Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue screen atapi.sys malware TDL4@MBR


  • This topic is locked This topic is locked
44 replies to this topic

#1 thatcher

thatcher

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 14 May 2011 - 01:22 PM

Used Avast. Spybot and Malware in an effort to remove. Looks like rootkit. I get blue screen with an atapi.sys driver error and a memory dump. It will redirect
browser. After the defogger I had to to start in safe mode and all the logs are generated in safe mode. Thanks for your help

.
DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by Mom and Dad at 9:53:44.64 on Sat 05/14/2011
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.593 [GMT -7:00]
.
AV: Webroot AntiVirus with Spy Sweeper *Enabled/Updated* {77E10C7F-2CCA-4187-9394-BDBC267AD597}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Mom and Dad\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE_PLUSY_USONLY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110409&user_guid=5A9AE84CC413451A91372FDC8262F2A7&machine_id=bd5d5e390a25fd3b85b195c2c7a5663d&browser=IE&os=win&os_version=5.1-x86-SP3
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJxdm086YYUS&fl=0&ptb=qMR._V1CFwXWvyOeIi7JIw&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
uInternet Connection Wizard,ShellNext = hxxp://us.mcafee.com/root/learnmore/learnmore.asp?close=true&lcode=en-us
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - c:\program files\startnow toolbar\Toolbar32.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\mybabylon_english\prxtbmyB0.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: PersonalWebBHO: {d35980cb-66df-477b-bf63-64eb8f48cb3a} - c:\program files\claria\personalweb\PersonalWebIE_v1310.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\mybabylon_english\prxtbmyB0.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [Aim] "c:\program files\aim7\aim.exe" /d locale=en-US
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [ehTray] "c:\windows\ehome\ehtray.exe"
mRun: [SigmatelSysTrayApp] "stsystra.exe"
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [DMXLauncher] "c:\program files\dell\media experience\DMXLauncher.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [<NO NAME>]
mRun: [DLA] "c:\windows\system32\dla\DLACTRLW.EXE"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [ControlCenter2.0] "c:\program files\brother\controlcenter2\brctrcen.exe" /autorun
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe"
mRun: [AOLDialer] "c:\program files\common files\aol\acs\AOLDial.exe"
mRun: [HostManager] "c:\program files\common files\aol\1176529941\ee\AOLSoftware.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID%
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [DLCFCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCFtime.dll,_RunDLLEntry@16
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
dRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\momand~1\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\airlin~1.lnk - c:\program files\airlink101\awll3028\RtWLan.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ma101c~1.lnk - c:\program files\netgear\ma101 usb adapter configuration utility\WlanMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pushcl~1.lnk - c:\interwise\student\pull.exe
IE: &Search
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {b9b12deb-a92b-4496-898a-8ce5d29505b4} - c:\program files\clip extractor\ClipExtractor.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program files\partygaming.net\partypokernet\RunPF.exe
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {03F0E28F-1C51-4a56-A8F1-E8BF15AF8346} - {21E57A54-1904-48B9-AC1C-BBF4DE78BA94} - c:\program files\claria\personalweb\PersonalWebIE_v1310.dll
IE: {1BD60387-6806-4897-8002-0B855DFEAEEA} - {23F85405-E678-49BF-85F6-86FC277B2608} - c:\program files\claria\personalweb\PersonalWebIE_v1310.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: musicmatch.com\online
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {11865A2A-649F-4FA1-8B99-B97DF8070B7C} - hxxp://konicaminolta.interwise.com/webinar/English/ActiveX/IWsystemchecks.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {6F750202-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} - hxxp://pictures04.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.8.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\615\G2AWinLogon.dll
AppInit_DLLs: c:\windows\system32\lftif11n32.dll c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\momand~1\applic~1\mozilla\firefox\profiles\owartlur.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE_PLUSY_USONLY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110409&user_guid=5A9AE84CC413451A91372FDC8262F2A7&machine_id=bd5d5e390a25fd3b85b195c2c7a5663d&browser=FF&os=win&os_version=5.1-x86-SP3&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\mom and dad\application data\mozilla\firefox\profiles\owartlur.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: c:\documents and settings\mom and dad\application data\mozilla\firefox\profiles\owartlur.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\mom and dad\application data\mozilla\firefox\profiles\owartlur.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\mom and dad\application data\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\documents and settings\mom and dad\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: c:\documents and settings\mom and dad\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\gametap\bin\release\npgametaptool.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\3.0.50106.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
---- FIREFOX POLICIES ----
FF - user.js: dom.disable_open_during_load - false // Popupblocker control handled by McAfee Privacy Service
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
FF - user.js: browser.sessionstore.resume_from_crash - false
.
============= SERVICES / DRIVERS ===============
.
R3 RTL8187B;Airlink101 802.11g USB 2.0 Adapter;c:\windows\system32\drivers\rtl8187B.sys [2008-6-29 238208]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2006-3-31 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-4 307928]
S2 6to432;IPv6 Helper Service ;c:\windows\system32\kbdgr132.exe --> c:\windows\system32\kbdgr132.exe [?]
S2 AppMgmt32;Application Management ;c:\windows\system32\dlcfutil32.exe --> c:\windows\system32\dlcfutil32.exe [?]
S2 aspnet_state32;ASP.NET State Service ;c:\windows\system32\ieakui32.exe --> c:\windows\system32\ieakui32.exe [?]
S2 aspnet_state3232;ASP.NET State Service ;c:\windows\system32\msjint4032.exe --> c:\windows\system32\msjint4032.exe [?]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-4 19544]
S2 Ati HotKey Poller32;Ati HotKey Poller ;c:\windows\system32\modex32.exe --> c:\windows\system32\modex32.exe [?]
S2 AudioSrv32;Windows Audio ;c:\windows\system32\atitvo3232.exe --> c:\windows\system32\atitvo3232.exe [?]
S2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-4 42184]
S2 Bonjour Service32;Bonjour Service ;c:\windows\system32\odbccr3232.exe --> c:\windows\system32\odbccr3232.exe [?]
S2 Bonjour Service3232;Bonjour Service ;c:\windows\system32\slayerxp32.exe --> c:\windows\system32\slayerxp32.exe [?]
S2 Browser32;Computer Browser ;c:\windows\system32\bthserv32.exe --> c:\windows\system32\bthserv32.exe [?]
S2 Browser3232;Computer Browser ;c:\windows\system32\trkwks32.exe --> c:\windows\system32\trkwks32.exe [?]
S2 Browser323232;Computer Browser ;c:\windows\system32\dnssd32.exe --> c:\windows\system32\dnssd32.exe [?]
S2 ClipSrv3232;ClipBook ;c:\windows\system32\shell32.exe --> c:\windows\system32\shell32.exe [?]
S2 clr_optimization_v2.0.50727_3232;.NET Runtime Optimization Service v2.0.50727_X86 ;c:\windows\system32\atipdlxx32.exe --> c:\windows\system32\atipdlxx32.exe [?]
S2 CryptSvc32;Cryptographic Services ;c:\windows\system32\fxdb32.exe --> c:\windows\system32\Fxdb32.exe [?]
S2 DbgSvc;Debug Diagnostic Service;c:\program files\debugdiag\DbgSvc.exe [2007-1-16 316256]
S2 DcomLaunch32;DCOM Server Process Launcher ;c:\windows\system32\fldrclnr32.exe --> c:\windows\system32\fldrclnr32.exe [?]
S2 DcomLaunch3232;DCOM Server Process Launcher ;c:\windows\system32\osuninst32.exe --> c:\windows\system32\osuninst32.exe [?]
S2 Dhcp32;DHCP Client ;c:\windows\system32\prflbmsg32.exe --> c:\windows\system32\prflbmsg32.exe [?]
S2 Dhcp3232;DHCP Client ;c:\windows\system32\wscsvc32.exe --> c:\windows\system32\wscsvc32.exe [?]
S2 DisplayLinkService;DisplayLinkManager;c:\program files\displaylink core software\DisplayLinkManager.exe [2009-11-19 4715880]
S2 DisplayLinkService32;DisplayLinkManager ;c:\windows\system32\msdtcuiu32.exe --> c:\windows\system32\msdtcuiu32.exe [?]
S2 DisplayLinkService3232;DisplayLinkManager ;c:\windows\system32\ddeml32.exe --> c:\windows\system32\ddeml32.exe [?]
S2 DisplayLinkService323232;DisplayLinkManager ;c:\windows\system32\dsuiext32.exe --> c:\windows\system32\dsuiext32.exe [?]
S2 DisplayLinkService32323232;DisplayLinkManager ;c:\windows\system32\ieframe32.exe --> c:\windows\system32\ieframe32.exe [?]
S2 dmserver32;Logical Disk Manager ;c:\windows\system32\mswmdm32.exe --> c:\windows\system32\mswmdm32.exe [?]
S2 dmserver3232;Logical Disk Manager ;c:\windows\system32\lffax11n32.exe --> c:\windows\system32\lffax11n32.exe [?]
S2 Dnscache32;DNS Client ;c:\windows\system32\msgsvc32.exe --> c:\windows\system32\msgsvc32.exe [?]
S2 Dnscache3232;DNS Client ;c:\windows\system32\ftsrch32.exe --> c:\windows\system32\ftsrch32.exe [?]
S2 Dnscache323232;DNS Client ;c:\windows\system32\gptext32.exe --> c:\windows\system32\gptext32.exe [?]
S2 Dnscache32323232;DNS Client ;c:\windows\system32\tapi332.exe --> c:\windows\system32\tapi332.exe [?]
S2 DSBrokerService32;DSBrokerService ;c:\windows\system32\raschap32.exe --> c:\windows\system32\raschap32.exe [?]
S2 EapHost32;Extensible Authentication Protocol Service ;c:\windows\system32\url32.exe --> c:\windows\system32\url32.exe [?]
S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2008-6-29 38144]
S2 ehRecvr32;Media Center Receiver Service ;c:\windows\system32\msratelc32.exe --> c:\windows\system32\msratelc32.exe [?]
S2 ehSched32;Media Center Scheduler Service ;c:\windows\system32\ltimg11n32.exe --> c:\windows\system32\ltimg11n32.exe [?]
S2 ERSvc32;Error Reporting Service ;c:\windows\system32\icwdial32.exe --> c:\windows\system32\icwdial32.exe [?]
S2 ERSvc3232;Error Reporting Service ;c:\windows\system32\dhcpcsvc32.exe --> c:\windows\system32\dhcpcsvc32.exe [?]
S2 Eventlog32;Event Log ;c:\windows\system32\wmdrmnet32.exe --> c:\windows\system32\wmdrmnet32.exe [?]
S2 Eventlog3232;Event Log ;c:\windows\system32\normaliz32.exe --> c:\windows\system32\normaliz32.exe [?]
S2 EventSystem32;COM+ Event System ;c:\windows\system32\dot3api32.exe --> c:\windows\system32\dot3api32.exe [?]
S2 FastUserSwitchingCompatibility32;Fast User Switching Compatibility ;c:\windows\system32\mprui32.exe --> c:\windows\system32\mprui32.exe [?]
S2 FastUserSwitchingCompatibility3232;Fast User Switching Compatibility ;c:\windows\system32\wmdrmnet32.exe --> c:\windows\system32\wmdrmnet32.exe [?]
S2 FastUserSwitchingCompatibility323232;Fast User Switching Compatibility ;c:\windows\system32\hotplug32.exe --> c:\windows\system32\hotplug32.exe [?]
S2 Fax32;Fax ;c:\windows\system32\msencode32.exe --> c:\windows\system32\msencode32.exe [?]
S2 Fax3232;Fax ;c:\windows\system32\pngfilt32.exe --> c:\windows\system32\pngfilt32.exe [?]
S2 Fax323232;Fax ;c:\windows\system32\perfos32.exe --> c:\windows\system32\perfos32.exe [?]
S2 FileZilla Server32;FileZilla Server FTP server ;c:\windows\system32\qcliprov32.exe --> c:\windows\system32\qcliprov32.exe [?]
S2 GoogleDesktopManager-051210-11110832;Google Desktop Manager 5.9.1005.12335 ;c:\windows\system32\msltus4032.exe --> c:\windows\system32\msltus4032.exe [?]
S2 GoogleDesktopManager-051210-1111083232;Google Desktop Manager 5.9.1005.12335 ;c:\windows\system32\umpnpmgr32.exe --> c:\windows\system32\umpnpmgr32.exe [?]
S2 GoToAssist32;GoToAssist ;c:\windows\system32\kbdit14232.exe --> c:\windows\system32\kbdit14232.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-5 135664]
S2 gupdate32;Google Update Service (gupdate) ;c:\windows\system32\msdmo32.exe --> c:\windows\system32\msdmo32.exe [?]
S2 gusvc32;Google Software Updater ;c:\windows\system32\mfc4232.exe --> c:\windows\system32\mfc4232.exe [?]
S2 helpsvc32;Help and Support ;c:\windows\system32\kbdpash32.exe --> c:\windows\system32\kbdpash32.exe [?]
S2 helpsvc3232;Help and Support ;c:\windows\system32\photometadatahandler32.exe --> c:\windows\system32\photometadatahandler32.exe [?]
S2 HidServ32;HID Input Service ;c:\windows\system32\msratelc32.exe --> c:\windows\system32\msratelc32.exe [?]
S2 hkmsvc32;Health Key and Certificate Management Service ;c:\windows\system32\offfilt32.exe --> c:\windows\system32\offfilt32.exe [?]
S2 hkmsvc3232;Health Key and Certificate Management Service ;c:\windows\system32\netevent32.exe --> c:\windows\system32\netevent32.exe [?]
S2 HTTPFilter32;HTTP SSL ;c:\windows\system32\rdpsnd32.exe --> c:\windows\system32\rdpsnd32.exe [?]
S2 idsvc32;Windows CardSpace ;c:\windows\system32\wpdshserviceobj32.exe --> c:\windows\system32\WPDShServiceObj32.exe [?]
S2 idsvc3232;Windows CardSpace ;c:\windows\system32\kbdcr32.exe --> c:\windows\system32\kbdcr32.exe [?]
S2 idsvc323232;Windows CardSpace ;c:\windows\system32\kbdinbe132.exe --> c:\windows\system32\kbdinbe132.exe [?]
S2 ImapiService32;IMAPI CD-Burning COM Service ;c:\windows\system32\kbdbr32.exe --> c:\windows\system32\kbdbr32.exe [?]
S2 lanmanserver32;Server ;c:\windows\system32\msasn132.exe --> c:\windows\system32\msasn132.exe [?]
S2 LmHosts32;TCP/IP NetBIOS Helper ;c:\windows\system32\wmdrmsdk32.exe --> c:\windows\system32\wmdrmsdk32.exe [?]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\McSACore.exe [2010-10-25 88176]
S2 McAfee SiteAdvisor Service32;McAfee SiteAdvisor Service ;c:\windows\system32\msdtclog32.exe --> c:\windows\system32\msdtclog32.exe [?]
S2 McAfee SiteAdvisor Service3232;McAfee SiteAdvisor Service ;c:\windows\system32\kbdinben32.exe --> c:\windows\system32\kbdinben32.exe [?]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 Messenger32;Messenger ;c:\windows\system32\eventlog32.exe --> c:\windows\system32\eventlog32.exe [?]
S2 MHN32;MHN ;c:\windows\system32\atrace32.exe --> c:\windows\system32\atrace32.exe [?]
S2 MSDTC32;Distributed Transaction Coordinator ;c:\windows\system32\dfrgres32.exe --> c:\windows\system32\dfrgres32.exe [?]
S2 MSIServer32;Windows Installer ;c:\windows\system32\wmvsencd32.exe --> c:\windows\system32\WMVSENCD32.exe [?]
S2 MSIServer3232;Windows Installer ;c:\windows\system32\mp4sdmod32.exe --> c:\windows\system32\MP4SDMOD32.exe [?]
S2 MSIServer323232;Windows Installer ;c:\windows\system32\kbdgr32.exe --> c:\windows\system32\kbdgr32.exe [?]
S2 MSIServer32323232;Windows Installer ;c:\windows\system32\p2p32.exe --> c:\windows\system32\p2p32.exe [?]
S2 napagent32;Network Access Protection Agent ;c:\windows\system32\faultrep32.exe --> c:\windows\system32\faultrep32.exe [?]
S2 napagent3232;Network Access Protection Agent ;c:\windows\system32\msident32.exe --> c:\windows\system32\msident32.exe [?]
S2 napagent323232;Network Access Protection Agent ;c:\windows\system32\synceng32.exe --> c:\windows\system32\synceng32.exe [?]
S2 napagent32323232;Network Access Protection Agent ;c:\windows\system32\oleprn32.exe --> c:\windows\system32\oleprn32.exe [?]
S2 NetDDE32;Network DDE ;c:\windows\system32\fm2032.exe --> c:\windows\system32\FM2032.exe [?]
S2 NetDDE3232;Network DDE ;c:\windows\system32\mobsync32.exe --> c:\windows\system32\mobsync32.exe [?]
S2 NetDDEdsdm32;Network DDE DSDM ;c:\windows\system32\credui32.exe --> c:\windows\system32\credui32.exe [?]
S2 NetDDEdsdm3232;Network DDE DSDM ;c:\windows\system32\wuauserv32.exe --> c:\windows\system32\wuauserv32.exe [?]
S2 Netlogon32;Net Logon ;c:\windows\system32\odbcint32.exe --> c:\windows\system32\odbcint32.exe [?]
S2 NetSvc32;Intel NCS NetService ;c:\windows\system32\fxsres32.exe --> c:\windows\system32\fxsres32.exe [?]
S2 NetTcpPortSharing32;Net.Tcp Port Sharing Service ;c:\windows\system32\atiiiexx32.exe --> c:\windows\system32\atiiiexx32.exe [?]
S2 NetTcpPortSharing3232;Net.Tcp Port Sharing Service ;c:\windows\system32\msdtcuiu32.exe --> c:\windows\system32\msdtcuiu32.exe [?]
S2 Nla3232;Network Location Awareness (NLA) ;c:\windows\system32\dunzip3232.exe --> c:\windows\system32\dunzip3232.exe [?]
S2 NtLmSsp32;NT LM Security Support Provider ;c:\windows\system32\icfgnt532.exe --> c:\windows\system32\icfgnt532.exe [?]
S2 NtLmSsp3232;NT LM Security Support Provider ;c:\windows\system32\kbdlv32.exe --> c:\windows\system32\kbdlv32.exe [?]
S2 NtmsSvc32;Removable Storage ;c:\windows\system32\htui32.exe --> c:\windows\system32\htui32.exe [?]
S2 NWCWorkstation32;Client Service for NetWare ;c:\windows\system32\msexcl4032.exe --> c:\windows\system32\msexcl4032.exe [?]
S2 PlugPlay32;Plug and Play ;c:\windows\system32\ctl3d3232.exe --> c:\windows\system32\ctl3d3232.exe [?]
S2 PlugPlay3232;Plug and Play ;c:\windows\system32\imm3232.exe --> c:\windows\system32\imm3232.exe [?]
S2 PlugPlay323232;Plug and Play ;c:\windows\system32\msaatext32.exe --> c:\windows\system32\msaatext32.exe [?]
S2 PolicyAgent32;IPSEC Services ;c:\windows\system32\ir41_qc32.exe --> c:\windows\system32\ir41_qc32.exe [?]
S2 ProtectedStorage32;Protected Storage ;c:\windows\system32\jpeg3232.exe --> c:\windows\system32\Jpeg3232.exe [?]
S2 ProtectedStorage3232;Protected Storage ;c:\windows\system32\mmutilse32.exe --> c:\windows\system32\mmutilse32.exe [?]
S2 RasMan32;Remote Access Connection Manager ;c:\windows\system32\mshtmler32.exe --> c:\windows\system32\mshtmler32.exe [?]
S2 RDSessMgr32;Remote Desktop Help Session Manager ;c:\windows\system32\brnsplg32.exe --> c:\windows\system32\Brnsplg32.exe [?]
S2 RDSessMgr3232;Remote Desktop Help Session Manager ;c:\windows\system32\msvbvm5032.exe --> c:\windows\system32\msvbvm5032.exe [?]
S2 RemoteAccess32;Routing and Remote Access ;c:\windows\system32\dlcfcomc32.exe --> c:\windows\system32\dlcfcomc32.exe [?]
S2 RemoteAccess3232;Routing and Remote Access ;c:\windows\system32\adsmsext32.exe --> c:\windows\system32\adsmsext32.exe [?]
S2 RemoteAccess323232;Routing and Remote Access ;c:\windows\system32\iasrad32.exe --> c:\windows\system32\iasrad32.exe [?]
S2 RemoteRegistry3232;Remote Registry ;c:\windows\system32\windowscodecs32.exe --> c:\windows\system32\windowscodecs32.exe [?]
S2 RpcLocator3232;Remote Procedure Call (RPC) Locator ;c:\windows\system32\eappgnui32.exe --> c:\windows\system32\eappgnui32.exe [?]
S2 RSVP32;QoS RSVP ;c:\windows\system32\exts32.exe --> c:\windows\system32\exts32.exe [?]
S2 RSVP3232;QoS RSVP ;c:\windows\system32\itss32.exe --> c:\windows\system32\itss32.exe [?]
S2 RSVP323232;QoS RSVP ;c:\windows\system32\mtxdm32.exe --> c:\windows\system32\mtxdm32.exe [?]
S2 SamSs32;Security Accounts Manager ;c:\windows\system32\commdlg32.exe --> c:\windows\system32\commdlg32.exe [?]
S2 SamSs3232;Security Accounts Manager ;c:\windows\system32\wmidx32.exe --> c:\windows\system32\wmidx32.exe [?]
S2 Schedule32;Task Scheduler ;c:\windows\system32\ssdpsrv32.exe --> c:\windows\system32\ssdpsrv32.exe [?]
S2 Schedule3232;Task Scheduler ;c:\windows\system32\avifile32.exe --> c:\windows\system32\avifile32.exe [?]
S2 Schedule323232;Task Scheduler ;c:\windows\system32\hticons32.exe --> c:\windows\system32\hticons32.exe [?]
S2 Schedule32323232;Task Scheduler ;c:\windows\system32\msdelta32.exe --> c:\windows\system32\msdelta32.exe [?]
S2 seclogon32;Secondary Logon ;c:\windows\system32\pxdrv32.exe --> c:\windows\system32\pxdrv32.exe [?]
S2 seclogon3232;Secondary Logon ;c:\windows\system32\polstore32.exe --> c:\windows\system32\polstore32.exe [?]
S2 SharedAccess3232;Windows Firewall/Internet Connection Sharing (ICS) ;c:\windows\system32\serwvdrv32.exe --> c:\windows\system32\serwvdrv32.exe [?]
S2 SharedAccess323232;Windows Firewall/Internet Connection Sharing (ICS) ;c:\windows\system32\cfgbkend32.exe --> c:\windows\system32\cfgbkend32.exe [?]
S2 ShellHWDetection32;Shell Hardware Detection ;c:\windows\system32\jgsd40032.exe --> c:\windows\system32\jgsd40032.exe [?]
S2 ShellHWDetection3232;Shell Hardware Detection ;c:\windows\system32\dssec32.exe --> c:\windows\system32\dssec32.exe [?]
S2 Spooler32;Print Spooler ;c:\windows\system32\mspatcha32.exe --> c:\windows\system32\mspatcha32.exe [?]
S2 SSDPSRV3232;SSDP Discovery Service ;c:\windows\system32\dpnhupnp32.exe --> c:\windows\system32\dpnhupnp32.exe [?]
S2 SSDPSRV323232;SSDP Discovery Service ;c:\windows\system32\netui132.exe --> c:\windows\system32\netui132.exe [?]
S2 SwPrv32;MS Software Shadow Copy Provider ;c:\windows\system32\legitcheckcontrol32.exe --> c:\windows\system32\LegitCheckControl32.exe [?]
S2 SysmonLog32;Performance Logs and Alerts ;c:\windows\system32\icwphbk32.exe --> c:\windows\system32\icwphbk32.exe [?]
S2 SysmonLog3232;Performance Logs and Alerts ;c:\windows\system32\hotplug32.exe --> c:\windows\system32\hotplug32.exe [?]
S2 SysmonLog323232;Performance Logs and Alerts ;c:\windows\system32\icardres32.exe --> c:\windows\system32\icardres32.exe [?]
S2 TapiSrv32;Telephony ;c:\windows\system32\scredir32.exe --> c:\windows\system32\scredir32.exe [?]
S2 TermService32;Terminal Services ;c:\windows\system32\wmpasf32.exe --> c:\windows\system32\wmpasf32.exe [?]
S2 TermService3232;Terminal Services ;c:\windows\system32\aclui32.exe --> c:\windows\system32\aclui32.exe [?]
S2 Themes32;Themes ;c:\windows\system32\fxswzrd32.exe --> c:\windows\system32\fxswzrd32.exe [?]
S2 Themes3232;Themes ;c:\windows\system32\ntsdexts32.exe --> c:\windows\system32\ntsdexts32.exe [?]
S2 Toolbar Updater Service;Toolbar Updater Service;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2011-3-24 199904]
S2 TrkWks32;Distributed Link Tracking Client ;c:\windows\system32\msidle32.exe --> c:\windows\system32\msidle32.exe [?]
S2 TrkWks3232;Distributed Link Tracking Client ;c:\windows\system32\glmf3232.exe --> c:\windows\system32\glmf3232.exe [?]
S2 UPS32;Uninterruptible Power Supply ;c:\windows\system32\iedkcs3232.exe --> c:\windows\system32\iedkcs3232.exe [?]
S2 UPS3232;Uninterruptible Power Supply ;c:\windows\system32\uxtheme32.exe --> c:\windows\system32\uxtheme32.exe [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-2-17 24652]
S2 Viewpoint Manager Service32;Viewpoint Manager Service ;c:\windows\system32\sbeio32.exe --> c:\windows\system32\sbeio32.exe [?]
S2 Viewpoint Manager Service3232;Viewpoint Manager Service ;c:\windows\system32\msfeedsbs32.exe --> c:\windows\system32\msfeedsbs32.exe [?]
S2 Viewpoint Manager Service323232;Viewpoint Manager Service ;c:\windows\system32\mmcfxcommon32.exe --> c:\windows\system32\mmcfxcommon32.exe [?]
S2 VSS32;Volume Shadow Copy ;c:\windows\system32\objsel32.exe --> c:\windows\system32\objsel32.exe [?]
S2 VSS3232;Volume Shadow Copy ;c:\windows\system32\kbdlv32.exe --> c:\windows\system32\kbdlv32.exe [?]
S2 w32time32;Windows Time ;c:\windows\system32\strmfilt32.exe --> c:\windows\system32\strmfilt32.exe [?]
S2 w32time3232;Windows Time ;c:\windows\system32\mp4sdecd32.exe --> c:\windows\system32\mp4sdecd32.exe [?]
S2 WANMiniportService32;WAN Miniport (ATW) Service ;c:\windows\system32\dunzip3232.exe --> c:\windows\system32\dunzip3232.exe [?]
S2 WANMiniportService3232;WAN Miniport (ATW) Service ;c:\windows\system32\dpcdll32.exe --> c:\windows\system32\dpcdll32.exe [?]
S2 WANMiniportService323232;WAN Miniport (ATW) Service ;c:\windows\system32\prflbmsg32.exe --> c:\windows\system32\prflbmsg32.exe [?]
S2 WebClient32;WebClient ;c:\windows\system32\msvideo32.exe --> c:\windows\system32\msvideo32.exe [?]
S2 winmgmt32;Windows Management Instrumentation ;c:\windows\system32\localspl32.exe --> c:\windows\system32\localspl32.exe [?]
S2 winmgmt3232;Windows Management Instrumentation ;c:\windows\system32\dimap32.exe --> c:\windows\system32\dimap32.exe [?]
S2 WmdmPmSN32;Portable Media Serial Number Service ;c:\windows\system32\msafd32.exe --> c:\windows\system32\msafd32.exe [?]
S2 WmdmPmSN3232;Portable Media Serial Number Service ;c:\windows\system32\mdhcp32.exe --> c:\windows\system32\mdhcp32.exe [?]
S2 WmdmPmSN323232;Portable Media Serial Number Service ;c:\windows\system32\safrslv32.exe --> c:\windows\system32\safrslv32.exe [?]
S2 Wmi3232;Windows Management Instrumentation Driver Extensions ;c:\windows\system32\wmvdmod32.exe --> c:\windows\system32\wmvdmod32.exe [?]
S2 wscsvc32;Security Center ;c:\windows\system32\pxsfs32.exe --> c:\windows\system32\PxSFS32.exe [?]
S2 wuauserv32;Automatic Updates ;c:\windows\system32\msdart32.exe --> c:\windows\system32\msdart32.exe [?]
S2 WudfSvc32;Windows Driver Foundation - User-mode Driver Framework ;c:\windows\system32\olecli3232.exe --> c:\windows\system32\olecli3232.exe [?]
S2 xmlprov32;Network Provisioning Service ;c:\windows\system32\wlnotify32.exe --> c:\windows\system32\wlnotify32.exe [?]
S2 xmlprov3232;Network Provisioning Service ;c:\windows\system32\adsnt32.exe --> c:\windows\system32\adsnt32.exe [?]
S3 DisplayLinkFilter;DisplayLinkFilter;c:\windows\system32\drivers\DisplayLinkFilter.sys [2009-11-19 7040]
S3 DisplayLinkmirror;DisplayLinkmirror;c:\windows\system32\drivers\DisplayLinkmirrorport.sys [2009-11-19 24320]
S3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\drivers\DisplayLinkUsbPort_5.2.22271.0.sys [2011-3-5 21888]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.SYS [2006-8-29 17149]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2006-8-21 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-5 135664]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\mosumac.sys --> c:\windows\system32\drivers\MOSUMAC.SYS [?]
S3 NETGEAR NETGEAR_MA101_USB_Adapter®;NETGEAR NETGEAR_MA101_USB_Adapter® Service for NETGEAR MA101 USB Adapter;c:\windows\system32\drivers\ma1012kr.sys [2007-12-2 93312]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;c:\windows\system32\drivers\w300obex.sys [2007-2-16 85696]
.
=============== Created Last 30 ================
.
2011-05-14 01:15:37 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-05-14 01:15:37 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-05-08 23:37:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-05-08 23:37:48 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-05-08 23:37:48 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-05-08 23:37:48 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-05-08 23:37:48 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-05-08 23:37:48 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-05-08 23:37:48 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-05-08 23:37:48 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-05-08 23:23:55 -------- d-----w- c:\program files\DebugDiag
2011-05-03 23:50:33 0 ---ha-w- c:\documents and settings\mom and dad\sbomqvyptb.tmp
2011-05-03 00:57:27 155648 ----a-w- c:\windows\system32\lftif11n32.dll
.
==================== Find3M ====================
.
2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-03-20 04:32:03 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-05 21:51:14 3766 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-03-05 21:51:09 88 --sh--r- c:\windows\system32\06E05D1336.sys
2011-03-05 21:49:06 2072576 ----a-w- c:\windows\system32\DisplayLinkUsbCo2_5.2.22271.0.dll
2011-03-04 06:45:07 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 19:00:29 832512 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 19:00:28 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 19:00:28 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-02-17 19:00:27 17408 ------w- c:\windows\system32\corpol.dll
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-17 11:44:16 389120 ----a-w- c:\windows\system32\html.iec
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3808110AS rev.3.ADH -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8733B4F0]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x873417d0]; MOV EAX, [0x8734184c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x873C6AB8]
3 CLASSPNP[0xF7625FD7] -> nt!IofCallDriver[0x804E13B9] -> [0x872E7810]
\Driver\atapi[0x873C7D10] -> IRP_MJ_CREATE -> 0x8733B4F0
error: Read A device attached to the system is not functioning.
kernel: MBR read successfully
_asm { MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62d; }
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x8733B33B
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 9:56:17.90 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:05:20 AM

