professional Trial
"Partition Assistant Home Edition_is1" = Partition Assistant 2.6 Home Edition
"PeerGuardian_is1" = PeerGuardian 2.0
"Pen Tablet Driver" = Bamboo
"Photodex Presenter" = Photodex Presenter
"PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.7
"ProShow Gold" = ProShow Gold
"ProShow Producer" = ProShow Producer
"PTGui" = PTGui Pro 8.2.1
"QuickSFV" = QuickSFV (Remove only)
"RegCure" = RegCure
"Silver Efex Pro" = Silver Efex Pro
"simple2_is1" = Tone Mapping Plug-In 1.2
"Spyder3Elite" = Spyder3Elite
"SSC Service Utility_is1" = SSC Service Utility v4.30
"SystemRequirementsLab" = System Requirements Lab
"TomTom HOME" = TomTom HOME 2.8.1.2218
"TorrentMan Toolbar" = TorrentMan Toolbar
"Tweak UI 2.10" = Tweak UI
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
"Unlocker" = Unlocker 1.8.7
"uTorrent" = µTorrent
"virtualPhotographer_is1" = virtualPhotographer 1.5.6
"Visio Standard" = Visio Standard
"VISPRO" = Microsoft Office Visio Professional 2007
"VST Bridge_is1" = VST Bridge 1.1
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Wdf01001" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.1
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"zipitfree1.90" = ZipItFree 1.90

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/04/2011 07:36:46 | Computer Name = RJBOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application Acrobat.exe, version 9.4.2.220, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 20/04/2011 07:36:46 | Computer Name = RJBOFFICE | Source = Application Hang | ID = 1002
Description = Hanging application Acrobat.exe, version 9.4.2.220, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 20/04/2011 07:37:05 | Computer Name = RJBOFFICE | Source = Application Hang | ID = 1001
Description = Fault bucket -1992275653.

Error - 20/04/2011 07:37:12 | Computer Name = RJBOFFICE | Source = Application Hang | ID = 1001
Description = Fault bucket -1992275653.

Error - 21/04/2011 04:41:30 | Computer Name = RJBOFFICE | Source = Application Error | ID = 1000
Description = Faulting application gmer.exe, version 1.0.15.15570, faulting module
gmer.exe, version 1.0.15.15570, fault address 0x0000c676.

Error - 21/04/2011 04:59:53 | Computer Name = RJBOFFICE | Source = Application Error | ID = 1001
Description = Fault bucket -1932482544.

[ OSession Events ]
Error - 27/03/2010 14:14:33 | Computer Name = RJBOFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4087
seconds with 2160 seconds of active time. This session ended with a crash.

Error - 03/04/2010 04:42:42 | Computer Name = RJBOFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 22/07/2010 23:46:35 | Computer Name = RJBOFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 1741
seconds with 1620 seconds of active time. This session ended with a crash.

Error - 22/07/2010 23:49:46 | Computer Name = RJBOFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 108
seconds with 60 seconds of active time. This session ended with a crash.

Error - 04/11/2010 08:16:24 | Computer Name = RJBOFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 55
seconds with 0 seconds of active time. This session ended with a crash.

Error - 08/11/2010 11:22:43 | Computer Name = RJBOFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 87
seconds with 0 seconds of active time. This session ended with a crash.

Error - 20/12/2010 08:34:01 | Computer Name = RJBOFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.

Error - 20/03/2011 08:48:45 | Computer Name = RJBOFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 64
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 24/04/2011 16:53:03 | Computer Name = RJBOFFICE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk8\D, has a bad block.

Error - 24/04/2011 16:53:03 | Computer Name = RJBOFFICE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk8\D, has a bad block.

Error - 24/04/2011 16:53:03 | Computer Name = RJBOFFICE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk8\D, has a bad block.

Error - 24/04/2011 16:53:03 | Computer Name = RJBOFFICE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk8\D, has a bad block.

Error - 24/04/2011 16:53:03 | Computer Name = RJBOFFICE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk8\D, has a bad block.

Error - 24/04/2011 16:53:03 | Computer Name = RJBOFFICE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk8\D, has a bad block.

Error - 24/04/2011 16:53:03 | Computer Name = RJBOFFICE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk8\D, has a bad block.

Error - 24/04/2011 16:53:03 | Computer Name = RJBOFFICE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk8\D, has a bad block.