Posted 17 May 2011 - 07:16 PM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. :)

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:

  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

Rootkit UnHooker (RkU)
Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth Code, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".



NEXT:


Running OTL

We need to create a FULL OTL Report
  • Please download OTL from here:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized

NEXT:


Please provide an update on how things are running in your next reply.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#3 thatcher

thatcher
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 19 May 2011 - 08:09 PM

I had to run in safe mode with network because in normal it locks up while loading personal settings. I tried running the rootkit Un Hooker and I got an error loading driver message.
I also tried to send you the OTL reports, but while replying on the corrupted computer I got a message saying the connection was reset while the page was loading. Let me know if the OTL reports
will be helpful with out the rootkkit run first. Thanks for your help ST.......thatcher

#4 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:05:20 AM

Posted 20 May 2011 - 09:18 AM

Hi thatcher!

Rootkit UnHooker (RkU) will not work in Safe Mode.

Can you try submitting the OTL files to my submission channel?

Uploading File
Please visit this site & follow the instructions for uploading the file mentioned below.
Copy/paste the contents of the Code Box below into the Link to topic where this file was requested: box:
http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2255207
Click Browse & navigate to where the OTL.txt file is saved.

Cheers,
ST.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#5 thatcher

thatcher
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 21 May 2011 - 04:29 PM

http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2255207


ST finally got it to boot and here are your reports Thanks......Thatcher


RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>Drivers
==============================================
0xBF0B2000 C:\WINDOWS\System32\ati3duag.dll 2367488 bytes (ATI Technologies Inc. , ati3duag.dll)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2154496 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2154496 bytes
0x804D7000 RAW 2154496 bytes
0x804D7000 WMIxWDM 2154496 bytes
0xBF800000 Win32k 1859584 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1859584 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF5E41000 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 1331200 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Miniport Driver)
0xF39BB000 C:\WINDOWS\system32\drivers\sthda.sys 1069056 bytes (SigmaTel, Inc., NDRC)
0xF5C8B000 C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 1044480 bytes (Conexant Systems, Inc., HSF_DP driver)
0xF5BE4000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 684032 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xBF2F4000 C:\WINDOWS\System32\ativvaxx.dll 643072 bytes (ATI Technologies Inc. , Radeon Video Acceleration Universal Driver)
0xF72F6000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xB992F000 C:\WINDOWS\System32\Drivers\aswSnx.SYS 458752 bytes (AVAST Software, avast! Virtualization Driver)
0xB9A24000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF5B08000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xB9B67000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB06B9000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xB999F000 C:\WINDOWS\System32\Drivers\aswSP.SYS 303104 bytes (AVAST Software, avast! self protection module)
0xBF391000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xB08C9000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xB99E9000 C:\WINDOWS\system32\DRIVERS\RTL8187B.sys 241664 bytes (Realtek Semiconductor Corporation , Realtek RTL8187B NDIS Driver)
0xB9AE1000 C:\WINDOWS\system32\DRIVERS\tcpip6.sys 229376 bytes (Microsoft Corporation, IPv6 driver)
0xBF012000 C:\WINDOWS\System32\ati2dvag.dll 225280 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Display Driver)
0xBF07D000 C:\WINDOWS\System32\atikvmag.dll 217088 bytes (ATI Technologies Inc., Virtual Command And Memory Manager)
0xBF049000 C:\WINDOWS\System32\ati2cqag.dll 212992 bytes (ATI Technologies Inc., Central Memory Manager / Queue Server Module)
0xF5DAD000 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys 212992 bytes (Conexant Systems, Inc., HSF_HWB2 WDM driver)
0xF5B66000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF7463000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xB0FCD000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF72C9000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xAFD2E000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xB9A94000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF5E05000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xB9B19000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF740D000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xF5BBE000 C:\WINDOWS\system32\DRIVERS\e100b325.sys 155648 bytes (Intel Corporation, Intel® PRO/100 Adapter NDIS 5.1 driver)
0xB9B41000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xF3997000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF5DE1000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF5D8A000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xB9ABF000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806E5000 ACPI_HAL 134400 bytes
0x806E5000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF73D5000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF7433000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF72AF000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF73F5000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xB11CD000 C:\WINDOWS\System32\DLA\DLAUDFAM.SYS 98304 bytes (Sonic Solutions, Drive Letter Access Component)
0xB31FB000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xB113A000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xF7396000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF5BA7000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xB11E5000 C:\WINDOWS\System32\DLA\DLAIFS_M.SYS 90112 bytes (Sonic Solutions, Drive Letter Access Component)
0xB11B7000 C:\WINDOWS\System32\DLA\DLAUDF_M.SYS 90112 bytes (Sonic Solutions, Drive Letter Access Component)
0xF73AD000 DRVMCDB.SYS 90112 bytes (Sonic Solutions, Device Driver)
0xB11A1000 C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 90112 bytes (Microsoft Corporation, NWLINK2 IPX Protocol Driver)
0xB0F90000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF5E2D000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xB9D2B000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xF7383000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF73C3000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7452000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF5B96000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF604D000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF7802000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF5FFD000 C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 65536 bytes (Microsoft Corporation, NWLINK2 IPX Netbios Protocol Driver)
0xF7692000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7602000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xB3FF3000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF76A2000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xEEDEC000 C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 57344 bytes (Microsoft Corporation, NWLINK2 SPX Protocol Driver)
0xF75D2000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF7612000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF75B2000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF7632000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xEB90F000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF77F2000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF75A2000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF7622000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xECB81000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xB4AFF000 C:\WINDOWS\System32\Drivers\DRVNDDM.SYS 40960 bytes (Sonic Solutions, Device Driver Manager)
0xF603D000 C:\WINDOWS\system32\DRIVERS\EAPPkt.sys 40960 bytes (Windows ® 2000 DDK provider, NDIS User mode I/O Driver)
0xF7592000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF7662000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF7652000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF75C2000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xEB8FF000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF77E2000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xECB61000 C:\WINDOWS\system32\drivers\ip6fw.sys 36864 bytes (Microsoft Corporation, IPv6 Windows Firewall Driver)
0xF7642000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xECB51000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xAF8F6000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF75E2000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xECB71000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF799A000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xED006000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7992000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xEBE74000 C:\WINDOWS\System32\DLA\DLABOIOM.SYS 28672 bytes (Sonic Solutions, Drive Letter Access Component)
0xF782A000 C:\WINDOWS\system32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0xEE5F9000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF7812000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xECFCE000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF7852000 C:\WINDOWS\system32\DRIVERS\DisplayLinkmirrorport.sys 24576 bytes (DisplayLink Corp., DisplayLink Mirror Driver)
0xF2FE8000 C:\WINDOWS\System32\Drivers\DLARTL_N.SYS 24576 bytes (Sonic Solutions, Shared Driver Component)
0xF784A000 C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF7882000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF789A000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF798A000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xEE1A2000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF787A000 C:\WINDOWS\system32\DRIVERS\wanatw4.sys 24576 bytes (America Online, Inc., Wan Miniport (ATW))
0xB3259000 C:\Program Files\GameTap\bin\Release\X4HSX32.Sys 24576 bytes (Exent Technologies Ltd., X4HSX32 Kernel Mode Driver)
0xF78A2000 C:\WINDOWS\system32\DRIVERS\AegisP.sys 20480 bytes (Meetinghouse Data Communications, IEEE 802.1X Protocol Driver)
0xECFDE000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xF78E2000 C:\WINDOWS\system32\DRIVERS\flpydisk.sys 20480 bytes (Microsoft Corporation, Floppy Driver)
0xED00E000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF781A000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF786A000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF7872000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF7862000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF7942000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xB32E6000 C:\WINDOWS\System32\DLA\DLAOPIOM.SYS 16384 bytes (Sonic Solutions, Drive Letter Access Component)
0xAFF15000 C:\WINDOWS\system32\DNINDIS5.SYS 16384 bytes (Printing Communications Assoc., Inc. (PCAUSA), PCAUSA NDIS 5.0 Protocol Driver)
0xEDD90000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7A66000 C:\WINDOWS\system32\drivers\MODEMCSA.sys 16384 bytes (Microsoft Corporation, Unimodem CSA Filter)
0xF7A5A000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xB43C5000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xB43C1000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xF79A6000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF5AF8000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xEED1D000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xF7A6A000 C:\WINDOWS\System32\Drivers\i2omgmt.SYS 12288 bytes (Microsoft Corporation, I2O Utility Filter)
0x87300000 C:\WINDOWS\system32\KDCOM.DLL 12288 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xB0AEA000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 12288 bytes (Conexant, Diagnostic Interface DRIVER)
0xEDD7C000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7A3E000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF13A0000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7A32000 C:\WINDOWS\system32\DRIVERS\tunmp.sys 12288 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0xB5E11000 C:\WINDOWS\System32\Drivers\ASCTRM.SYS 8192 bytes (Windows ® 2000 DDK provider, TR Manager)
0xF7B2E000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7ADC000 C:\WINDOWS\system32\DRIVERS\DisplayLinkFilter.sys 8192 bytes (DisplayLink Corp., DisplayLink Filter Driver)
0xF7ADE000 C:\WINDOWS\System32\Drivers\DLACDBHM.SYS 8192 bytes (Sonic Solutions, Shared Driver Component)
0xF7B42000 C:\WINDOWS\System32\DLA\DLAPoolM.SYS 8192 bytes (Sonic Solutions, Drive Letter Access Component)
0xF7A94000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7B4E000 C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys 8192 bytes (Gteko Ltd., Process Trigger Driver)
0xF665F000 C:\WINDOWS\system32\DRIVERS\dsunidrv.sys 8192 bytes (Gteko Ltd., GUniDriver)
0xF7B48000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7B24000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7AA2000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7AAE000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7AE0000 C:\WINDOWS\system32\DRIVERS\serscan.sys 8192 bytes (Microsoft Corporation, Serial Imaging Device Driver)
0xF7AE2000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7AE6000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7A92000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7CE0000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF60A2000 C:\WINDOWS\System32\DLA\DLADResN.SYS 4096 bytes (Sonic Solutions, Drive Letter Access Component)
0xB53B6000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7CDC000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7B5A000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
!!!!!!!!!!!Hidden driver: 0x8733C33B ?_empty_? 3269 bytes
==============================================
>Stealth
==============================================
0xF73F5000 WARNING: suspicious driver modification [atapi.sys::0x8733C33B]
0x04220000 Hidden Image-->SupportSoft.Agent.Sprocket.dll [ EPROCESS 0x85F54BC0 ] PID: 3196, 28672 bytes
0x04030000 Hidden Image-->SupportSoft.Agent.Sprocket.SupportMessage.dll [ EPROCESS 0x85F54BC0 ] PID: 3196, 45056 bytes
0x012C0000 Hidden Image-->sprtmessage.dll [ EPROCESS 0x85F54BC0 ] PID: 3196, 77824 bytes

#6 thatcher

thatcher
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 21 May 2011 - 04:37 PM

http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2255207

OTL Extras


OTL Extras logfile created on: 4/6/2006 12:25:04 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mom and Dad\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 419.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 11.21 Gb Free Space | 16.06% Space Free | Partition Type: NTFS

Computer Name: FAMILYROOM | User Name: Mom and Dad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\WINDOWS\system32\secur3232.exe" = C:\WINDOWS\system32\secur3232.exe:*:Enabled:Windows Update Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dlcfcoms.exe" = C:\WINDOWS\system32\dlcfcoms.exe:*:Enabled:Color Printer 725 Server -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcfpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcfpswx.exe:*:Enabled:Color Printer 725 Printer Status -- ()
"C:\Program Files\Yahoo! Games\Lemonade Tycoon 2\Lemonade2.exe" = C:\Program Files\Yahoo! Games\Lemonade Tycoon 2\Lemonade2.exe:*:Enabled:Lemonade2
"C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\Content.IE5\0HYZC9Q7\wowclient-downloader[1].exe" = C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\Content.IE5\0HYZC9Q7\wowclient-downloader[1].exe:*:Enabled:Blizzard Downloader
"C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe" = C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe" = C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Home Networking Application
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Mom and Dad\Desktop\XSitePro2\XSitePro2.exe" = C:\Documents and Settings\Mom and Dad\Desktop\XSitePro2\XSitePro2.exe:*:Enabled:XSitePro2 -- (Intellimon Ltd.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\Mom and Dad\My Documents\Downloads\FLV_Player_Setup.exe" = C:\Documents and Settings\Mom and Dad\My Documents\Downloads\FLV_Player_Setup.exe:*:Enabled:Flash FLV Player
"C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe" = C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe:*:Enabled:StreamTorrent Media Player -- (StreamTorrent)
"C:\Program Files\AIM7\aim.exe" = C:\Program Files\AIM7\aim.exe:*:Disabled:AIM -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Disabled:AIM
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Disabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL -- (AOL LLC)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Disabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1176529941\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1176529941\ee\aolsoftware.exe:*:Disabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire -- (Lime Wire, LLC)
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer -- (LimeWire)
"C:\WINDOWS\system32\secur3232.exe" = C:\WINDOWS\system32\secur3232.exe:*:Enabled:Windows Update Service


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{162D2FB8-60A3-4871-B6A1-5C744CD34FF5}" = 725plc32
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3B78B379-C0E7-4FBF-9FD9-04FB6E05E60F}" = Debug Diagnostics Tool 1.1 (x86)
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{4CFCCE34-34E6-418A-ACA1-B05F24D727AE}" = DisplayLink Graphics
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5DF7DE47-B115-442D-BA4E-ACEB999CA327}" = DisplayLink Core Software
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{67E158AF-8856-4337-B483-EA21930786AF}" = GameTap
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7A3F0566-5E05-4919-9C98-456F6B5CF831}" = Get High Speed Internet!
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}" = Slingo
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{889457D5-7B32-4939-A775-D6FF973B40E9}" = Airlink101 USB Wireless Configuration Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B1E1FB29-E2FD-47D2-A06D-B6DCF7BF627E}" = MLBDugoutHeroes
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B46834CC-141E-11D5-A76F-0030AB007078}" = MA101 USB Adapter Configuration Utility
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"26D2C2C3-CF14-4ED7-B1FC-0BE64AFBA3B3" = Polar Bowler
"6285CE09-455B-494A-9E70-C9AEFD31C7CC" = Slyder
"651956B7-1969-42AA-9453-E0B813019D54" = Polar Golfer
"7-Zip" = 7-Zip 9.20
"989E4C3B-B2C9-4486-9A09-D5A8F953837C" = Bejeweled 2 Deluxe
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM Toolbar" = AIM Toolbar
"AIM YGP Picture Finder" = AIM "You've Got Pictures" Picture Finder Plugin v9.5.1.8
"AIM_7" = AIM 7
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"BitTorrent" = BitTorrent
"blink-182 - mark" = blink-182.org mark
"CCleaner" = CCleaner
"Clip Extractor_is1" = Clip Extractor 2.2.0.9
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"conduitEngine" = Conduit Engine
"Dell Color Printer 725" = Dell Color Printer 725
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Game Console" = Dell Game Console
"Disney Pirates of the Caribbean Online" = Disney Pirates of the Caribbean Online
"Dream Day Wedding" = Dream Day Wedding (remove only)
"E0814F95-5380-4892-B8C8-7FA4B349EF46" = Chuzzle Deluxe
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ESPNMotion" = ESPNMotion
"F346023B-4BB1-4541-B9D6-A4DEA1B61035" = Lemonade Tycoon 2
"FileZilla Server" = FileZilla Server (remove only)
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist Corporate
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Interwise Participant" = Interwise Participant
"KG98_2.3" = JumpStart Kindergarten 98 v2.3
"LimeWire" = LimeWire 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"myBabylon_English Toolbar" = myBabylon_English Toolbar
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"PartyPoker" = PartyPoker
"PartyPokerNet" = PartyPokerNet
"PersonalWeb" = PersonalWeb
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Prism" = Prism Video Converter
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"Smilebox" = Smilebox
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SopCast" = SopCast 3.2.4
"StartNow Toolbar" = StartNow Toolbar 2.0
"StreamTorrent 1.0" = StreamTorrent 1.0
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Switch" = Switch Sound File Converter
"TV Player Pro" = TV Player Pro v0.7
"TVAnts 1.0" = TVAnts 1.0
"USB-Ethernet Adapter Device" = USB-Ethernet Adapter Device
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC Player" = VLC Player
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"WT014560" = Balloon Blast
"WT014655" = Penguins!
"WT014665" = Polar Golfer Pineapple Cup
"WT014696" = Sportball Challenge
"WT014757" = Run 'N Gun Football
"WT014813" = NCAA Championship Run 2006
"WT016031" = Super Granny
"WT018055" = Diner Dash - Flo on the Go
"WT018137" = Believe in Santa
"WT019187" = Golf Adventure Galaxy
"WT019197" = Granny in Paradise
"WT020478" = Super Granny 3
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XSitePro2" = XSitePro2
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.2
"Move Media Player" = Move Media Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/4/2011 6:39:22 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/4/2011 6:39:22 PM | Computer Name = FAMILYROOM | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\events\lcedisp.cpp(131),
hr = 80040206: Failed to CoCreate EventSystem objec

Error - 5/4/2011 6:39:52 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/6/2011 6:44:26 PM | Computer Name = FAMILYROOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 5/6/2011 6:44:27 PM | Computer Name = FAMILYROOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/6/2011 7:15:05 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/6/2011 7:34:41 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/6/2011 8:06:48 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/6/2011 8:06:48 PM | Computer Name = FAMILYROOM | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\events\lcedisp.cpp(131),
hr = 80040206: Failed to CoCreate EventSystem objec

Error - 5/6/2011 8:07:18 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

[ System Events ]
Error - 5/14/2011 8:01:20 PM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor
Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error - 5/14/2011 8:01:21 PM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor
Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error - 5/14/2011 8:01:22 PM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor
Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error - 5/14/2011 8:52:27 PM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/15/2011 1:27:10 AM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service dlcf_device
with arguments "" in order to run the server: {323CE21C-A448-40AA-BA74-7FCF1E441060}

Error - 5/15/2011 1:27:10 AM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the dlcf_device service to
connect.

Error - 5/15/2011 1:27:10 AM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7000
Description = The dlcf_device service failed to start due to the following error:
%%1053

Error - 5/15/2011 1:31:40 AM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/15/2011 1:32:46 AM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSnx aswSP aswTdi Fips intelppm

Error - 5/15/2011 10:44:20 AM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >

#7 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:05:20 AM

Posted 21 May 2011 - 04:44 PM

Hi thatcher!

Did you open these ports below?

"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020



NEXT:


Do you have the OTL.txt log?



NEXT:



Running TDSSKiller

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#8 thatcher

thatcher
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 21 May 2011 - 04:48 PM

http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2255207

OTL part 1
OTL Part 1



OTL logfile created on: 4/6/2006 12:25:04 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mom and Dad\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 419.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 11.21 Gb Free Space | 16.06% Space Free | Partition Type: NTFS

Computer Name: FAMILYROOM | User Name: Mom and Dad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/10 05:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/04/14 09:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/24 02:59:34 | 000,199,904 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/01/15 05:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/19 18:46:55 | 000,722,280 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
PRC - [2009/11/19 18:46:53 | 000,804,200 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
PRC - [2009/11/19 18:46:52 | 004,715,880 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
PRC - [2009/10/05 12:10:02 | 003,634,024 | ---- | M] (AOL LLC) -- C:\Program Files\AIM7\aim.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/28 21:03:16 | 000,811,008 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Airlink101\AWLL3028\RtWLan.exe
PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/01/16 10:10:06 | 000,479,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DebugDiag\DbgHost.exe
PRC - [2007/01/16 10:10:04 | 000,316,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DebugDiag\DbgSvc.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/09/25 17:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1176529941\ee\aolsoftware.exe
PRC - [2006/04/06 00:24:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mom and Dad\My Documents\Downloads\OTL(1).exe
PRC - [2006/02/10 09:17:04 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/11/17 13:14:48 | 000,811,008 | ---- | M] (Interwise Ltd) -- C:\Interwise\Student\pull.exe
PRC - [2005/10/05 01:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2005/09/08 17:20:46 | 000,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
PRC - [2005/09/08 03:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2004/11/11 22:00:04 | 000,864,256 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
PRC - [2003/08/27 08:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2003/07/28 15:38:12 | 000,163,916 | ---- | M] (ATMEL) -- C:\Program Files\NETGEAR\MA101 USB Adapter Configuration Utility\WlanMonitor.exe


========== Modules (SafeList) ==========

MOD - [2011/05/10 05:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2011/03/28 11:48:30 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 17:12:05 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\security.dll
MOD - [2006/04/06 00:24:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mom and Dad\My Documents\Downloads\OTL(1).exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (xmlprov3232)
SRV - File not found [Auto | Stopped] -- -- (xmlprov32)
SRV - File not found [Auto | Stopped] -- -- (WudfSvc32)
SRV - File not found [Auto | Stopped] -- -- (wuauserv32)
SRV - File not found [Auto | Stopped] -- -- (wscsvc32)
SRV - File not found [Auto | Stopped] -- -- (Wmi3232)
SRV - File not found [Auto | Stopped] -- -- (WmdmPmSN323232)
SRV - File not found [Auto | Stopped] -- -- (WmdmPmSN3232)
SRV - File not found [Auto | Stopped] -- -- (WmdmPmSN32)
SRV - File not found [Auto | Stopped] -- -- (winmgmt3232)
SRV - File not found [Auto | Stopped] -- -- (winmgmt32)
SRV - File not found [Auto | Stopped] -- -- (WebClient32)
SRV - File not found [Auto | Stopped] -- -- (WANMiniportService323232) WAN Miniport (ATW)
SRV - File not found [Auto | Stopped] -- -- (WANMiniportService3232) WAN Miniport (ATW)
SRV - File not found [Auto | Stopped] -- -- (WANMiniportService32) WAN Miniport (ATW)
SRV - File not found [Auto | Stopped] -- -- (w32time3232)
SRV - File not found [Auto | Stopped] -- -- (w32time32)
SRV - File not found [Auto | Stopped] -- -- (VSS3232)
SRV - File not found [Auto | Stopped] -- -- (VSS32)
SRV - File not found [Auto | Stopped] -- -- (Viewpoint Manager Service323232)
SRV - File not found [Auto | Stopped] -- -- (Viewpoint Manager Service3232)
SRV - File not found [Auto | Stopped] -- -- (Viewpoint Manager Service32)
SRV - File not found [Auto | Stopped] -- -- (UPS3232)
SRV - File not found [Auto | Stopped] -- -- (UPS32)
SRV - File not found [Auto | Stopped] -- -- (TrkWks3232)
SRV - File not found [Auto | Stopped] -- -- (TrkWks32)
SRV - File not found [Auto | Stopped] -- -- (Themes3232)
SRV - File not found [Auto | Stopped] -- -- (Themes32)
SRV - File not found [Auto | Stopped] -- -- (TermService3232)
SRV - File not found [Auto | Stopped] -- -- (TermService32)
SRV - File not found [Auto | Stopped] -- -- (TapiSrv32)
SRV - File not found [Auto | Stopped] -- -- (SysmonLog323232)
SRV - File not found [Auto | Stopped] -- -- (SysmonLog3232)
SRV - File not found [Auto | Stopped] -- -- (SysmonLog32)
SRV - File not found [Auto | Stopped] -- -- (SwPrv32)
SRV - File not found [Auto | Stopped] -- -- (SSDPSRV323232)
SRV - File not found [Auto | Stopped] -- -- (SSDPSRV3232)
SRV - File not found [Auto | Stopped] -- -- (Spooler32)
SRV - File not found [Auto | Stopped] -- -- (ShellHWDetection3232)
SRV - File not found [Auto | Stopped] -- -- (ShellHWDetection32)
SRV - File not found [Auto | Stopped] -- -- (SharedAccess323232) Windows Firewall/Internet Connection Sharing (ICS)
SRV - File not found [Auto | Stopped] -- -- (SharedAccess3232) Windows Firewall/Internet Connection Sharing (ICS)
SRV - File not found [Auto | Stopped] -- -- (seclogon3232)
SRV - File not found [Auto | Stopped] -- -- (seclogon32)
SRV - File not found [Auto | Stopped] -- -- (Schedule32323232)
SRV - File not found [Auto | Stopped] -- -- (Schedule323232)
SRV - File not found [Auto | Stopped] -- -- (Schedule3232)
SRV - File not found [Auto | Stopped] -- -- (Schedule32)
SRV - File not found [Auto | Stopped] -- -- (SamSs3232)
SRV - File not found [Auto | Stopped] -- -- (SamSs32)
SRV - File not found [Auto | Stopped] -- -- (RSVP323232)
SRV - File not found [Auto | Stopped] -- -- (RSVP3232)
SRV - File not found [Auto | Stopped] -- -- (RSVP32)
SRV - File not found [Auto | Stopped] -- -- (RpcLocator3232) Remote Procedure Call (RPC)
SRV - File not found [Auto | Stopped] -- -- (RemoteRegistry3232)
SRV - File not found [Auto | Stopped] -- -- (RemoteAccess323232)
SRV - File not found [Auto | Stopped] -- -- (RemoteAccess3232)
SRV - File not found [Auto | Stopped] -- -- (RemoteAccess32)
SRV - File not found [Auto | Stopped] -- -- (RDSessMgr3232)
SRV - File not found [Auto | Stopped] -- -- (RDSessMgr32)
SRV - File not found [Auto | Stopped] -- -- (RasMan32)
SRV - File not found [Auto | Stopped] -- -- (ProtectedStorage3232)
SRV - File not found [Auto | Stopped] -- -- (ProtectedStorage32)
SRV - File not found [Auto | Stopped] -- -- (PolicyAgent32)
SRV - File not found [Auto | Stopped] -- -- (PlugPlay323232)
SRV - File not found [Auto | Stopped] -- -- (PlugPlay3232)
SRV - File not found [Auto | Stopped] -- -- (PlugPlay32)
SRV - File not found [Auto | Stopped] -- -- (NWCWorkstation32)
SRV - File not found [Auto | Stopped] -- -- (NtmsSvc32)
SRV - File not found [Auto | Stopped] -- -- (NtLmSsp3232)
SRV - File not found [Auto | Stopped] -- -- (NtLmSsp32)
SRV - File not found [Auto | Stopped] -- -- (Nla3232) Network Location Awareness (NLA)
SRV - File not found [Auto | Stopped] -- -- (NetTcpPortSharing3232)
SRV - File not found [Auto | Stopped] -- -- (NetTcpPortSharing32)
SRV - File not found [Auto | Stopped] -- -- (NetSvc32)
SRV - File not found [Auto | Stopped] -- -- (Netlogon32)
SRV - File not found [Auto | Stopped] -- -- (NetDDEdsdm3232)
SRV - File not found [Auto | Stopped] -- -- (NetDDEdsdm32)
SRV - File not found [Auto | Stopped] -- -- (NetDDE3232)
SRV - File not found [Auto | Stopped] -- -- (NetDDE32)
SRV - File not found [Auto | Stopped] -- -- (napagent32323232)
SRV - File not found [Auto | Stopped] -- -- (napagent323232)
SRV - File not found [Auto | Stopped] -- -- (napagent3232)
SRV - File not found [Auto | Stopped] -- -- (napagent32)
SRV - File not found [Auto | Stopped] -- -- (MSIServer32323232)
SRV - File not found [Auto | Stopped] -- -- (MSIServer323232)
SRV - File not found [Auto | Stopped] -- -- (MSIServer3232)
SRV - File not found [Auto | Stopped] -- -- (MSIServer32)
SRV - File not found [Auto | Stopped] -- -- (MSDTC32)
SRV - File not found [Auto | Stopped] -- -- (MHN32)
SRV - File not found [Auto | Stopped] -- -- (Messenger32)
SRV - File not found [Auto | Stopped] -- -- (McAfee SiteAdvisor Service3232)
SRV - File not found [Auto | Stopped] -- -- (McAfee SiteAdvisor Service32)
SRV - File not found [Auto | Stopped] -- -- (LmHosts32)
SRV - File not found [Auto | Stopped] -- -- (lanmanserver32)
SRV - File not found [Auto | Stopped] -- -- (ImapiService32)
SRV - File not found [Auto | Stopped] -- -- (idsvc323232)
SRV - File not found [Auto | Stopped] -- -- (idsvc3232)
SRV - File not found [Auto | Stopped] -- -- (idsvc32)
SRV - File not found [Auto | Stopped] -- -- (HTTPFilter32)
SRV - File not found [Auto | Stopped] -- -- (hkmsvc3232)
SRV - File not found [Auto | Stopped] -- -- (hkmsvc32)
SRV - File not found [Auto | Stopped] -- -- (HidServ32)
SRV - File not found [Auto | Stopped] -- -- (helpsvc3232)
SRV - File not found [Auto | Stopped] -- -- (helpsvc32)
SRV - File not found [Auto | Stopped] -- -- (gusvc32)
SRV - File not found [Auto | Stopped] -- -- (gupdate32) Google Update Service (gupdate)
SRV - File not found [Auto | Stopped] -- -- (GoToAssist32)
SRV - File not found [Auto | Stopped] -- -- (GoogleDesktopManager-051210-1111083232)
SRV - File not found [Auto | Stopped] -- -- (GoogleDesktopManager-051210-11110832)
SRV - File not found [Auto | Stopped] -- -- (FileZilla Server32)
SRV - File not found [Auto | Stopped] -- -- (Fax323232)
SRV - File not found [Auto | Stopped] -- -- (Fax3232)
SRV - File not found [Auto | Stopped] -- -- (Fax32)
SRV - File not found [Auto | Stopped] -- -- (FastUserSwitchingCompatibility323232)
SRV - File not found [Auto | Stopped] -- -- (FastUserSwitchingCompatibility3232)
SRV - File not found [Auto | Stopped] -- -- (FastUserSwitchingCompatibility32)
SRV - File not found [Auto | Stopped] -- -- (EventSystem32)
SRV - File not found [Auto | Stopped] -- -- (Eventlog3232)
SRV - File not found [Auto | Stopped] -- -- (Eventlog32)
SRV - File not found [Auto | Stopped] -- -- (ERSvc3232)
SRV - File not found [Auto | Stopped] -- -- (ERSvc32)
SRV - File not found [Auto | Stopped] -- -- (ehSched32)
SRV - File not found [Auto | Stopped] -- -- (ehRecvr32)
SRV - File not found [Auto | Stopped] -- -- (EapHost32)
SRV - File not found [Auto | Stopped] -- -- (DSBrokerService32)
SRV - File not found [Auto | Stopped] -- -- (Dnscache32323232)
SRV - File not found [Auto | Stopped] -- -- (Dnscache323232)
SRV - File not found [Auto | Stopped] -- -- (Dnscache3232)
SRV - File not found [Auto | Stopped] -- -- (Dnscache32)
SRV - File not found [Auto | Stopped] -- -- (dmserver3232)
SRV - File not found [Auto | Stopped] -- -- (dmserver32)
SRV - File not found [Auto | Stopped] -- -- (DisplayLinkService32323232)
SRV - File not found [Auto | Stopped] -- -- (DisplayLinkService323232)
SRV - File not found [Auto | Stopped] -- -- (DisplayLinkService3232)
SRV - File not found [Auto | Stopped] -- -- (DisplayLinkService32)
SRV - File not found [Auto | Stopped] -- -- (Dhcp3232)
SRV - File not found [Auto | Stopped] -- -- (Dhcp32)
SRV - File not found [Auto | Stopped] -- -- (DcomLaunch3232)
SRV - File not found [Auto | Stopped] -- -- (DcomLaunch32)
SRV - File not found [Auto | Stopped] -- -- (CryptSvc32)
SRV - File not found [Auto | Stopped] -- -- (clr_optimization_v2.0.50727_3232)
SRV - File not found [Auto | Stopped] -- -- (ClipSrv3232)
SRV - File not found [Auto | Stopped] -- -- (Browser323232)
SRV - File not found [Auto | Stopped] -- -- (Browser3232)
SRV - File not found [Auto | Stopped] -- -- (Browser32)
SRV - File not found [Auto | Stopped] -- -- (Bonjour Service3232)
SRV - File not found [Auto | Stopped] -- -- (Bonjour Service32)
SRV - File not found [Auto | Stopped] -- -- (AudioSrv32)
SRV - File not found [Auto | Stopped] -- -- (Ati HotKey Poller32)
SRV - File not found [Auto | Stopped] -- -- (aspnet_state3232)
SRV - File not found [Auto | Stopped] -- -- (aspnet_state32)
SRV - File not found [Auto | Stopped] -- -- (AppMgmt32)
SRV - File not found [Auto | Stopped] -- -- (6to432)
SRV - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/03/24 02:59:34 | 000,199,904 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Toolbar Updater Service)
SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/25 20:07:37 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/30 16:24:34 | 000,703,488 | ---- | M] (FileZilla Project) [On_Demand | Stopped] -- C:\Documents and Settings\Mom and Dad\Desktop\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
SRV - [2009/11/19 18:46:52 | 004,715,880 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/16 10:10:04 | 000,316,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\DebugDiag\DbgSvc.exe -- (DbgSvc)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2005/09/28 19:02:26 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\System32\dlcfcoms.exe -- (dlcf_device)
SRV - [2003/08/27 08:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (Normandy)
DRV - [2011/05/10 05:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 05:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 05:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 05:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 04:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 04:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 04:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/03/05 14:49:04 | 000,021,888 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DisplayLinkUsbPort_5.2.22271.0.sys -- (DisplayLinkUsbPort)
DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/11/19 18:47:21 | 000,024,320 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DisplayLinkmirrorport.sys -- (DisplayLinkmirror)
DRV - [2009/11/19 18:47:21 | 000,007,040 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DisplayLinkFilter.sys -- (DisplayLinkFilter)
DRV - [2008/12/04 07:43:26 | 000,024,576 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\GameTap\bin\Release\X4HSX32.sys -- (X4HSX32)
DRV - [2008/04/13 11:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/05/18 14:48:22 | 000,238,208 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007/04/24 09:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007/04/24 09:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/21 05:28:28 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/03/13 07:50:08 | 000,085,696 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300obex.sys -- (w300obex)
DRV - [2006/03/13 07:49:54 | 000,060,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300bus.sys -- (w300bus) Sony Ericsson W300 Driver driver (WDM)
DRV - [2006/02/10 09:19:12 | 001,107,224 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/08 03:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 03:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 03:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 03:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 03:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 03:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 03:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 10:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 10:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/03 19:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/01/03 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/08/10 03:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 03:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/11/17 12:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 12:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 12:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/07/24 12:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\DNINDIS5.SYS -- (DNINDIS5)
DRV - [2003/01/17 12:58:00 | 000,093,312 | ---- | M] (ATMEL) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma1012kr.sys -- (NETGEAR NETGEAR_MA101_USB_Adapter®) NETGEAR NETGEAR_MA101_USB_Adapter®
DRV - [2003/01/10 14:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9E 99 A3 00 D3 03 CF 40 83 89 CC E9 BD FC 03 97 [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8992