Error - 24/04/2011 16:54:41 | Computer Name = RJBOFFICE | Source = System Error | ID = 1003
Description = Error code 000000d4, parameter1 b3b25968, parameter2 00000002, parameter3
00000000, parameter4 805363c6.

Error - 24/04/2011 16:54:58 | Computer Name = RJBOFFICE | Source = System Error | ID = 1003
Description = Error code 000000d4, parameter1 b3b25968, parameter2 00000002, parameter3
00000000, parameter4 805363c6.


< End of report >


Hope you an help!

#6 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:08:42 AM

Posted 25 April 2011 - 08:36 AM

Hi,

Can you please tell me why did you add this to host file:

O1 - Hosts: 127.0.0.1 activate.adobe.com



P2P Warning:

BitLord 1.1
µTorrent


Your log(s) show that you are using so called peer-to-peer or file-sharing programmes .

These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."



==================================


1. Please go to Control Panel > Add Remove programs and uninstall RegCure, see here why -> https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Program:Win32/RegCure



2. Please reopen OTL on your desktop.
  • Copy and Paste the following code into the Custom Scan/Fixes text box.

    :OTL
    SRV - File not found [Auto | Stopped] -- -- (QPCopyEngine)
    IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKU\S-1-5-21-484763869-1035525444-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    [2011/03/31 08:58:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Iomega
    
    :Commands
    [REBOOT] 
    
  • Push the Run Fix button.
  • OTL may ask to reboot the machine. Please do so if asked.
  • A massage box "Fix complete! Click OK to open the fix log." will pop-up.
  • Click the OK button and a report will open.
  • Copy and Paste that report in your next reply.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#7 Rodofedg

Rodofedg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 25 April 2011 - 11:01 AM

Although P2P software is on my PC I rarely touch it, and never for music or films. Should I uninstall it?

Herewith the OTL log:

Error: No service named QPCopyEngine was found to stop!
Service\Driver key QPCopyEngine not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-21-484763869-1035525444-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Folder F:\Documents and Settings\All Users\Start Menu\Programs\Iomega\ not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.22.3 log created on 04252011_165857

#8 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:08:42 AM

Posted 25 April 2011 - 05:39 PM

How's the computer running? Also can you please tell me why did you add activate.adobe.com to the computer's hosts file?

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#9 Rodofedg

Rodofedg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 26 April 2011 - 03:11 AM

The serious error message inviting me to send it to Microsoft still appears each time the PC boots, as it has this morning. I click 'don't send' and everything appears to run normally from then on. Is there a way of zapping what continues to appear to be this spurious message?

Don't understand your query re adobe.com. Not conscious of having done anything and wouldn't know how to 'add activate.adobe.com to the computer's hosts file?' Is there something I need to correct?

Thanks for your help so far.

#10 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:08:42 AM

Posted 26 April 2011 - 07:41 AM

It will simply prevent adobe from activating, others put it on purpose that's why I asked.

I need to see the dump files to find the cause of the error.

Use Windows Advanced Search to find the file, to do that:

  • Click the Start button then click Search and the Search window will open.
  • Click All Files or Folders.
  • Type mini*.dmp at the box where it say's "All or part of the file name".
  • Look through your hard drive.
  • Under the More options Tab, put a check at the Following:

Search system folders
Search hidden files and folders
Search subfolders

  • Then click search to search.
  • Zip the file and attach it to your reply. To attach the file:

        * When you press the ADDREPLY, under the reply window press Browse... show the path to the zip-file on your computer:
        * Highlight the zip-file and click Open then press the green UPLOAD button.


~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#11 Rodofedg

Rodofedg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 26 April 2011 - 09:52 AM

The zipped file was too big to upload with all the files in Windows\minidump folder so have deleted oldets ones

Attached Files



#12 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:08:42 AM

Posted 27 April 2011 - 05:46 AM

Hi, please try the following:


1. Please check volume for errors.
  • To check the volume for errors:
  • Click start and then My Computer.
  • Right click the drive C and select Properties.
  • Under Tools tab press Check Now...
  • Put a check mark in both items and press start.
  • If you get a message click Yes to schedule the disk check and click OK and then restart your computer to start the disk check. Please be patient and let the system run. In some cases it might take a couple of hours and you don't have to sit there the whole time.



2. Please go to this link -> http://www.bleepingcomputer.com/tutorials/the-importance-of-disk-defragmentation/ and follow the steps to perform a Disk Defragmentation.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#13 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:08:42 AM

Posted 02 May 2011 - 04:54 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users