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9E 99 A3 00 D3 03 CF 40 83 89 CC E9 BD FC 03 97 [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8992

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9E 99 A3 00 D3 03 CF 40 83 89 CC E9 BD FC 03 97 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9E 99 A3 00 D3 03 CF 40 83 89 CC E9 BD FC 03 97 [binary data]

IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJxdm086YYUS&fl=0&ptb=qMR._V1CFwXWvyOeIi7JIw&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE_PLUSY_USONLY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110409&user_guid=5A9AE84CC413451A91372FDC8262F2A7&machine_id=bd5d5e390a25fd3b85b195c2c7a5663d&browser=IE&os=win&os_version=5.1-x86-SP3
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9E 99 A3 00 D3 03 CF 40 83 89 CC E9 BD FC 03 97 [binary data]
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-tyc"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-tyc"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.5331
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:2.5.6.0
FF - prefs.js..extensions.enabledItems: button@youtubeclipextractor.com:2.2.0.8
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.4.20101212100510
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.0
FF - prefs.js..extensions.enabledItems: {d9a61b0e-6a8b-45e7-8119-7151fbb0facc}:1.0
FF - prefs.js..extensions.enabledItems: {c868dfad-b7cf-41c1-88b8-c423ac5ed7c7}:1.0
FF - prefs.js..keyword.URL: "http://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE_PLUSY_USONLY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110409&user_guid=5A9AE84CC413451A91372FDC8262F2A7&machine_id=bd5d5e390a25fd3b85b195c2c7a5663d&browser=FF&os=win&os_version=5.1-x86-SP3&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\FireFox\Extensions\\PersonalWeb_v1310@claria.com: C:\Program Files\Claria\PersonalWeb\FF_v1310 [2006/09/17 17:27:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\FireFox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/04 22:09:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/13 19:55:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/08 17:12:46 | 000,000,000 | ---D | M]

[2009/12/15 22:29:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Extensions
[2009/12/15 22:29:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/09 15:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions
[2010/07/31 09:19:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/08 17:53:08 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/05/09 15:39:53 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/09 15:39:54 | 000,000,000 | ---D | M] (myBabylon English Community Toolbar) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
[2011/05/09 15:40:24 | 000,000,000 | ---D | M] ("AOL Messaging Toolbar") -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2011/05/06 18:08:34 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{c868dfad-b7cf-41c1-88b8-c423ac5ed7c7}
[2011/05/03 18:49:44 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{d9a61b0e-6a8b-45e7-8119-7151fbb0facc}
[2011/05/09 15:39:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\engine@conduit.com
[2010/03/15 19:29:26 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\searchplugins\aim-search.xml
[2011/04/08 17:53:09 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\searchplugins\bing-zugo.xml
[2007/05/12 13:45:39 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\searchplugins\siteadvisor.xml
[2011/05/08 17:12:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/15 00:14:01 | 000,000,000 | ---D | M] (Clip Extractor) -- C:\Program Files\Mozilla Firefox\extensions\button@youtubeclipextractor.com
File not found (No name found) --
[2010/01/23 09:25:36 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\MOM AND DAD\APPLICATION DATA\MOVE NETWORKS
[2009/12/15 22:27:06 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/05/04 22:09:31 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/04/14 09:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2006/01/18 12:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
[2007/04/16 10:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/05/29 10:59:05 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/12/15 08:49:44 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

Hosts file not found
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - File not found
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\prxtbmyB0.dll (Conduit Ltd.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (PersonalWebBHO) - {D35980CB-66DF-477B-BF63-64EB8F48CB3A} - C:\Program Files\Claria\PersonalWeb\PersonalWebIE_v1310.dll (Claria Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\prxtbmyB0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [%PROVIDERID%] File not found
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DLCFCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.DLL ()
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1176529941\ee\AOLSoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005..\Run: [Aim] C:\Program Files\AIM7\aim.exe (AOL LLC)
O4 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005..\Run: [Malware Protection] File not found
O4 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Airlink101 USB Wireless Configuration Utility.lnk = C:\Program Files\Airlink101\AWLL3028\RtWLan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MA101 Configuration Utility .lnk = C:\Program Files\NETGEAR\MA101 USB Adapter Configuration Utility\WlanMonitor.exe (ATMEL)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Push Client.LNK = C:\Interwise\Student\pull.exe (Interwise Ltd)
O4 - Startup: C:\Documents and Settings\DJ\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Open PersonalWeb - {03F0E28F-1C51-4a56-A8F1-E8BF15AF8346} - C:\Program Files\Claria\PersonalWeb\PersonalWebIE_v1310.dll (Claria Corporation)
O9 - Extra Button: Add to My Sites - {1BD60387-6806-4897-8002-0B855DFEAEEA} - C:\Program Files\Claria\PersonalWeb\PersonalWebIE_v1310.dll (Claria Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: Download with YouTube Clip Extractor - {b9b12deb-a92b-4496-898a-8ce5d29505b4} - C:\Program Files\Clip Extractor\ClipExtractor.exe ()
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {11865A2A-649F-4FA1-8B99-B97DF8070B7C} http://konicaminolta.interwise.com/webinar/English/ActiveX/IWsystemchecks.cab (IWSystemchecks Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} http://pictures04.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.8.cab (AIM UPF Control)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Java Plug-in 1.5.0_08)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\WINDOWS\SYSTEM32\LFTIF11N32.DLL) - C:\WINDOWS\system32\lftif11n32.dll (AIDEX Team)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 02:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{174d5b78-c7aa-11db-8592-00095b36f912}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/14 09:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Attach,txt
[2011/05/13 18:15:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/05/13 18:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/05/13 18:15:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/05/08 17:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Debug Diagnostics Tool 1.1
[2011/05/08 16:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\DebugDiag
[2011/05/03 09:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011/05/02 17:57:27 | 000,155,648 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\lftif11n32.dll
[2011/04/17 22:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Brooke's taxes
[2011/04/08 17:54:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\VLC
[2011/04/08 17:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Client
[2011/04/08 17:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/04/08 17:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2011/04/08 17:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\VlcPlus
[2011/03/14 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\ESPN
[2011/03/06 22:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\UsbMac
[2011/03/05 15:19:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2011/03/05 15:18:59 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2011/03/05 14:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\DisplayLink Graphics
[2011/03/05 14:49:47 | 002,072,576 | ---- | C] (DisplayLink Corp.) -- C:\WINDOWS\System32\DisplayLinkUsbCo2_5.2.22271.0.dll
[2011/03/05 14:49:47 | 000,021,888 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\WINDOWS\System32\drivers\DisplayLinkUsbPort_5.2.22271.0.sys
[2011/03/05 14:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\DisplayLink Core Software
[2011/03/05 14:48:09 | 000,237,568 | ---- | C] (--) -- C:\WINDOWS\System32\MacUnInstall.exe
[2011/03/05 13:35:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Brooke's Homework
[2011/03/05 13:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\CCWin
[2011/03/05 13:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\CC_SCAN
[2011/03/05 13:35:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\CoH
[2011/02/17 15:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Email
[2011/02/11 06:25:52 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2011/02/10 21:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS
[2011/02/10 14:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\dj
[2011/02/02 00:58:35 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2011/01/27 04:57:06 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2011/01/21 07:44:37 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2011/01/04 12:04:21 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/04 12:04:21 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/04 12:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/01/04 12:04:20 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/04 12:04:20 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/04 12:04:19 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/04 12:04:19 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/04 12:04:18 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/04 12:04:03 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/04 12:04:03 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/04 12:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011/01/04 12:03:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/01/03 18:59:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Malwarebytes
[2011/01/03 18:59:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/01/03 18:59:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/03 18:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/01/03 18:59:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/01/03 18:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/29 14:03:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Scans
[2010/12/22 20:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\ConduitEngine
[2010/12/22 17:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/15 15:56:21 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 15:55:07 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/01 15:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2010/12/01 15:06:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{346564C3-1CD0-440B-AE7A-F644B66D2026}
[2010/12/01 15:03:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2010/12/01 15:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\PackageAware
[2010/12/01 13:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\KMBS
[2010/11/29 18:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/11/29 18:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/11/18 11:12:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/11/15 20:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\BrowserPlus
[2010/11/15 20:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Yahoo!
[2010/11/09 07:52:35 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/11/09 07:52:35 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll
[2010/11/09 07:52:35 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/11/09 07:52:35 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/11/09 07:52:35 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/11/09 07:52:35 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/11/08 05:41:00 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/11/08 05:41:00 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/11/08 05:41:00 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/11/08 05:41:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/11/08 05:41:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/10/26 20:04:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Desktop
[2010/10/26 19:56:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2010/10/26 19:56:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2010/10/25 20:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\SiteAdvisor
[2010/10/25 20:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mcafee
[2010/10/25 20:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/10/25 20:12:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/10/25 20:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2010/10/25 20:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Citrix
[2010/10/25 19:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/10/22 18:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/10/12 12:14:39 | 000,000,000 | ---D | C] -- C:\489553a6e9b68f4224
[2010/10/12 12:06:26 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2010/10/12 12:06:26 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/12 12:06:25 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/12 12:06:14 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/10/12 11:05:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2010/08/26 22:57:43 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srvsvc.dll
[2010/08/17 06:17:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2010/08/11 13:02:21 | 000,000,000 | ---D | C] -- C:\hegames
[2010/08/01 12:13:15 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/31 09:15:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\NCH Swift Sound
[2010/07/16 05:05:55 | 001,288,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2010/06/19 10:35:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Intellichlor
[2010/06/18 10:45:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2010/06/15 00:24:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2010/06/15 00:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/06/15 00:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Related Programs
[2010/06/15 00:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Prism Video Converter
[2010/06/15 00:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010/06/15 00:15:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2010/06/15 00:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs
[2010/06/15 00:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Switch Sound File Converter
[2010/06/15 00:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2010/06/15 00:13:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Clip Extractor
[2010/06/15 00:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\Clip Extractor
[2010/05/29 16:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\myBabylon_English
[2010/05/29 11:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\StreamTorrent 1.0
[2010/05/29 11:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\StreamTorrent 1.0
[2010/05/29 10:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\vlc
[2010/05/29 10:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Flash Player
[2010/05/29 10:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Conduit
[2010/05/29 10:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\myBabylon_English
[2010/05/29 10:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/05/29 10:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\Flash Player
[2010/05/29 10:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\myBabylon_English
[2010/04/19 22:30:08 | 000,290,432 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010/04/16 09:05:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Monotype Imaging
[2010/04/16 09:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Monotype Imaging
[2010/04/16 08:55:26 | 000,061,440 | ---- | C] (Monotype Imaging Inc.) -- C:\WINDOWS\System32\KMP4MON.DLL
[2010/04/16 08:36:56 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2010/04/13 18:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\DJ taxes
[2010/03/31 00:16:34 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHostProxy.dll
[2010/03/31 00:10:40 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHost.exe
[2010/03/30 12:24:40 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdecd.dll
[2010/03/30 00:52:26 | 000,262,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2010/03/27 09:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/03/27 09:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/03/27 09:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/03/27 09:55:25 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/03/27 09:55:25 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/03/27 09:55:25 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/03/27 09:55:25 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/03/27 09:55:25 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/03/27 09:55:25 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/03/27 09:55:24 | 000,000,000 | ---D | C] -- C:\d3792249b61293bd317975b1
[2010/03/22 20:23:15 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/03/22 15:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\BitTorrent
[2010/03/22 15:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitTorrent
[2010/03/22 15:05:41 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2010/03/16 13:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\FileZilla
[2010/03/16 13:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\FileZilla FTP Client
[2010/03/16 12:54:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\FileZilla Server
[2010/03/16 12:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Desktop\FileZilla Server
[2010/03/16 10:17:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\AIM Toolbar
[2010/03/16 09:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\XSitePro2
[2010/03/16 09:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\XSitePro-Data
[2010/03/16 09:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Thraex Software
[2010/03/16 09:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Desktop\XSitePro2
[2010/03/15 19:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\AIM Toolbar
[2010/03/15 19:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2010/03/15 19:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/03/15 19:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\AIM
[2010/03/15 19:27:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/03/15 19:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIM
[2010/03/15 19:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\AIM7
[2010/03/15 19:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Desktop\B&A Website
[2010/03/05 07:37:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010/02/19 22:26:54 | 000,000,000 | ---D | C] -- C:\562d52e0a9624469ca6f962a79a5af
[2010/02/11 21:33:11 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010/02/10 09:48:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\SupportSoft
[2010/02/09 21:39:04 | 000,000,000 | ---D | C] -- C:\FILES
[2010/02/03 21:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2010/02/03 21:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/02/03 21:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/02/03 21:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/02/03 21:16:42 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/02/03 20:33:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/23 09:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Move Networks
[2010/01/19 21:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Mgr Review
[2010/01/13 07:01:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2010/01/05 21:06:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Temp
[2010/01/05 21:06:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\SupportSoft
[2009/12/30 14:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Dell
[2009/12/30 14:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support Center
[2009/12/30 14:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/12/30 14:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2009/12/30 14:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2009/12/30 13:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Dell
[2009/12/23 23:59:40 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2009/12/16 11:43:27 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/12/15 22:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2009/12/15 22:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/12/15 22:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/12/15 22:48:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/12/15 22:37:45 | 002,065,696 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2009/12/15 22:28:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\LimeWire
[2009/12/15 22:27:56 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/12/15 22:27:56 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/12/15 22:27:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/12/15 22:27:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/12/15 22:27:56 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/12/15 22:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/12/14 00:08:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2009/11/27 10:11:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009/11/27 09:07:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2009/11/27 09:07:35 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009/11/27 09:07:34 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009/11/27 09:07:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009/11/19 18:47:21 | 000,024,320 | ---- | C] (DisplayLink Corp.) -- C:\WINDOWS\System32\drivers\DisplayLinkmirrorport.sys
[2009/11/19 18:47:21 | 000,018,816 | ---- | C] (DisplayLink Corp.) -- C:\WINDOWS\System32\DisplayLinkmirrordisp.dll
[2009/11/19 18:47:21 | 000,007,040 | ---- | C] (DisplayLink Corp.) -- C:\WINDOWS\System32\drivers\DisplayLinkFilter.sys
[2009/11/13 15:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
[2009/11/07 01:07:08 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netfxperf.dll
[2009/11/05 03:02:07 | 000,000,000 | ---D | C] -- C:\Brooke
[2009/10/24 08:44:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/10/20 22:38:36 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2009/10/20 22:38:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2009/10/20 09:20:16 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2009/10/13 03:30:16 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2009/10/12 06:38:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2009/10/12 06:38:18 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2009/10/03 10:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/09/27 11:11:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\StreamTorrent
[2009/09/13 08:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Downloads
[2009/09/04 14:03:36 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2009/08/22 09:54:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\SopCast-3.2.4
[2009/08/05 02:01:48 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/07/28 21:37:01 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2009/07/28 21:37:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2009/07/27 16:17:41 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll
[2009/07/19 15:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Sound Schedule
[2009/07/17 12:01:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2009/07/17 09:22:18 | 001,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2009/07/15 19:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PokerStars.NET
[2009/07/15 19:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.NET
[2009/07/13 23:43:24 | 010,841,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009/07/13 23:43:24 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009/06/25 01:25:26 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2009/06/25 01:25:26 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2009/06/25 01:25:26 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2009/06/24 04:18:41 | 000,092,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2009/06/18 00:13:31 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys
[2009/06/18 00:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2009/06/18 00:08:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GamesCampus
[2009/06/17 23:32:04 | 000,000,000 | ---D | C] -- C:\GamesCampus
[2009/06/12 05:31:40 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2009/06/12 05:31:39 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/06/10 09:19:38 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/06/10 07:13:29 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2009/06/09 23:14:49 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2009/05/16 11:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\sf
[2009/05/16 11:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Drivers
[2009/05/07 08:32:35 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2009/05/01 11:30:36 | 003,366,912 | ---- | C] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2009/04/20 10:17:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll
[2009/04/18 09:23:32 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 07:51:25 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2009/04/01 23:02:22 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/03/29 12:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\John's taxes
[2009/03/21 07:06:58 | 000,989,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2009/03/15 11:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\The Bible
[2009/03/14 16:29:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Apple
[2009/03/14 09:11:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\DJ Baseball
[2009/03/09 23:16:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\HTML
[2009/03/01 10:38:32 | 001,878,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Documents and Settings\Mom and Dad\Desktop\install_flash_player(3).exe
[2009/02/23 23:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Apple Computer
[2009/02/22 12:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/02/22 12:33:48 | 004,909,440 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Mom and Dad\Desktop\Silverlight.2.0.exe
[2009/02/16 11:50:57 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2009/02/16 11:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2009/02/03 12:59:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2009/01/15 19:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GameTap
[2009/01/15 19:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\GameTap
[2009/01/15 19:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GameTap
[2009/01/15 19:17:12 | 034,197,368 | ---- | C] (Macrovision Corporation) -- C:\Documents and Settings\Mom and Dad\Desktop\gametap_setup.exe
[2009/01/01 01:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2008/12/31 11:46:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\acccore
[2008/12/16 05:30:34 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2008/12/14 14:17:20 | 123,368,360 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Mom and Dad\Desktop\Office2003SP3-KB923618-FullFile-ENU.exe
[2008/12/14 14:14:47 | 006,053,448 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Mom and Dad\Desktop\office2003-KB954464-FullFile-ENU.exe
[2008/12/12 12:18:16 | 000,087,336 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2008/12/12 12:11:46 | 000,061,440 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[2008/12/04 23:54:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2008/12/01 23:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Corel User Files
[2008/12/01 23:28:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Corel
[2008/11/25 22:37:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/11/24 23:02:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2008/11/24 23:02:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008/11/24 23:02:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2008/11/24 23:02:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2008/11/24 22:59:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2008/11/24 22:51:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2008/11/23 10:30:44 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2008/11/23 10:30:39 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2008/11/23 10:30:37 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2008/11/23 10:30:35 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2008/11/23 10:30:35 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2008/11/23 10:30:35 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2008/11/23 10:30:35 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2008/11/23 10:30:34 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2008/11/23 10:30:34 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2008/11/23 10:30:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008/11/23 10:30:32 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2008/11/23 10:30:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2008/11/23 10:30:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2008/11/23 10:30:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2008/11/23 10:30:16 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2008/11/23 10:30:16 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2008/11/23 10:30:16 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2008/11/23 10:30:16 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2008/11/23 10:30:16 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2008/11/23 10:30:16 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2008/11/23 10:30:16 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2008/11/23 10:30:16 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2008/11/23 10:30:15 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2008/11/23 10:30:15 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2008/11/23 10:30:15 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2008/11/23 10:30:15 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2008/11/23 10:30:12 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2008/11/23 10:30:09 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2008/11/23 10:30:09 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2008/11/23 10:30:08 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2008/11/23 10:30:08 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2008/11/23 10:30:07 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2008/11/23 10:30:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2008/11/23 10:30:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2008/11/23 10:30:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2008/11/23 10:30:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2008/11/23 10:30:03 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2008/11/23 10:30:00 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2008/11/23 10:29:56 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2008/11/23 10:29:52 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2008/11/23 10:29:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2008/11/23 10:29:52 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2008/11/23 10:29:51 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2008/11/23 10:29:51 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2008/11/23 10:29:51 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2008/11/23 10:29:50 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2008/11/23 10:29:50 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2008/11/23 10:29:50 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2008/11/23 10:29:50 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2008/11/23 10:29:50 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2008/11/23 10:29:48 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2008/11/23 10:29:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2008/11/23 10:29:33 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2008/11/23 10:29:33 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2008/11/23 10:29:33 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2008/11/23 10:29:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2008/11/23 10:29:20 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2008/11/23 10:29:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2008/11/23 10:29:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2008/11/23 10:29:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2008/11/23 10:29:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2008/11/23 10:29:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2008/11/23 10:29:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2008/11/23 10:29:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2008/11/23 10:28:57 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2008/11/23 10:28:50 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2008/11/23 10:28:48 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2008/11/23 10:28:48 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2008/11/23 10:28:48 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2008/11/23 10:28:48 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2008/11/23 10:28:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2008/11/23 10:28:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2008/11/23 10:28:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2008/11/23 10:28:44 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2008/11/23 10:28:44 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2008/11/23 10:28:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2008/11/23 10:28:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2008/11/23 10:28:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2008/11/23 10:28:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2008/11/23 10:28:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2008/11/23 10:28:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2008/11/23 10:28:34 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2008/11/23 10:28:33 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2008/11/23 10:28:32 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2008/11/23 10:28:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2008/11/23 10:28:31 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2008/11/23 10:28:31 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2008/11/23 10:28:31 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2008/11/23 10:28:31 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2008/11/23 10:28:31 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2008/11/23 10:28:30 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2008/11/23 10:28:30 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2008/11/23 10:28:30 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2008/11/23 10:28:30 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2008/11/23 10:28:30 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2008/11/23 10:28:30 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2008/11/23 10:28:30 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2008/11/23 10:28:29 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2008/11/23 10:28:29 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2008/11/23 10:28:29 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2008/11/23 10:28:29 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2008/11/23 10:28:29 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2008/11/23 10:28:29 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2008/11/23 10:28:29 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2008/11/23 10:28:29 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2008/11/23 10:28:28 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2008/11/23 10:28:28 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2008/11/23 10:28:28 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2008/11/23 10:28:28 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2008/11/23 10:28:28 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2008/11/23 10:28:28 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2008/11/23 10:28:28 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2008/11/23 10:28:28 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2008/11/23 10:28:28 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2008/11/23 10:28:28 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2008/11/23 10:28:28 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2008/11/23 10:28:19 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2008/11/23 10:28:19 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2008/11/23 10:28:19 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2008/11/23 10:28:19 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2008/11/23 10:28:19 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2008/11/23 10:28:19 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2008/11/23 10:28:19 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2008/11/23 10:28:17 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2008/11/22 20:21:48 | 000,455,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/10/26 10:16:34 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2008/10/23 05:36:14 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2008/10/15 18:20:04 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2008/10/15 18:19:24 | 001,857,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2008/10/15 18:19:18 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2008/10/15 18:19:17 | 002,192,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2008/10/15 18:19:16 | 002,069,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2008/10/15 18:19:16 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2008/10/11 16:29:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/10/08 01:19:47 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2008/10/08 01:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2008/10/08 01:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2008/10/08 01:14:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2008/10/08 01:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2008/10/08 01:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/09/29 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2008/09/27 12:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Move Networks
[2008/09/27 09:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\TV Player Pro
[2008/09/27 09:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\TV Player Pro
[2008/09/21 17:28:47 | 007,499,056 | ---- | C] (Mozilla) -- C:\Documents and Settings\Mom and Dad\Desktop\Firefox Setup 3.0.1.exe
[2008/09/21 11:04:34 | 001,495,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Documents and Settings\Mom and Dad\Desktop\install_flash_player(2).exe
[2008/09/21 10:33:33 | 001,495,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Documents and Settings\Mom and Dad\Desktop\install_flash_player.exe
[2008/08/19 21:12:07 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/08/19 21:11:20 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008/08/04 18:26:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2008/07/29 21:10:04 | 000,493,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evr.dll
[2008/07/29 21:10:04 | 000,073,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxva2.dll
[2008/07/29 21:10:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TsWpfWrp.exe
[2008/07/29 19:59:58 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationNative_v0300.dll
[2008/07/29 19:59:58 | 000,161,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UIAutomationCore.dll
[2008/07/29 19:59:58 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
[2008/07/29 19:24:50 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icardagt.exe
[2008/07/29 19:24:50 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infocardapi.dll
[2008/07/29 19:24:50 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infocardcpl.cpl
[2008/07/29 19:24:50 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icardres.dll
[2008/07/29 05:49:58 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icardres.dll.mui
[2008/07/25 11:16:58 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscorier.dll
[2008/07/25 11:16:58 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscories.dll
[2008/07/07 13:26:58 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2008/06/29 09:15:56 | 000,238,208 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\rtl8187B.sys
[2008/06/29 09:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Airlink101 USB Wireless Configuration Utility
[2008/06/29 09:15:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTL8187
[2008/06/29 09:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Airlink101
[2008/06/29 09:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\InstallShield
[2008/06/24 09:43:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2008/06/20 10:46:57 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2008/06/20 10:46:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2008/06/20 04:51:12 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2008/06/20 04:40:08 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2008/06/20 04:08:27 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2008/06/18 06:03:14 | 002,462,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2008/06/18 06:03:08 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMNetmgr.dll
[2008/06/18 02:09:22 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2008/06/17 12:02:19 | 008,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2008/06/15 09:45:47 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2008/06/15 09:45:45 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2008/06/12 07:23:32 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008/06/12 07:23:32 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008/06/12 07:23:32 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008/06/12 07:23:32 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008/06/12 07:23:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2008/06/12 07:23:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008/06/07 21:38:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IOSUBSYS
[2008/06/07 20:37:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Updater
[2008/06/07 20:37:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2008/05/09 16:23:42 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2008/05/09 03:53:40 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2008/05/09 03:53:40 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2008/05/09 03:53:40 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2008/05/09 03:53:39 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2008/05/09 03:53:39 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2008/05/08 04:24:44 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2008/05/07 02:07:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2008/04/14 16:55:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TVAnts
[2008/04/14 16:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\TVAnts
[2008/04/14 11:52:52 | 002,838,857 | ---- | C] (A.I.SOFT,INC.) -- C:\Documents and Settings\Mom and Dad\Desktop\CC_SCAN(3).EXE
[2008/04/14 11:52:43 | 002,838,857 | ---- | C] (A.I.SOFT,INC.) -- C:\Documents and Settings\Mom and Dad\Desktop\CC_SCAN(2).EXE
[2008/04/14 11:47:51 | 002,838,857 | ---- | C] (A.I.SOFT,INC.) -- C:\Documents and Settings\Mom and Dad\Desktop\CC_SCAN.EXE
[2008/03/24 21:50:58 | 000,621,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswstr10.dll
[2008/03/24 21:50:58 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxbde40.dll
[2008/03/24 21:50:57 | 000,838,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswdat10.dll
[2008/03/24 21:50:55 | 000,264,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstext40.dll
[2008/03/24 21:50:52 | 000,559,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrepl40.dll
[2008/03/24 21:50:49 | 000,322,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd3x40.dll
[2008/03/24 21:50:47 | 000,432,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd2x40.dll
[2008/03/24 21:50:45 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspbde40.dll
[2008/03/24 21:50:44 | 000,219,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msltus40.dll
[2008/03/24 21:50:42 | 000,248,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjtes40.dll
[2008/03/24 21:50:42 | 000,060,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjter40.dll
[2008/03/24 21:50:34 | 001,516,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjet40.dll
[2008/03/24 21:50:30 | 000,326,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexcl40.dll
[2008/03/24 21:50:28 | 000,518,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexch40.dll
[2008/03/24 21:50:25 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/03/16 14:08:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Snapfish
[2008/02/18 19:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Disney Pirates of the Caribbean Online
[2008/02/18 19:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\Disney
[2008/01/23 22:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\LimeWire
[2008/01/12 10:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Apple Computer
[2008/01/05 00:17:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2007/12/26 14:49:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2007/12/26 14:48:59 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2007/12/23 10:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2007/12/23 10:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\SopCast
[2007/12/15 18:56:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2007/12/15 18:56:19 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2007/12/15 18:56:19 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2007/12/15 18:56:18 | 006,075,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2007/12/15 18:56:18 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2007/12/15 18:56:18 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2007/12/15 18:56:18 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2007/12/15 18:56:18 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2007/12/15 18:56:18 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2007/12/15 18:56:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2007/12/15 18:55:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2007/12/15 18:55:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2007/12/15 18:54:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2007/12/15 18:54:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2007/12/15 18:53:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2007/12/15 18:52:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2007/12/15 18:52:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2007/12/15 14:28:58 | 000,073,728 | ---- | C] (ATMEL) -- C:\WINDOWS\System32\drivers\MA1012KA.SYS
[2007/12/15 14:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NETGEAR MA101 USB
[2007/12/02 11:28:11 | 000,093,312 | ---- | C] (ATMEL) -- C:\WINDOWS\System32\drivers\ma1012kr.sys
[2007/12/02 11:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\MA 101 IMP
[2007/12/01 21:47:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\MA 101
[2007/11/13 20:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\SupportSoft
[2007/10/30 18:09:30 | 000,002,560 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2007/10/30 18:09:30 | 000,002,432 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2007/10/30 18:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Picasa2
[2007/10/27 18:40:30 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2007/09/16 11:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\acccore
[2007/08/17 21:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\PartyGaming
[2007/08/13 19:54:10 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2007/08/13 19:54:10 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2007/08/13 19:54:10 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2007/08/13 19:54:10 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[2007/08/13 19:54:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2007/08/13 19:45:18 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2007/08/13 19:45:16 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2007/08/13 19:45:10 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2007/08/13 19:44:30 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2007/08/13 19:44:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2007/08/13 19:44:06 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2007/08/13 19:43:56 | 000,634,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2007/08/13 19:42:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2007/08/13 19:39:54 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2007/08/13 19:39:50 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2007/08/13 19:39:26 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2007/08/13 19:39:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[2007/08/13 19:39:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[2007/08/13 19:39:10 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2007/08/13 19:39:10 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2007/08/13 19:39:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2007/08/13 19:39:00 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2007/08/13 19:36:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2007/08/13 19:36:06 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[2007/08/13 19:32:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2007/08/13 19:32:16 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2007/08/13 19:18:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2007/08/13 19:01:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[2007/08/13 18:56:54 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2007/08/13 18:50:08 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[2007/08/08 18:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\YGP
[2007/08/04 11:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2007/08/04 11:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\AOL OCP
[2007/07/11 13:27:48 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[2007/06/29 17:12:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Viewpoint
[2007/06/20 21:07:08 | 000,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2007/06/20 21:07:08 | 000,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2007/06/17 12:38:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Viewpoint
[2007/06/17 11:12:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Viewpoint
[2007/06/17 11:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Viewpoint
[2007/06/06 11:53:34 | 001,195,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\FM20.DLL
[2007/06/02 09:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Sonic
[2007/06/02 09:20:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Leadertech
[2007/05/11 15:48:28 | 000,143,360 | ---- | C] (Inner Media, Inc.) -- C:\WINDOWS\System32\dunzip32.dll
[2007/05/11 15:40:05 | 000,591,400 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Mom and Dad\Desktop\DMSetup.exe
[2007/04/29 10:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\filelib
[2007/04/24 09:33:44 | 000,108,680 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s125mdm.sys
[2007/04/24 09:33:42 | 000,015,112 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s125mdfl.sys
[2007/04/24 09:33:38 | 000,012,424 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s125cmnt.sys
[2007/04/24 09:33:38 | 000,012,424 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s125cm.sys
[2007/04/20 08:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2007/04/17 20:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\AOL
[2007/04/16 20:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\URGE
[2007/04/16 20:34:54 | 000,000,000 | ---D | C] -- C:\Start Menu
[2007/04/16 20:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\MTV Networks
[2007/04/16 20:31:27 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2007/04/13 22:52:51 | 000,065,536 | ---- | C] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
[2007/04/08 16:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\DellSupport
[2007/03/22 20:17:04 | 000,035,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\FM20ENU.DLL
[2007/03/12 20:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/03/11 10:20:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2007/03/11 10:20:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2007/03/11 10:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Network Assistant
[2007/03/06 23:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2007/03/06 23:03:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2007/03/06 23:03:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2007/03/06 23:01:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2007/03/06 00:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2007/02/25 12:10:48 | 000,005,376 | --S- | C] (Gteko Ltd.) -- C:\WINDOWS\System32\drivers\dsunidrv.sys
[2007/02/24 15:45:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\AOL
[2007/02/19 20:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Aim
[2007/02/18 18:09:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2007/02/18 18:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo! Games
[2007/02/16 20:19:06 | 000,085,696 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\w300obex.sys
[2007/02/16 20:19:06 | 000,006,208 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\w300cmnt.sys
[2007/02/16 20:19:06 | 000,006,208 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\w300cm.sys
[2007/02/16 20:17:53 | 000,060,800 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\w300bus.sys
[2007/02/16 20:17:53 | 000,005,840 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\w300whnt.sys
[2007/02/16 20:17:53 | 000,005,840 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\w300wh.sys
[2007/02/16 18:15:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Disc2Phone
[2007/02/16 18:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\Disc2Phone
[2007/02/12 20:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\FW
[2007/02/12 17:10:12 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dat
[2007/02/07 17:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Smilebox
[2007/02/05 18:12:22 | 000,000,000 | ---D | C] -- C:\Program Files\Smilebox
[2007/01/23 21:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sandlot Shared
[2007/01/23 21:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2007/01/07 23:36:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AOL Instant Messenger
[2007/01/07 23:36:14 | 000,000,000 | ---D | C] -- C:\Program Files\AOL
[2007/01/07 23:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\AOD
[2007/01/07 23:36:05 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2007/01/06 20:48:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2007/01/01 20:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Corel Photo Album
[2007/01/01 20:16:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Corel Photo Album
[2007/01/01 19:10:08 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2006/12/18 19:01:20 | 000,012,672 | ---- | C] (SingleClick Systems) -- C:\WINDOWS\System32\drivers\packet.sys
[2006/12/10 11:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Mozilla
[2006/12/10 11:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla
[2006/12/10 11:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2006/12/10 11:17:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sporder.dll
[2006/12/09 20:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
[2006/12/09 20:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2006/12/09 20:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2006/11/17 20:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2006/11/17 20:00:06 | 000,000,000 | ---D | C] -- C:\9106037707863c034b8f
[2006/11/16 09:44:29 | 000,103,984 | ---- | C] (AOL LLC) -- C:\WINDOWS\System32\AOLDial.dll
[2006/11/16 09:44:22 | 000,033,592 | ---- | C] (America Online) -- C:\WINDOWS\System32\drivers\atwpkt264.sys
[2006/11/16 09:44:08 | 000,025,136 | ---- | C] (America Online) -- C:\WINDOWS\System32\drivers\atwpkt2.sys
[2006/11/11 13:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2006/11/11 13:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Google
[2006/11/06 16:08:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Interwise
[2006/11/06 16:08:01 | 000,151,552 | ---- | C] (ImageMaker Development Inc.) -- C:\WINDOWS\System32\IMG32JPM.DLL
[2006/11/06 16:08:01 | 000,102,912 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\IMGCL7MN.DLL
[2006/11/06 16:08:01 | 000,007,680 | ---- | C] (ImageMAKER Development Inc.) -- C:\WINDOWS\System32\IMGCL7MU.DLL
[2006/11/06 16:07:09 | 000,000,000 | ---D | C] -- C:\Interwise
[2006/11/02 17:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\TryMedia
[2006/10/18 22:47:22 | 001,574,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVENCOD.dll
[2006/10/18 22:47:22 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVDECOD.dll
[2006/10/18 22:47:22 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVSDECD.dll
[2006/10/18 22:47:22 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVSENCD.dll
[2006/10/18 22:47:22 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\UMDF\wpdmtpdr.dll
[2006/10/18 22:47:22 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVXENCD.dll
[2006/10/18 22:47:22 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdshextres.dll
[2006/10/18 22:47:20 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpmde.dll
[2006/10/18 22:47:20 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpeffects.dll
[2006/10/18 22:47:20 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpps.dll
[2006/10/18 22:47:18 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceApi.dll
[2006/10/18 22:47:18 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceWMDRM.dll
[2006/10/18 22:47:18 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceTypes.dll
[2006/10/18 22:47:18 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceWiaCompat.dll
[2006/10/18 22:47:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceClassExtension.dll
[2006/10/18 22:47:14 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdecd.dll
[2006/10/18 22:47:14 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MPG4DECD.dll
[2006/10/18 22:47:14 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MP43DECD.dll
[2006/10/18 21:00:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdshextautoplay.exe
[2006/10/18 13:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\My Google Gadgets
[2006/10/14 01:13:25 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2006/10/02 16:28:42 | 000,312,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdelta.dll
[2006/09/28 21:13:26 | 000,095,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WUDFCoinstaller.dll
[2006/09/28 20:13:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Pogo Games
[2006/09/28 20:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media
[2006/09/28 19:56:38 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WUDFx.dll
[2006/09/28 19:56:16 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WudfPlatform.dll
[2006/09/28 18:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\AdobeUM
[2006/09/28 18:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Adobe
[2006/09/28 18:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\My eBooks
[2006/09/28 18:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Adobe
[2006/09/28 18:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Help
[2006/09/28 18:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Help
[2006/09/26 18:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2006/09/24 12:11:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2006/09/24 11:49:44 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2006/09/23 14:12:50 | 001,497,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2006/09/23 14:12:50 | 001,022,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2006/09/23 14:12:50 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2006/09/18 07:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Claria
[2006/09/18 07:15:52 | 000,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2006/09/17 17:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Claria
[2006/09/17 17:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PersonalWeb
[2006/09/17 17:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Claria
[2006/09/15 10:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\My Skype Content
[2006/09/15 09:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Skype
[2006/09/12 22:01:56 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2006/09/05 20:53:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Google
[2006/09/04 19:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Color Printer 725
[2006/09/04 19:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Dl_cats
[2006/09/04 19:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Printers
[2006/09/04 15:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/09/03 22:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Identities
[2006/09/03 20:02:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2006/09/03 12:09:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WING32.DLL
[2006/09/03 12:09:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\netMarket
[2006/09/03 12:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Knowledge Adventure
[2006/09/03 12:09:25 | 000,000,000 | ---D | C] -- C:\KA
[2006/09/03 12:09:21 | 000,314,368 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2006/09/02 16:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2006/09/02 16:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Games
[2006/09/01 20:06:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Mom and Dad\UserData
[2006/08/31 17:58:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\kb913800.exe
[2006/08/30 21:53:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2006/08/30 21:02:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2006/08/30 20:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2006/08/30 20:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\PartyPoker.net
[2006/08/30 20:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Games
[2006/08/30 20:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\PartyGaming.Net
[2006/08/30 19:20:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Shared
[2006/08/30 19:20:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Incomplete
[2006/08/30 19:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2006/08/30 19:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\.limewire
[2006/08/30 19:02:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Brother
[2006/08/30 18:57:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother
[2006/08/30 18:56:31 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2006/08/30 18:55:55 | 000,051,712 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2006/08/30 18:55:44 | 000,073,728 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\brrbtool.exe
[2006/08/30 18:55:44 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brlm03a.dll
[2006/08/30 18:55:40 | 000,188,416 | R--- | C] (brother) -- C:\WINDOWS\System32\PDRVINST.DLL
[2006/08/30 18:55:40 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2006/08/30 18:55:40 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE
[2006/08/30 18:55:39 | 000,163,840 | ---- | C] (brother) -- C:\WINDOWS\System32\NSSearch.dll
[2006/08/30 18:55:39 | 000,034,816 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\BrWiaNCp.dll
[2006/08/30 18:55:38 | 000,120,832 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia04b.dll
[2006/08/30 18:55:38 | 000,052,224 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrNetSti.dll
[2006/08/30 18:55:38 | 000,031,744 | ---- | C] (Brother Industries,Ltd) -- C:\WINDOWS\System32\Brnsplg.dll
[2006/08/30 18:55:36 | 000,036,864 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\BrStiIf.dll
[2006/08/30 18:55:35 | 000,000,000 | ---D | C] -- C:\Brother
[2006/08/30 18:55:32 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2006/08/30 18:55:32 | 000,122,880 | ---- | C] (Brother Industries,LTD) -- C:\WINDOWS\System32\BrfxD04a.dll
[2006/08/30 18:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2006/08/30 18:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ScanSoft PaperPort 9.0
[2006/08/30 18:52:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2006/08/30 18:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2006/08/30 18:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2006/08/30 18:51:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2006/08/30 18:43:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\GTek
[2006/08/30 18:40:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2006/08/30 18:35:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2006/08/29 22:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Macromedia
[2006/08/29 22:08:31 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\DNIN50.DLL
[2006/08/29 22:08:31 | 000,017,149 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\DNINDIS5.SYS
[2006/08/29 22:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2006/08/27 21:27:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
[2006/08/27 21:27:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\My Videos
[2006/08/27 19:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Gtek
[2006/08/27 19:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Identities
[2006/08/27 19:41:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft
[2006/08/27 19:41:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mom and Dad\SendTo
[2006/08/27 19:41:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mom and Dad\Recent
[2006/08/27 19:41:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mom and Dad\Application Data
[2006/08/27 19:41:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Startup
[2006/08/27 19:41:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu
[2006/08/27 19:41:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\My Pictures
[2006/08/27 19:41:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\My Music
[2006/08/27 19:41:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\My Documents
[2006/08/27 19:41:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\Favorites
[2006/08/27 19:41:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Accessories
[2006/08/27 19:41:40 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Mom and Dad\Cookies
[2006/08/27 19:41:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mom and Dad\Templates
[2006/08/27 19:41:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mom and Dad\PrintHood
[2006/08/27 19:41:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mom and Dad\NetHood
[2006/08/27 19:41:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Wildtangent
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Sun
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Musicmatch
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Microsoft
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Google
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Desktop
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Dell Accessories
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Dell
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\BVRP Software
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\ApplicationHistory
[2006/08/27 19:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2006/08/24 16:15:06 | 000,150,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rgb9rast_2.dll
[2006/08/21 10:52:08 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2006/08/21 05:43:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2006/08/21 05:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\SearchAssist
[2006/08/21 05:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2006/08/21 05:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\BAE
[2006/08/21 05:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\Sonic
[2006/08/21 05:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TiVo Shared
[2006/08/21 05:35:47 | 000,094,263 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\DLA.EXE
[2006/08/21 05:35:47 | 000,061,500 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2006/08/21 05:35:47 | 000,022,684 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DLARTL_N.SYS
[2006/08/21 05:35:47 | 000,005,628 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS
[2006/08/21 05:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Roxio
[2006/08/21 05:35:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DLA
[2006/08/21 05:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2006/08/21 05:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Corel Corporation
[2006/08/21 05:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2006/08/21 05:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Corel Photo Center
[2006/08/21 05:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2006/08/21 05:30:59 | 000,108,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2006/08/21 05:30:58 | 000,104,960 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2006/08/21 05:30:58 | 000,068,344 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2006/08/21 05:30:58 | 000,056,832 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2006/08/21 05:30:58 | 000,054,272 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2006/08/21 05:30:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll
[2006/08/21 05:30:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Games
[2006/08/21 05:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\WildTangent
[2006/08/21 05:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\WebCyberCoach
[2006/08/21 05:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GTek
[2006/08/21 05:29:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WordPerfect Office 12
[2006/08/21 05:29:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2006/08/21 05:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2006/08/21 05:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\WordPerfect Office 12
[2006/08/21 05:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2006/08/21 05:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\EarthLink Setup
[2006/08/21 05:28:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\occache
[2006/08/21 05:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\Learn2.com
[2006/08/21 05:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Companion
[2006/08/21 05:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2006/08/21 05:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/08/21 05:28:38 | 001,496,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shdocvw.bak
[2006/08/21 05:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2006/08/21 05:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nullsoft
[2006/08/21 05:28:29 | 000,000,000 | ---D | C] -- C:\My Music
[2006/08/21 05:28:28 | 000,008,552 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys
[2006/08/21 05:28:26 | 000,157,696 | ---- | C] (RealNetworks) -- C:\WINDOWS\System32\rmoc3260.dll
[2006/08/21 05:28:25 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2006/08/21 05:28:25 | 000,024,576 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\prefscpl.cpl
[2006/08/21 05:28:25 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2006/08/21 05:28:25 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2006/08/21 05:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2006/08/21 05:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2006/08/21 05:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2006/08/21 05:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\AOL Downloads
[2006/08/21 05:28:06 | 000,153,088 | ---- | C] (America Online) -- C:\WINDOWS\System32\jgdwmie.dll
[2006/08/21 05:28:06 | 000,029,184 | ---- | C] (Blue Sky Software) -- C:\WINDOWS\System32\popup.ocx
[2006/08/21 05:27:50 | 000,033,588 | ---- | C] (America Online, Inc.) -- C:\WINDOWS\System32\drivers\wanatw4.sys
[2006/08/21 05:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\America Online
[2006/08/21 05:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2006/08/21 05:27:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL
[2006/08/21 05:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\America Online 9.0
[2006/08/21 05:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2006/08/21 05:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2006/08/21 05:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2006/08/21 05:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\MUSICMATCH
[2006/08/21 05:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\NetZeroInstallers
[2006/08/21 05:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2006/08/21 05:26:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2006/08/21 05:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\NetWaiting
[2006/08/21 05:26:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NetWaiting
[2006/08/21 05:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Line Detect
[2006/08/21 05:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\Modem Helper
[2006/08/21 05:25:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem Helper
[2006/08/21 05:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2006/08/21 05:25:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2006/08/21 05:25:38 | 000,000,000 | ---D | C] -- C:\Program Files\InterActual
[2006/08/21 05:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell
[2006/08/21 05:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2006/08/21 05:25:31 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2006/08/21 05:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
[2006/08/21 05:25:21 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2006/08/21 05:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2006/08/21 05:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2006/08/21 05:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel Network Adapters
[2006/08/21 05:24:43 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2006/08/21 05:22:43 | 001,003,520 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stlang.dll
[2006/08/21 05:22:43 | 000,282,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
[2006/08/21 05:22:43 | 000,155,729 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stac97.cpl
[2006/08/21 05:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\Sigmatel
[2006/08/21 05:22:42 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2006/08/21 05:20:20 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2006/08/21 05:20:20 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2006/08/21 05:20:20 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2006/08/21 05:20:20 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2006/08/21 05:20:20 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2006/08/21 05:20:20 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2006/08/21 05:20:20 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2006/08/21 05:20:20 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2006/08/21 05:20:20 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2006/08/21 05:20:20 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2006/08/21 05:20:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2006/08/21 05:20:20 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2006/08/21 05:20:19 | 003,607,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2006/08/21 05:20:19 | 001,168,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2006/08/21 05:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2006/08/21 05:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2006/08/21 05:18:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2006/08/21 05:09:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2006/08/21 05:09:00 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2006/08/21 05:09:00 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2006/08/21 05:09:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2006/08/21 05:08:58 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2006/08/21 05:02:18 | 001,042,432 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_DP.sys
[2006/08/21 05:02:18 | 000,680,704 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys
[2006/08/21 05:02:18 | 000,212,224 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSFHWBS2.sys
[2006/08/21 05:02:18 | 000,090,112 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2006/08/21 05:02:18 | 000,032,218 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\HSFCI008.dll
[2006/08/21 05:02:11 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfserv.dll
[2006/08/21 05:02:11 | 001,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfusb1.dll
[2006/08/21 05:02:11 | 000,638,976 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfpmui.dll
[2006/08/21 05:02:11 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfprox.dll
[2006/08/21 05:02:11 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfpplc.dll
[2006/08/21 05:02:10 | 000,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcflmpm.dll
[2006/08/21 05:02:10 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfih.exe
[2006/08/21 05:02:09 | 000,983,092 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dlcfgf.dll
[2006/08/21 05:02:09 | 000,770,048 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfhbn3.dll
[2006/08/21 05:02:09 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcomc.dll
[2006/08/21 05:02:09 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcoms.exe
[2006/08/21 05:02:09 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcomm.dll
[2006/08/21 05:02:09 | 000,368,640 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcfg.exe
[2006/08/21 05:01:53 | 000,639,872 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2006/08/21 05:01:53 | 000,639,872 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2006/08/21 05:01:53 | 000,106,496 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2006/08/21 05:01:53 | 000,073,728 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2006/08/21 05:01:53 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2006/08/21 05:01:53 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2006/08/21 05:01:52 | 006,684,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglx1.dll
[2006/08/21 05:01:52 | 005,005,312 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2006/08/21 05:01:52 | 002,365,472 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2006/08/21 05:01:52 | 002,365,472 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2006/08/21 05:01:52 | 001,273,344 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2006/08/21 05:01:52 | 001,273,344 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2006/08/21 05:01:52 | 000,307,200 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2006/08/21 05:01:52 | 000,249,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2006/08/21 05:01:52 | 000,147,456 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll
[2006/08/21 05:01:52 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[2006/08/21 05:01:52 | 000,025,088 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2006/08/21 05:01:51 | 000,212,992 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2006/08/21 05:01:51 | 000,212,992 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2006/08/21 05:01:51 | 000,205,312 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2006/08/21 05:01:51 | 000,205,312 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2006/08/21 05:01:51 | 000,046,080 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll
[2006/08/21 05:01:51 | 000,040,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll
[2006/08/21 05:01:51 | 000,039,936 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2006/08/21 05:01:40 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\Prounstl.exe
[2006/08/21 05:01:40 | 000,036,864 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\e100bmsg.dll
[2006/08/21 05:01:40 | 000,019,456 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\IntelNic.dll
[2006/08/21 05:01:34 | 001,107,224 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys
[2006/08/21 05:01:34 | 000,200,704 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacapi.dll
[2006/08/21 05:01:34 | 000,112,128 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\staco.dll
[2006/08/21 05:01:30 | 000,000,000 | ---D | C] -- C:\drivers
[2006/06/29 09:05:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\idndl.dll
[2006/06/28 18:59:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nlsdl.dll
[2006/04/08 22:14:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2006/04/08 22:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2006/04/04 03:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2006/04/04 03:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2006/04/02 20:47:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\Remotes notes
[2006/03/31 01:13:06 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2006/03/31 00:56:34 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2006/03/31 00:32:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\PCHealth
[2006/03/31 00:26:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2006/03/16 17:38:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Mom and Dad\*.tmp files -> C:\Documents and Settings\Mom and Dad\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]

#9 thatcher

thatcher
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 21 May 2011 - 04:59 PM

http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2255207

OTL part 2




========== Files - Modified Within 30 Days ==========

[2011/05/14 21:32:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/14 17:01:54 | 000,015,490 | -HS- | M] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\yi14w8p50v3v54040mxn87220nq
[2011/05/14 17:01:54 | 000,015,490 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\yi14w8p50v3v54040mxn87220nq
[2011/05/14 16:43:57 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\2gweorjqjutp92vjy9gake
[2011/05/14 09:31:40 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\defogger_reenable
[2011/05/13 19:55:24 | 000,005,155 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/05/13 18:15:43 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Spybot - Search & Destroy.lnk
[2011/05/11 17:31:46 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/10 05:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/10 05:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/10 05:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/10 05:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/10 05:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/10 05:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/10 05:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/10 04:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/10 04:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/10 04:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/08 16:37:54 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/08 16:37:53 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/07 16:29:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/06 17:49:08 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2011/05/03 11:13:35 | 000,000,123 | ---- | M] () -- C:\WINDOWS\System32\1649518602
[2011/05/02 17:57:27 | 000,155,648 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\lftif11n32.dll
[2011/04/15 06:47:19 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/15 03:27:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/15 03:22:45 | 000,445,472 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/15 03:22:45 | 000,072,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/09 18:50:31 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\StreamTorrent 1.0.lnk
[2011/04/09 18:41:43 | 003,005,440 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\TvantsSetup[1].exe
[2011/04/08 17:54:44 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\VLC.lnk
[2011/03/14 22:25:39 | 000,000,426 | ---- | M] () -- C:\WINDOWS\brwmark.ini
[2011/03/06 22:33:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2011/03/05 14:51:14 | 000,003,766 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/03/05 14:51:09 | 000,000,088 | RHS- | M] () -- C:\WINDOWS\System32\06E05D1336.sys
[2011/03/05 14:49:06 | 002,072,576 | ---- | M] (DisplayLink Corp.) -- C:\WINDOWS\System32\DisplayLinkUsbCo2_5.2.22271.0.dll
[2011/03/05 14:49:04 | 000,021,888 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\WINDOWS\System32\drivers\DisplayLinkUsbPort_5.2.22271.0.sys
[2011/03/03 23:45:07 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[2011/03/03 23:45:07 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2011/03/03 23:45:07 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2011/03/03 23:45:07 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2011/03/03 06:21:11 | 001,857,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2011/03/03 06:21:11 | 001,857,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2011/03/02 23:55:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2011/02/17 14:25:02 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/02/17 12:00:29 | 000,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2011/02/17 12:00:28 | 006,075,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/02/17 12:00:28 | 003,607,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2011/02/17 12:00:28 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2011/02/17 12:00:28 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2011/02/17 12:00:28 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2011/02/17 12:00:28 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2011/02/17 12:00:28 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2011/02/17 12:00:28 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2011/02/17 12:00:28 | 000,468,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2011/02/17 12:00:28 | 000,468,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/02/17 12:00:28 | 000,384,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2011/02/17 12:00:28 | 000,384,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2011/02/17 12:00:28 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[2011/02/17 12:00:28 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2011/02/17 12:00:28 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/02/17 12:00:28 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2011/02/17 12:00:28 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[2011/02/17 12:00:28 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2011/02/17 12:00:28 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2011/02/17 12:00:28 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2011/02/17 12:00:28 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2011/02/17 12:00:28 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2011/02/17 12:00:28 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
[2011/02/17 12:00:28 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2011/02/17 12:00:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2011/02/17 12:00:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2011/02/17 12:00:28 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2011/02/17 12:00:28 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011/02/17 12:00:28 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2011/02/17 12:00:28 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2011/02/17 12:00:28 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/02/17 12:00:28 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2011/02/17 12:00:28 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2011/02/17 12:00:28 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
[2011/02/17 12:00:28 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2011/02/17 12:00:28 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2011/02/17 12:00:28 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2011/02/17 12:00:27 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2011/02/17 12:00:27 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2011/02/17 12:00:27 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2011/02/17 12:00:27 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2011/02/17 12:00:27 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2011/02/17 12:00:27 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2011/02/17 12:00:27 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2011/02/17 12:00:27 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2011/02/17 12:00:27 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2011/02/17 06:18:24 | 000,455,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/02/17 06:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2011/02/17 04:44:16 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2011/02/17 04:43:27 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2011/02/17 04:43:27 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2011/02/17 04:43:27 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2011/02/17 04:43:27 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2011/02/15 05:56:39 | 000,290,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2011/02/15 05:56:39 | 000,290,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2011/02/14 05:17:08 | 000,634,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2011/02/14 05:15:36 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakui.dll
[2011/02/14 05:15:36 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2011/02/11 06:25:52 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2011/02/11 06:25:52 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2011/02/08 06:33:55 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll
[2011/02/08 06:33:55 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2011/02/08 06:33:55 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll
[2011/02/08 06:33:55 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2011/02/04 18:48:32 | 000,456,192 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/02/02 00:58:35 | 002,067,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2011/01/27 04:57:06 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2011/01/21 07:44:37 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2011/01/21 07:44:37 | 000,439,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2011/01/04 12:04:22 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/01/03 18:59:13 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/25 20:39:05 | 000,063,756 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/12/22 17:21:53 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 09:50:13 | 000,001,513 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Free AOL Email.lnk
[2010/12/22 05:34:28 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2010/12/21 11:36:30 | 000,026,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/12/20 19:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 19:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 10:26:00 | 000,730,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2010/12/20 10:26:00 | 000,730,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/12/19 15:58:43 | 000,189,203 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\KMBS_UHC_FSA_Claim_Form.pdf
[2010/12/09 07:30:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2010/12/09 07:30:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2010/12/09 06:42:26 | 002,148,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2010/12/09 06:42:26 | 002,148,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/12/09 06:38:47 | 002,192,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/12/09 06:07:07 | 002,027,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/12/09 06:07:07 | 002,027,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010/12/09 06:07:05 | 002,069,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/11/29 18:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/11/29 18:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/11/29 15:32:28 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/18 11:12:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/11/18 11:12:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/11/09 07:52:35 | 000,536,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/11/09 07:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32.dll
[2010/11/09 07:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll
[2010/11/09 07:52:35 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/11/09 07:52:35 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/11/09 07:52:35 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/11/09 07:52:35 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/11/08 05:41:00 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/11/08 05:41:00 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/11/08 05:41:00 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/11/08 05:41:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/11/08 05:41:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/11/02 08:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/10/26 19:56:30 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/10/26 19:56:29 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/10/25 20:07:29 | 000,103,784 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\GoToAssistDownloadHelper.exe
[2010/10/12 23:52:14 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/12 11:05:26 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/10/11 07:59:30 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/09/17 23:53:25 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40.dll
[2010/09/17 23:53:25 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2010/09/17 23:53:25 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2010/09/17 23:53:25 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/08/27 01:02:29 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2010/08/27 01:02:29 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/08/26 22:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srvsvc.dll
[2010/08/25 23:36:02 | 010,841,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2010/08/23 09:12:04 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/08/17 06:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2010/08/16 01:45:00 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2010/08/11 13:03:06 | 000,000,416 | ---- | M] () -- C:\WINDOWS\hegames.ini
[2010/07/16 05:05:55 | 001,288,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2010/07/05 13:37:00 | 000,991,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2010/07/05 06:15:50 | 000,017,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/06/30 05:31:35 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2010/06/18 10:45:17 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2010/06/18 10:45:17 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2010/06/18 06:36:12 | 003,558,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/06/17 07:03:00 | 000,080,384 | ---- | M] (Radius Inc.) -- C:\WINDOWS\System32\iccvid.dll
[2010/06/15 09:17:24 | 000,143,422 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[2010/06/15 00:15:56 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Prism Video Converter.lnk
[2010/06/15 00:15:31 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Switch Sound File Converter.lnk
[2010/06/15 00:13:27 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Clip Extractor.lnk
[2010/06/14 07:31:20 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/06/14 00:41:45 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2010/05/29 10:59:38 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Flash Player.lnk
[2010/04/16 08:36:56 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2010/04/06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVCore.dll
[2010/04/06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2010/03/31 00:16:34 | 000,099,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHostProxy.dll
[2010/03/31 00:10:40 | 000,295,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHost.exe
[2010/03/30 12:24:40 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdecd.dll
[2010/03/30 12:24:40 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdecd.dll
[2010/03/30 00:52:26 | 000,262,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4ds32.ax
[2010/03/30 00:52:26 | 000,262,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2010/03/22 15:05:50 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
[2010/03/16 09:50:22 | 000,000,066 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\XSitePro2.cfg
[2010/03/16 09:36:15 | 001,058,697 | ---- | M] () -- C:\WINDOWS\XSitePro2 Uninstaller.exe
[2010/03/15 19:27:16 | 000,001,605 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2010/03/15 19:27:16 | 000,001,587 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk
[2010/03/05 07:37:40 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010/03/05 07:37:40 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asycfilt.dll
[2010/03/01 02:00:24 | 000,001,966 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MLBDugoutHeroes.lnk
[2010/02/24 18:23:22 | 000,061,236 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\aaron.php
[2010/02/21 10:04:22 | 005,370,411 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\3-4-600_series_Colman_2003.pdf
[2010/02/21 09:58:06 | 002,627,518 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\coleman_2004_en.pdf
[2010/02/11 21:33:11 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010/02/09 21:39:10 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/02/05 11:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010/01/29 07:43:39 | 000,307,260 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codeca.acm
[2010/01/13 07:01:25 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2009/12/30 14:15:01 | 000,001,962 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dell Support Center.lnk
[2009/12/30 13:56:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\null
[2009/12/23 23:59:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2009/12/16 11:43:27 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/12/16 11:43:27 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/12/15 22:30:19 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2009/12/15 22:28:45 | 000,001,578 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\LimeWire 5.3.6.lnk
[2009/12/15 22:26:59 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/12/15 22:26:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/12/15 22:26:59 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/12/15 22:26:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/12/15 22:26:56 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/12/08 02:23:28 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2009/11/27 10:11:44 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009/11/27 09:07:35 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2009/11/27 09:07:35 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009/11/27 09:07:34 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2009/11/27 09:07:34 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2009/11/27 09:07:34 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009/11/27 09:07:34 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009/11/21 08:51:04 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/11/19 18:47:21 | 000,024,320 | ---- | M] (DisplayLink Corp.) -- C:\WINDOWS\System32\drivers\DisplayLinkmirrorport.sys
[2009/11/19 18:47:21 | 000,018,816 | ---- | M] (DisplayLink Corp.) -- C:\WINDOWS\System32\DisplayLinkmirrordisp.dll
[2009/11/19 18:47:21 | 000,007,040 | ---- | M] (DisplayLink Corp.) -- C:\WINDOWS\System32\drivers\DisplayLinkFilter.sys
[2009/11/13 15:42:14 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/11/07 01:07:08 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netfxperf.dll
[2009/10/25 14:25:48 | 000,217,930 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\Car Blutooth Surface_Sound_Compact_Manual_English.pdf
[2009/10/20 22:38:36 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009/10/20 22:38:36 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2009/10/20 22:38:36 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009/10/20 22:38:36 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2009/10/20 09:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2009/10/15 09:28:26 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2009/10/15 09:28:26 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2009/10/13 06:24:24 | 000,000,878 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Shortcut to P90X.lnk
[2009/10/13 03:30:16 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2009/10/13 03:30:16 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2009/10/12 06:38:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2009/10/12 06:38:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2009/10/12 06:38:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2009/10/12 06:38:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2009/10/03 10:06:43 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2009/10/03 10:06:43 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[2009/09/11 07:18:39 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2009/09/04 14:03:36 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2009/09/04 11:01:25 | 033,613,523 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\090902MZWatsonaudio.wma
[2009/08/28 20:42:52 | 002,065,696 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2009/08/26 01:00:21 | 000,247,326 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll
[2009/08/26 01:00:21 | 000,247,326 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/08/25 02:17:27 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2009/08/22 09:56:52 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\SopCast.lnk
[2009/08/22 09:52:48 | 005,420,941 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\SopCast-3.2.4.zip
[2009/08/06 19:24:18 | 000,327,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/08/06 19:24:18 | 000,327,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/08/06 19:24:18 | 000,209,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/08/06 19:24:18 | 000,021,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/08/06 19:24:10 | 000,217,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/08/06 19:24:10 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/08/06 19:24:10 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/08/06 19:24:10 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/08/06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/08/06 19:24:06 | 000,015,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/08/06 19:24:04 | 000,096,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2009/08/06 19:24:04 | 000,096,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2009/08/06 19:23:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/08/06 19:23:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/08/06 19:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/08/05 02:01:48 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/08/05 02:01:48 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/07/31 10:05:44 | 001,372,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/07/27 16:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll
[2009/07/17 12:01:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2009/07/17 09:22:18 | 001,435,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll
[2009/07/17 09:22:18 | 001,435,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2009/07/15 19:00:44 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PokerStars.net.lnk
[2009/07/13 23:43:24 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009/07/12 20:13:35 | 002,982,334 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\JVC VIDEO CAMERA.pdf
[2009/07/08 21:29:37 | 000,165,144 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\7-7-09-housing-crisis-report.pdf
[2009/06/29 01:33:41 | 002,452,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dat
[2009/06/29 01:33:41 | 002,452,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/06/25 01:25:26 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2009/06/25 01:25:26 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2009/06/24 04:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2009/06/12 05:31:40 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2009/06/12 05:31:40 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2009/06/12 05:31:39 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2009/06/12 05:31:39 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/06/10 09:19:38 | 002,066,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/06/09 23:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2009/05/16 11:18:08 | 000,740,963 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\san fran beach 061(2).jpg
[2009/05/16 11:14:50 | 000,740,963 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\san fran beach 061.jpg
[2009/05/07 08:32:35 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll
[2009/05/07 08:32:35 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2009/05/02 09:07:29 | 000,004,752 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Taps.gif
[2009/05/01 11:30:36 | 003,366,912 | ---- | M] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2009/04/20 10:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll
[2009/04/19 10:42:09 | 003,006,976 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\TvantsSetup(2).exe
[2009/04/18 15:25:00 | 000,237,568 | ---- | M] (--) -- C:\WINDOWS\System32\MacUnInstall.exe
[2009/04/01 23:02:22 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2009/04/01 23:02:22 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/03/21 07:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2009/03/15 11:38:17 | 000,284,437 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\TheBible-2.htm
[2009/03/06 07:22:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll
[2009/03/01 10:38:41 | 001,878,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Mom and Dad\Desktop\install_flash_player(3).exe
[2009/02/24 00:06:26 | 000,035,910 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\bailey doza and fanning and cardoso.jpg
[2009/02/22 12:33:57 | 004,909,440 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mom and Dad\Desktop\Silverlight.2.0.exe
[2009/02/06 03:39:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2009/01/31 19:48:01 | 000,039,651 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\super-bowl-squares.pdf
[2009/01/16 09:34:15 | 000,004,879 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\Absolute magnitude amount of light a star actually gives.wpd
[2009/01/15 19:20:32 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GameTap.lnk
[2009/01/15 19:18:59 | 034,197,368 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\Mom and Dad\Desktop\gametap_setup.exe
[2008/12/14 14:23:52 | 123,368,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mom and Dad\Desktop\Office2003SP3-KB923618-FullFile-ENU.exe
[2008/12/14 14:15:04 | 006,053,448 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mom and Dad\Desktop\office2003-KB954464-FullFile-ENU.exe
[2008/12/14 13:00:34 | 002,766,389 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\tree house.pdf
[2008/12/12 12:18:16 | 000,087,336 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2008/12/12 12:11:46 | 000,061,440 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[2008/12/01 23:28:50 | 000,061,678 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\PFP120JPR.{PB
[2008/12/01 23:28:50 | 000,012,358 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\PFP120JCM.{PB
[2008/11/24 22:56:51 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2008/10/23 05:36:14 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2008/10/16 07:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2008/10/15 09:34:24 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2008/09/28 09:49:37 | 000,028,930 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\factsheetwhopaysmostindividualincometaxes.update.pdf
[2008/09/27 09:52:06 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\TV Player Pro.lnk
[2008/09/27 09:25:01 | 003,728,175 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\TV_Player_Pro_Setup_0.7.exe
[2008/09/21 17:30:33 | 007,499,056 | ---- | M] (Mozilla) -- C:\Documents and Settings\Mom and Dad\Desktop\Firefox Setup 3.0.1.exe
[2008/09/21 11:04:31 | 001,495,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Mom and Dad\Desktop\install_flash_player(2).exe
[2008/09/21 10:33:34 | 001,495,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Mom and Dad\Desktop\install_flash_player.exe
[2008/07/29 21:10:04 | 000,493,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\evr.dll
[2008/07/29 21:10:04 | 000,073,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxva2.dll
[2008/07/29 21:10:04 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\TsWpfWrp.exe
[2008/07/29 19:59:58 | 000,781,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationNative_v0300.dll
[2008/07/29 19:59:58 | 000,161,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\UIAutomationCore.dll
[2008/07/29 19:59:58 | 000,105,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
[2008/07/29 19:24:50 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icardagt.exe
[2008/07/29 19:24:50 | 000,097,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\infocardapi.dll
[2008/07/29 19:24:50 | 000,037,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\infocardcpl.cpl
[2008/07/29 19:24:50 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icardres.dll
[2008/07/29 05:49:58 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icardres.dll.mui
[2008/07/25 11:16:58 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscorier.dll
[2008/07/25 11:16:58 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscories.dll
[2008/07/07 13:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2008/07/06 05:06:10 | 001,676,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2008/07/06 05:06:10 | 001,676,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2008/07/06 05:06:10 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2008/07/06 05:06:10 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2008/07/05 14:41:08 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\BD7820N.dat
[2008/06/29 09:15:32 | 000,001,589 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Airlink101 USB Wireless Configuration Utility.lnk
[2008/06/29 09:15:32 | 000,001,493 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Airlink101 USB Wireless Configuration Utility.lnk
[2008/06/24 18:12:58 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpeffects.dll
[2008/06/24 09:43:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll
[2008/06/24 09:43:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2008/06/20 09:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2008/06/20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2008/06/18 06:03:08 | 000,938,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMNetmgr.dll
[2008/06/18 06:03:08 | 000,938,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMNetmgr.dll
[2008/06/18 02:09:22 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2008/06/18 02:09:22 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2008/06/13 04:05:51 | 000,272,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2008/06/12 07:23:32 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/06/12 07:23:32 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008/06/12 07:23:32 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/06/12 07:23:32 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008/06/12 07:23:32 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/06/12 07:23:32 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008/06/12 07:23:32 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/06/12 07:23:32 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008/06/12 07:23:32 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxclu.dll
[2008/06/12 07:23:32 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2008/06/12 07:23:32 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/06/12 07:23:32 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008/06/07 20:37:11 | 000,906,960 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Google Updater.exe
[2008/05/31 02:46:46 | 001,634,273 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Picture.jpg
[2008/05/09 16:23:42 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wshom.ocx
[2008/05/09 16:23:42 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2008/05/09 03:53:40 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2008/05/09 03:53:40 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2008/05/09 03:53:39 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scrobj.dll
[2008/05/09 03:53:39 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2008/05/08 07:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2008/05/08 07:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2008/05/08 04:24:44 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2008/05/07 02:07:23 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2008/05/07 02:07:23 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2008/05/01 07:33:02 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/04/20 10:25:51 | 000,000,820 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2008/04/17 14:12:54 | 000,107,368 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2008/04/14 16:54:14 | 002,889,336 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\tvantssetup.exe
[2008/04/14 11:52:49 | 002,838,857 | ---- | M] (A.I.SOFT,INC.) -- C:\Documents and Settings\Mom and Dad\Desktop\CC_SCAN(3).EXE
[2008/04/14 11:52:38 | 002,838,857 | ---- | M] (A.I.SOFT,INC.) -- C:\Documents and Settings\Mom and Dad\Desktop\CC_SCAN(2).EXE
[2008/04/14 11:46:34 | 002,838,857 | ---- | M] (A.I.SOFT,INC.) -- C:\Documents and Settings\Mom and Dad\Desktop\CC_SCAN.EXE
[2008/04/14 06:42:38 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2008/04/14 06:41:58 | 000,423,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licdll.dll
[2008/04/13 17:25:26 | 000,001,804 | ---- | M] () -- C:\WINDOWS\System32\dcache.bin
[2008/04/13 17:16:51 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2008/04/13 17:13:22 | 000,087,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008/04/13 17:13:21 | 000,012,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsddd.dll
[2008/04/13 17:12:45 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\h323.tsp
[2008/04/13 17:12:45 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdm.tsp
[2008/04/13 17:12:45 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2008/04/13 17:12:45 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\remotesp.tsp
[2008/04/13 17:12:45 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ndptsp.tsp
[2008/04/13 17:12:45 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kmddsp.tsp
[2008/04/13 17:12:45 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hidphone.tsp
[2008/04/13 17:12:45 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconf.tsp
[2008/04/13 17:12:44 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2008/04/13 17:12:44 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2008/04/13 17:12:44 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2008/04/13 17:12:44 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2008/04/13 17:12:44 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2008/04/13 17:12:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2008/04/13 17:12:43 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2008/04/13 17:12:43 | 000,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2008/04/13 17:12:43 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2008/04/13 17:12:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2008/04/13 17:12:43 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2008/04/13 17:12:42 | 000,848,384 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.ax
[2008/04/13 17:12:42 | 000,278,559 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8ds32.ax
[2008/04/13 17:12:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvds32.ax
[2008/04/13 17:12:42 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msadds32.ax
[2008/04/13 17:12:42 | 000,199,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2008/04/13 17:12:42 | 000,154,624 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2008/04/13 17:12:42 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008/04/13 17:12:42 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscds32.ax
[2008/04/13 17:12:42 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2008/04/13 17:12:42 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2008/04/13 17:12:42 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008/04/13 17:12:42 | 000,023,040 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2008/04/13 17:12:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\more.com
[2008/04/13 17:12:42 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tree.com
[2008/04/13 17:12:42 | 000,009,728 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2008/04/13 17:12:41 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2008/04/13 17:12:41 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nusrmgr.cpl
[2008/04/13 17:12:41 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hdwwiz.cpl
[2008/04/13 17:12:41 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2008/04/13 17:12:41 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\desk.cpl
[2008/04/13 17:12:41 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\intl.cpl
[2008/04/13 17:12:41 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.cpl
[2008/04/13 17:12:41 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2008/04/13 17:12:41 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\timedate.cpl
[2008/04/13 17:12:41 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2008/04/13 17:12:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2008/04/13 17:12:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008/04/13 17:12:41 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.cpl
[2008/04/13 17:12:41 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2008/04/13 17:12:41 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2008/04/13 17:12:41 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2008/04/13 17:12:40 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2008/04/13 17:12:40 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2008/04/13 17:12:39 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2008/04/13 17:12:39 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2008/04/13 17:12:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2008/04/13 17:12:38 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2008/04/13 17:12:38 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2008/04/13 17:12:38 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2008/04/13 17:12:38 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2008/04/13 17:12:38 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2008/04/13 17:12:38 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2008/04/13 17:12:37 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2008/04/13 17:12:37 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2008/04/13 17:12:37 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2008/04/13 17:12:37 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2008/04/13 17:12:36 | 000,538,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008/04/13 17:12:36 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008/04/13 17:12:36 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systeminfo.exe
[2008/04/13 17:12:36 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2008/04/13 17:12:36 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2008/04/13 17:12:36 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2008/04/13 17:12:36 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2008/04/13 17:12:35 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2008/04/13 17:12:35 | 000,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2008/04/13 17:12:35 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2008/04/13 17:12:35 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2008/04/13 17:12:35 | 000,032,866 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2008/04/13 17:12:35 | 000,032,866 | ---- | M] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2008/04/13 17:12:35 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2008/04/13 17:12:35 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2008/04/13 17:12:35 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2008/04/13 17:12:35 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2008/04/13 17:12:34 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2008/04/13 17:12:34 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2008/04/13 17:12:34 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2008/04/13 17:12:34 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2008/04/13 17:12:34 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2008/04/13 17:12:33 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2008/04/13 17:12:33 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2008/04/13 17:12:33 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2008/04/13 17:12:33 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2008/04/13 17:12:33 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2008/04/13 17:12:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2008/04/13 17:12:32 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008/04/13 17:12:32 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008/04/13 17:12:32 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2008/04/13 17:12:32 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2008/04/13 17:12:32 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2008/04/13 17:12:32 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2008/04/13 17:12:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2008/04/13 17:12:32 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008/04/13 17:12:32 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008/04/13 17:12:32 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2008/04/13 17:12:32 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2008/04/13 17:12:31 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2008/04/13 17:12:31 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2008/04/13 17:12:31 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\openfiles.exe
[2008/04/13 17:12:31 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2008/04/13 17:12:31 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2008/04/13 17:12:31 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2008/04/13 17:12:31 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2008/04/13 17:12:30 | 001,200,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2008/04/13 17:12:30 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2008/04/13 17:12:30 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2008/04/13 17:12:30 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2008/04/13 17:12:29 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2008/04/13 17:12:29 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2008/04/13 17:12:29 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2008/04/13 17:12:29 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2008/04/13 17:12:29 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2008/04/13 17:12:29 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2008/04/13 17:12:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2008/04/13 17:12:29 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008/04/13 17:12:29 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2008/04/13 17:12:27 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008/04/13 17:12:27 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqbkup.exe
[2008/04/13 17:12:25 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2008/04/13 17:12:25 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2008/04/13 17:12:25 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2008/04/13 17:12:24 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2008/04/13 17:12:24 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2008/04/13 17:12:23 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2008/04/13 17:12:23 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2008/04/13 17:12:22 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2008/04/13 17:12:22 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2008/04/13 17:12:21 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2008/04/13 17:12:21 | 000,120,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpresult.exe
[2008/04/13 17:12:21 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\getmac.exe
[2008/04/13 17:12:21 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2008/04/13 17:12:21 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2008/04/13 17:12:20 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2008/04/13 17:12:20 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2008/04/13 17:12:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2008/04/13 17:12:20 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2008/04/13 17:12:20 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2008/04/13 17:12:20 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2008/04/13 17:12:20 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2008/04/13 17:12:19 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2008/04/13 17:12:19 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventtriggers.exe
[2008/04/13 17:12:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcreate.exe
[2008/04/13 17:12:19 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2008/04/13 17:12:18 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2008/04/13 17:12:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2008/04/13 17:12:18 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2008/04/13 17:12:18 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\driverquery.exe
[2008/04/13 17:12:18 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2008/04/13 17:12:17 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2008/04/13 17:12:17 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2008/04/13 17:12:17 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2008/04/13 17:12:17 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2008/04/13 17:12:17 | 000,015,872 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2008/04/13 17:12:16 | 000,105,472 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2008/04/13 17:12:16 | 000,082,944 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2008/04/13 17:12:16 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2008/04/13 17:12:16 | 000,025,088 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2008/04/13 17:12:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008/04/13 17:12:15 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2008/04/13 17:12:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2008/04/13 17:12:15 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2008/04/13 17:12:14 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2008/04/13 17:12:14 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008/04/13 17:12:14 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2008/04/13 17:12:14 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cipher.exe
[2008/04/13 17:12:14 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2008/04/13 17:12:14 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2008/04/13 17:12:13 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\autofmt.exe
[2008/04/13 17:12:13 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootcfg.exe
[2008/04/13 17:12:13 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2008/04/13 17:12:13 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2008/04/13 17:12:13 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\autolfn.exe
[2008/04/13 17:12:12 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\autoconv.exe
[2008/04/13 17:12:12 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2008/04/13 17:12:12 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2008/04/13 17:12:12 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_fmt.exe
[2008/04/13 17:12:12 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2008/04/13 17:12:12 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2008/04/13 17:12:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2008/04/13 17:12:12 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2008/04/13 17:12:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2008/04/13 17:12:11 | 000,383,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcdlg.dll
[2008/04/13 17:12:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008/04/13 17:12:11 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactsrv.dll
[2008/04/13 17:12:11 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsapi.dll
[2008/04/13 17:12:11 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2008/04/13 17:12:11 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008/04/13 17:12:10 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wsecedit.dll
[2008/04/13 17:12:10 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmstream.dll
[2008/04/13 17:12:10 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wow32.dll
[2008/04/13 17:12:10 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2008/04/13 17:12:10 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wsnmp32.dll
[2008/04/13 17:12:10 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wshcon.dll
[2008/04/13 17:12:10 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wsock32.dll
[2008/04/13 17:12:10 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wshtcpip.dll
[2008/04/13 17:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wtsapi32.dll
[2008/04/13 17:12:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wship6.dll
[2008/04/13 17:12:10 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wshrm.dll
[2008/04/13 17:12:09 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2008/04/13 17:12:09 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe.dll
[2008/04/13 17:12:09 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winscard.dll
[2008/04/13 17:12:09 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2008/04/13 17:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsta.dll
[2008/04/13 17:12:09 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winipsec.dll
[2008/04/13 17:12:09 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpui.dll
[2008/04/13 17:12:09 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpcore.dll
[2008/04/13 17:12:09 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpcd.dll
[2008/04/13 17:12:09 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2008/04/13 17:12:08 | 000,463,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadefui.dll
[2008/04/13 17:12:08 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2008/04/13 17:12:08 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wavemsp.dll
[2008/04/13 17:12:08 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\webvw.dll
[2008/04/13 17:12:08 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnp.dll
[2008/04/13 17:12:08 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadss.dll
[2008/04/13 17:12:08 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiavideo.dll
[2008/04/13 17:12:08 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32spl.dll
[2008/04/13 17:12:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2008/04/13 17:12:08 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmredir.dll
[2008/04/13 17:12:08 | 000,030,749 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbajet32.dll
[2008/04/13 17:12:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.dll
[2008/04/13 17:12:08 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmdbg.dll
[2008/04/13 17:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\usbmon.dll
[2008/04/13 17:12:08 | 000,011,325 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2008/04/13 17:12:07 | 000,990,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2008/04/13 17:12:07 | 000,858,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi3.dll
[2008/04/13 17:12:07 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sxs.dll
[2008/04/13 17:12:07 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\termmgr.dll
[2008/04/13 17:12:07 | 000,316,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2008/04/13 17:12:07 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ulib.dll
[2008/04/13 17:12:07 | 000,239,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/04/13 17:12:07 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi32.dll
[2008/04/13 17:12:07 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sti_ci.dll
[2008/04/13 17:12:07 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\txflog.dll
[2008/04/13 17:12:07 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008/04/13 17:12:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008/04/13 17:12:07 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdmat.dll
[2008/04/13 17:12:07 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sti.dll
[2008/04/13 17:12:07 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008/04/13 17:12:07 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2008/04/13 17:12:07 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2008/04/13 17:12:07 | 000,050,688 | ---- | M] (Twain Working Group) -- C:\WINDOWS\twain_32.dll
[2008/04/13 17:12:07 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmonui.dll
[2008/04/13 17:12:07 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmon.dll
[2008/04/13 17:12:07 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\umandlg.dll
[2008/04/13 17:12:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpapi.dll
[2008/04/13 17:12:07 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\udhisapi.dll
[2008/04/13 17:12:07 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmib.dll
[2008/04/13 17:12:07 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uniplat.dll
[2008/04/13 17:12:07 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvrp.dll
[2008/04/13 17:12:06 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.dll
[2008/04/13 17:12:06 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogcfg.dll
[2008/04/13 17:12:06 | 000,286,792 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2008/04/13 17:12:06 | 000,188,508 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2008/04/13 17:12:06 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpsnap.dll
[2008/04/13 17:12:06 | 000,180,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlunirl.dll
[2008/04/13 17:12:06 | 000,098,304 | ---- | M] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbiop.dll
[2008/04/13 17:12:06 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolss.dll
[2008/04/13 17:12:06 | 000,073,832 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2008/04/13 17:12:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpapi.dll
[2008/04/13 17:12:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2008/04/13 17:12:05 | 001,614,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll
[2008/04/13 17:12:05 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scesrv.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scecli.dll
[2008/04/13 17:12:05 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sccsccp.dll
[2008/04/13 17:12:05 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shgina.dll
[2008/04/13 17:12:05 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008/04/13 17:12:05 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sendcmsg.dll
[2008/04/13 17:12:05 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2008/04/13 17:12:05 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shfolder.dll
[2008/04/13 17:12:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sigtab.dll
[2008/04/13 17:12:05 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sensapi.dll
[2008/04/13 17:12:05 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\security.dll
[2008/04/13 17:12:05 | 000,003,901 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2008/04/13 17:12:04 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\riched20.dll
[2008/04/13 17:12:04 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\samsrv.dll
[2008/04/13 17:12:04 | 000,397,824 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\regwizc.dll
[2008/04/13 17:12:04 | 000,397,056 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2008/04/13 17:12:04 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2008/04/13 17:12:04 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2008/04/13 17:12:04 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scarddlg.dll
[2008/04/13 17:12:04 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\resutils.dll
[2008/04/13 17:12:04 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regapi.dll
[2008/04/13 17:12:04 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/04/13 17:12:04 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rtutils.dll
[2008/04/13 17:12:04 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/04/13 17:12:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rtipxmib.dll
[2008/04/13 17:12:04 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/04/13 17:12:04 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008/04/13 17:12:04 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmps.dll
[2008/04/13 17:12:04 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2008/04/13 17:12:03 | 000,658,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdlg.dll
[2008/04/13 17:12:03 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasapi32.dll
[2008/04/13 17:12:03 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasppp.dll
[2008/04/13 17:12:03 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2008/04/13 17:12:03 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008/04/13 17:12:03 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcbdyctl.dll
[2008/04/13 17:12:03 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\psbase.dll
[2008/04/13 17:12:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2008/04/13 17:12:03 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2008/04/13 17:12:03 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2008/04/13 17:12:03 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasman.dll
[2008/04/13 17:12:03 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rastapi.dll
[2008/04/13 17:12:03 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/04/13 17:12:03 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorec.dll
[2008/04/13 17:12:03 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorsvc.dll
[2008/04/13 17:12:03 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\profmap.dll
[2008/04/13 17:12:03 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/04/13 17:12:03 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\powrprof.dll
[2008/04/13 17:12:03 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rassapi.dll
[2008/04/13 17:12:03 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasadhlp.dll
[2008/04/13 17:12:02 | 004,274,816 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2008/04/13 17:12:02 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\opengl32.dll
[2008/04/13 17:12:02 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsmgr.dll
[2008/04/13 17:12:02 | 000,412,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2008/04/13 17:12:02 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2008/04/13 17:12:02 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\objsel.dll
[2008/04/13 17:12:02 | 000,278,559 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcjt32.dll
[2008/04/13 17:12:02 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\newdev.dll
[2008/04/13 17:12:02 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netui1.dll
[2008/04/13 17:12:02 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\offfilt.dll
[2008/04/13 17:12:02 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsdba.dll
[2008/04/13 17:12:02 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2008/04/13 17:12:02 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbctrac.dll
[2008/04/13 17:12:02 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2008/04/13 17:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2008/04/13 17:12:02 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.dll
[2008/04/13 17:12:02 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oledlg.dll
[2008/04/13 17:12:02 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2008/04/13 17:12:02 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oleprn.dll
[2008/04/13 17:12:02 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.dll
[2008/04/13 17:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\polstore.dll
[2008/04/13 17:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2008/04/13 17:12:02 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nlhtml.dll
[2008/04/13 17:12:02 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntprint.dll
[2008/04/13 17:12:02 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netui0.dll
[2008/04/13 17:12:02 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli32.dll
[2008/04/13 17:12:02 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pautoenr.dll
[2008/04/13 17:12:02 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.dll
[2008/04/13 17:12:02 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ocmanage.dll
[2008/04/13 17:12:02 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccu32.dll
[2008/04/13 17:12:02 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccr32.dll
[2008/04/13 17:12:02 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nwapi32.dll
[2008/04/13 17:12:02 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\npptools.dll
[2008/04/13 17:12:02 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanman.dll
[2008/04/13 17:12:02 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsapi.dll
[2008/04/13 17:12:02 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfctrs.dll
[2008/04/13 17:12:02 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2008/04/13 17:12:02 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll
[2008/04/13 17:12:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfproc.dll
[2008/04/13 17:12:02 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2008/04/13 17:12:02 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfdisk.dll
[2008/04/13 17:12:02 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfos.dll
[2008/04/13 17:12:02 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcbcp.dll
[2008/04/13 17:12:02 | 000,020,511 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odtext32.dll
[2008/04/13 17:12:02 | 000,020,511 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oddbse32.dll
[2008/04/13 17:12:02 | 000,020,510 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odpdx32.dll
[2008/04/13 17:12:02 | 000,020,510 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odfox32.dll
[2008/04/13 17:12:02 | 000,020,510 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odexl32.dll
[2008/04/13 17:12:02 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfnet.dll
[2008/04/13 17:12:02 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32gt.dll
[2008/04/13 17:12:02 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pjlmon.dll
[2008/04/13 17:12:02 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdmd.dll
[2008/04/13 17:12:02 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlsapi.dll
[2008/04/13 17:12:01 | 001,737,856 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2008/04/13 17:12:01 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2.dll
[2008/04/13 17:12:01 | 000,622,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netcfgx.dll
[2008/04/13 17:12:01 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml.dll
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll
[2008/04/13 17:12:01 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2008/04/13 17:12:01 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netid.dll
[2008/04/13 17:12:01 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvfw32.dll
[2008/04/13 17:12:01 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msw3prt.dll
[2008/04/13 17:12:01 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcirt.dll
[2008/04/13 17:12:01 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ncobjapi.dll
[2008/04/13 17:12:01 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008/04/13 17:12:01 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008/04/13 17:12:01 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2008/04/13 17:12:01 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nddenb32.dll
[2008/04/13 17:12:01 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapi.dll
[2008/04/13 17:12:01 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netrap.dll
[2008/04/13 17:12:01 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008/04/13 17:12:00 | 001,384,479 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm60.dll
[2008/04/13 17:12:00 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008/04/13 17:12:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msutb.dll
[2008/04/13 17:12:00 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2008/04/13 17:12:00 | 000,151,583 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msjint40.dll
[2008/04/13 17:12:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msorcl32.dll
[2008/04/13 17:12:00 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2008/04/13 17:12:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstlsapi.dll
[2008/04/13 17:12:00 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008/04/13 17:12:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspatcha.dll
[2008/04/13 17:11:59 | 000,997,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msgina.dll
[2008/04/13 17:11:59 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2008/04/13 17:11:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msihnd.dll
[2008/04/13 17:11:59 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msimtf.dll
[2008/04/13 17:11:59 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdart.dll
[2008/04/13 17:11:59 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msident.dll
[2008/04/13 17:11:59 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msisip.dll
[2008/04/13 17:11:59 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msidle.dll
[2008/04/13 17:11:58 | 000,517,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsnap.dll
[2008/04/13 17:11:58 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqutil.dll
[2008/04/13 17:11:58 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtrig.dll
[2008/04/13 17:11:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2008/04/13 17:11:58 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msacm32.dll
[2008/04/13 17:11:58 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2008/04/13 17:11:58 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqupgrd.dll
[2008/04/13 17:11:58 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpxl32.dll
[2008/04/13 17:11:57 | 001,872,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcndmgr.dll
[2008/04/13 17:11:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqqm.dll
[2008/04/13 17:11:57 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mlang.dll
[2008/04/13 17:11:57 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2008/04/13 17:11:57 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqoa.dll
[2008/04/13 17:11:57 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll

#10 thatcher

thatcher
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 21 May 2011 - 05:02 PM

http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2255207


OTL part 3

[2008/04/13 17:11:57 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2008/04/13 17:11:57 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqrt.dll
[2008/04/13 17:11:57 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcbase.dll
[2008/04/13 17:11:57 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\modemui.dll
[2008/04/13 17:11:57 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqad.dll
[2008/04/13 17:11:57 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqrtdep.dll
[2008/04/13 17:11:57 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2008/04/13 17:11:57 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsec.dll
[2008/04/13 17:11:57 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqlogmgr.dll
[2008/04/13 17:11:57 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mprapi.dll
[2008/04/13 17:11:57 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\miglibnt.dll
[2008/04/13 17:11:57 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqdscli.dll
[2008/04/13 17:11:57 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2008/04/13 17:11:57 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mimefilt.dll
[2008/04/13 17:11:57 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008/04/13 17:11:57 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqise.dll
[2008/04/13 17:11:56 | 000,221,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\localsec.dll
[2008/04/13 17:11:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\keymgr.dll
[2008/04/13 17:11:56 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mdminst.dll
[2008/04/13 17:11:56 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\loadperf.dll
[2008/04/13 17:11:56 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi32.dll
[2008/04/13 17:11:56 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008/04/13 17:11:56 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mf3216.dll
[2008/04/13 17:11:56 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2008/04/13 17:11:56 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.dll
[2008/04/13 17:11:56 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.dll
[2008/04/13 17:11:56 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcsubs.dll
[2008/04/13 17:11:56 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mgmtapi.dll
[2008/04/13 17:11:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mcastmib.dll
[2008/04/13 17:11:56 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\localui.dll
[2008/04/13 17:11:56 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lprhelp.dll
[2008/04/13 17:11:56 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/04/13 17:11:55 | 000,755,200 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ir50_32.dll
[2008/04/13 17:11:55 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsmsnap.dll
[2008/04/13 17:11:55 | 000,349,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsecsnp.dll
[2008/04/13 17:11:55 | 000,338,432 | ---- | M] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2008/04/13 17:11:55 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ippromon.dll
[2008/04/13 17:11:55 | 000,200,192 | ---- | M] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qc.dll
[2008/04/13 17:11:55 | 000,183,808 | ---- | M] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qcx.dll
[2008/04/13 17:11:55 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtrmgr.dll
[2008/04/13 17:11:55 | 000,163,840 | ---- | M] (America Online) -- C:\WINDOWS\System32\jgdw400.dll
[2008/04/13 17:11:55 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipmontr.dll
[2008/04/13 17:11:55 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\itircl.dll
[2008/04/13 17:11:55 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\initpki.dll
[2008/04/13 17:11:55 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\input.dll
[2008/04/13 17:11:55 | 000,120,320 | ---- | M] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2008/04/13 17:11:55 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iphlpapi.dll
[2008/04/13 17:11:55 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetpp.dll
[2008/04/13 17:11:55 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6mon.dll
[2008/04/13 17:11:55 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ixsso.dll
[2008/04/13 17:11:55 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetmib1.dll
[2008/04/13 17:11:55 | 000,032,768 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2008/04/13 17:11:55 | 000,027,648 | ---- | M] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgpl400.dll
[2008/04/13 17:11:55 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxwan.dll
[2008/04/13 17:11:55 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetppui.dll
[2008/04/13 17:11:54 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\h323msp.dll
[2008/04/13 17:11:54 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll
[2008/04/13 17:11:54 | 000,400,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll
[2008/04/13 17:11:54 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll
[2008/04/13 17:11:54 | 000,347,136 | ---- | M] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2008/04/13 17:11:54 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetcfg.dll
[2008/04/13 17:11:54 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetwiz.dll
[2008/04/13 17:11:54 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll
[2008/04/13 17:11:54 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/04/13 17:11:54 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icm32.dll
[2008/04/13 17:11:54 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll
[2008/04/13 17:11:54 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gptext.dll
[2008/04/13 17:11:54 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll
[2008/04/13 17:11:54 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll
[2008/04/13 17:11:54 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hotplug.dll
[2008/04/13 17:11:54 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ifmon.dll
[2008/04/13 17:11:54 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\glu32.dll
[2008/04/13 17:11:54 | 000,120,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\idq.dll
[2008/04/13 17:11:54 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iasrad.dll
[2008/04/13 17:11:54 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2008/04/13 17:11:54 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/04/13 17:11:54 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hlink.dll
[2008/04/13 17:11:54 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll
[2008/04/13 17:11:54 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/04/13 17:11:54 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll
[2008/04/13 17:11:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\htui.dll
[2008/04/13 17:11:54 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hhsetup.dll
[2008/04/13 17:11:54 | 000,036,921 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\imeshare.dll
[2008/04/13 17:11:54 | 000,032,285 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2008/04/13 17:11:54 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll
[2008/04/13 17:11:54 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll
[2008/04/13 17:11:54 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll
[2008/04/13 17:11:54 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2008/04/13 17:11:54 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hid.dll
[2008/04/13 17:11:54 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008/04/13 17:11:54 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll
[2008/04/13 17:11:54 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\igmpagnt.dll
[2008/04/13 17:11:54 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2008/04/13 17:11:53 | 001,082,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll
[2008/04/13 17:11:53 | 000,451,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll
[2008/04/13 17:11:53 | 000,380,445 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\expsrv.dll
[2008/04/13 17:11:53 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\filemgmt.dll
[2008/04/13 17:11:53 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\els.dll
[2008/04/13 17:11:53 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\exts.dll
[2008/04/13 17:11:53 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fde.dll
[2008/04/13 17:11:53 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fldrclnr.dll
[2008/04/13 17:11:53 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\faultrep.dll
[2008/04/13 17:11:53 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fdeploy.dll
[2008/04/13 17:11:53 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventlog.dll
[2008/04/13 17:11:53 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\feclient.dll
[2008/04/13 17:11:53 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2008/04/13 17:11:52 | 002,113,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2008/04/13 17:11:52 | 001,293,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2008/04/13 17:11:52 | 001,227,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2008/04/13 17:11:52 | 000,650,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2008/04/13 17:11:52 | 000,619,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2008/04/13 17:11:52 | 000,498,742 | ---- | M] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2008/04/13 17:11:52 | 000,379,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpmon.dll
[2008/04/13 17:11:52 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2008/04/13 17:11:52 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2008/04/13 17:11:52 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\duser.dll
[2008/04/13 17:11:52 | 000,285,184 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdlgs.dll
[2008/04/13 17:11:52 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2008/04/13 17:11:52 | 000,212,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2008/04/13 17:11:52 | 000,200,704 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdskmgr.dll
[2008/04/13 17:11:52 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2008/04/13 17:11:52 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2008/04/13 17:11:52 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2008/04/13 17:11:52 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2008/04/13 17:11:52 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2008/04/13 17:11:52 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2008/04/13 17:11:52 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprop.dll
[2008/04/13 17:11:52 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2008/04/13 17:11:52 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2008/04/13 17:11:52 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2008/04/13 17:11:52 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2008/04/13 17:11:52 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2008/04/13 17:11:52 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpcdll.dll
[2008/04/13 17:11:52 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2008/04/13 17:11:52 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dskquota.dll
[2008/04/13 17:11:52 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2008/04/13 17:11:52 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2008/04/13 17:11:52 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2008/04/13 17:11:52 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2008/04/13 17:11:52 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2008/04/13 17:11:52 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2008/04/13 17:11:52 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2008/04/13 17:11:52 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2008/04/13 17:11:52 | 000,052,224 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmutil.dll
[2008/04/13 17:11:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2008/04/13 17:11:52 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2008/04/13 17:11:52 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2008/04/13 17:11:52 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2008/04/13 17:11:52 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2008/04/13 17:11:52 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2008/04/13 17:11:52 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dispex.dll
[2008/04/13 17:11:52 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2008/04/13 17:11:52 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2008/04/13 17:11:52 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\efsadu.dll
[2008/04/13 17:11:52 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2008/04/13 17:11:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2008/04/13 17:11:52 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2008/04/13 17:11:52 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2008/04/13 17:11:52 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ds32gt.dll
[2008/04/13 17:11:52 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drprov.dll
[2008/04/13 17:11:52 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2008/04/13 17:11:51 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2008/04/13 17:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008/04/13 17:11:51 | 001,179,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2008/04/13 17:11:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll
[2008/04/13 17:11:51 | 000,824,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2008/04/13 17:11:51 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dbghelp.dll
[2008/04/13 17:11:51 | 000,539,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008/04/13 17:11:51 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\confmsp.dll
[2008/04/13 17:11:51 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\devmgr.dll
[2008/04/13 17:11:51 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2008/04/13 17:11:51 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\compstui.dll
[2008/04/13 17:11:51 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008/04/13 17:11:51 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\datime.dll
[2008/04/13 17:11:51 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\credui.dll
[2008/04/13 17:11:51 | 000,124,416 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgui.dll
[2008/04/13 17:11:51 | 000,111,104 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\dgnet.dll
[2008/04/13 17:11:51 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnetlib.dll
[2008/04/13 17:11:51 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008/04/13 17:11:51 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdlg.dll
[2008/04/13 17:11:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008/04/13 17:11:51 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dataclen.dll
[2008/04/13 17:11:51 | 000,039,424 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgsnap.dll
[2008/04/13 17:11:51 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdll.dll
[2008/04/13 17:11:51 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnmpntw.dll
[2008/04/13 17:11:51 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008/04/13 17:11:51 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2008/04/13 17:11:51 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\davclnt.dll
[2008/04/13 17:11:51 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsrpcn.dll
[2008/04/13 17:11:51 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dciman32.dll
[2008/04/13 17:11:51 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2008/04/13 17:11:50 | 002,091,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdosys.dll
[2008/04/13 17:11:50 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008/04/13 17:11:50 | 000,457,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\certmgr.dll
[2008/04/13 17:11:50 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdial32.dll
[2008/04/13 17:11:50 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2008/04/13 17:11:50 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008/04/13 17:11:50 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\certcli.dll
[2008/04/13 17:11:50 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008/04/13 17:11:50 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\capesnpn.dll
[2008/04/13 17:11:50 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cic.dll
[2008/04/13 17:11:50 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008/04/13 17:11:50 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008/04/13 17:11:50 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browsewm.dll
[2008/04/13 17:11:50 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.dll
[2008/04/13 17:11:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ciodm.dll
[2008/04/13 17:11:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cabinet.dll
[2008/04/13 17:11:50 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clusapi.dll
[2008/04/13 17:11:50 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\basesrv.dll
[2008/04/13 17:11:50 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\camocx.dll
[2008/04/13 17:11:50 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2008/04/13 17:11:50 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cnbjmon.dll
[2008/04/13 17:11:50 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmutil.dll
[2008/04/13 17:11:50 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008/04/13 17:11:50 | 000,032,768 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2008/04/13 17:11:50 | 000,030,208 | ---- | M] (Adobe Systems) -- C:\WINDOWS\System32\atmlib.dll
[2008/04/13 17:11:50 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\batmeter.dll
[2008/04/13 17:11:50 | 000,025,471 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2008/04/13 17:11:50 | 000,021,183 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2008/04/13 17:11:50 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2008/04/13 17:11:50 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bidispl.dll
[2008/04/13 17:11:50 | 000,017,279 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2008/04/13 17:11:50 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmcfg32.dll
[2008/04/13 17:11:50 | 000,015,423 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2008/04/13 17:11:50 | 000,014,143 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2008/04/13 17:11:50 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2008/04/13 17:11:50 | 000,011,359 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2008/04/13 17:11:50 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2008/04/13 17:11:50 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008/04/13 17:11:50 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2008/04/13 17:11:50 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008/04/13 17:11:49 | 000,870,784 | ---- | M] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2008/04/13 17:11:49 | 000,377,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2008/04/13 17:11:49 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\appmgr.dll
[2008/04/13 17:11:48 | 000,263,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnt.dll
[2008/04/13 17:11:48 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\activeds.dll
[2008/04/13 17:11:48 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldp.dll
[2008/04/13 17:11:48 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldpc.dll
[2008/04/13 17:11:48 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2008/04/13 17:11:48 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnw.dll
[2008/04/13 17:11:48 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\aclui.dll
[2008/04/13 17:11:48 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\adsmsext.dll
[2008/04/13 17:11:48 | 000,004,255 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2008/04/13 17:11:48 | 000,003,967 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2008/04/13 17:11:48 | 000,003,775 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2008/04/13 17:11:48 | 000,003,711 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2008/04/13 17:11:48 | 000,003,647 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2008/04/13 17:11:48 | 000,003,615 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2008/04/13 17:11:48 | 000,003,135 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2008/04/13 17:11:19 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.ocx
[2008/04/13 17:11:11 | 000,756,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winntbbu.dll
[2008/04/13 17:11:09 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pidgen.dll
[2008/04/13 17:10:56 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sysmon.ocx
[2008/04/13 17:10:50 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\sl_anet.acm
[2008/04/13 17:10:35 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\proctexe.ocx
[2008/04/13 17:10:31 | 000,053,279 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcji32.dll
[2008/04/13 17:10:08 | 000,844,314 | ---- | M] () -- C:\WINDOWS\System32\msdxm.ocx
[2008/04/13 17:10:06 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msafd.dll
[2008/04/13 17:09:55 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2008/04/13 17:09:55 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2008/04/13 17:09:55 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2008/04/13 17:09:55 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2008/04/13 17:09:55 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec.dll
[2008/04/13 17:09:55 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2008/04/13 17:09:55 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2008/04/13 17:09:55 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2008/04/13 17:09:55 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2008/04/13 17:09:55 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2008/04/13 17:09:55 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2008/04/13 17:09:55 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2008/04/13 17:09:55 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2008/04/13 17:09:55 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2008/04/13 17:09:55 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2008/04/13 17:09:55 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2008/04/13 17:09:40 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icmp.dll
[2008/04/13 17:09:36 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hhctrl.ocx
[2008/04/13 17:09:35 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpedit.dll
[2008/04/13 17:09:33 | 000,009,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\framebuf.dll
[2008/04/13 17:09:33 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll
[2008/04/13 17:09:20 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2008/04/13 17:09:19 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2008/04/13 17:09:14 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\daxctle.ocx
[2008/04/13 17:08:58 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asctrls.ocx
[2008/04/13 12:19:41 | 000,146,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/04/13 12:16:36 | 000,141,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2008/04/13 12:16:22 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys
[2008/04/13 12:00:05 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys
[2008/04/13 11:56:49 | 000,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2008/04/13 11:56:49 | 000,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys
[2008/04/13 11:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2008/04/13 11:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2008/04/13 11:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys
[2008/04/13 11:51:30 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys
[2008/04/13 11:46:31 | 000,036,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2008/04/13 11:46:07 | 000,025,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys
[2008/04/13 11:45:43 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys
[2008/04/13 11:45:41 | 000,025,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys
[2008/04/13 11:45:40 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys
[2008/04/13 11:45:36 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2008/04/13 11:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2008/04/13 11:45:26 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2008/04/13 11:45:22 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys
[2008/04/13 11:45:15 | 000,049,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2008/04/13 11:45:14 | 000,060,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2008/04/13 11:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\watchdog.sys
[2008/04/13 11:44:40 | 000,081,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys
[2008/04/13 11:43:55 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2008/04/13 11:43:32 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2008/04/13 11:43:31 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2008/04/13 11:40:50 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys
[2008/04/13 11:40:44 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys
[2008/04/13 11:40:30 | 000,096,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys
[2008/04/13 11:40:29 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2008/04/13 11:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.sys
[2008/04/13 11:38:29 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2008/04/13 11:36:41 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys
[2008/04/13 11:36:34 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2008/04/13 11:31:35 | 000,007,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kd1394.dll
[2008/04/13 11:31:32 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys
[2008/04/13 11:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\HAL.DLL
[2008/04/13 11:30:46 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt40.dll
[2008/04/13 11:14:58 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2008/04/13 10:39:29 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2008/04/13 10:39:26 | 000,689,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2008/04/13 10:39:22 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2008/04/13 10:37:57 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dssenh.dll
[2008/04/13 10:27:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2008/04/13 10:27:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2008/04/13 10:26:27 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.rll
[2008/04/13 10:26:18 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.rll
[2008/04/13 10:26:09 | 000,004,310 | ---- | M] () -- C:\WINDOWS\System32\odbcconf.rsp
[2008/04/13 10:26:07 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpx32r.dll
[2008/04/13 10:26:05 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcint.dll
[2008/04/13 10:26:05 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcp32r.dll
[2008/04/13 10:24:16 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\simpdata.tlb
[2008/04/13 10:24:14 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msorc32r.dll
[2008/04/13 10:24:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatsrc.tlb
[2008/04/13 10:09:30 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2008/04/13 10:03:24 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browselc.dll
[2008/04/13 10:03:19 | 000,549,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shdoclc.dll
[2008/04/13 09:48:53 | 001,647,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2008/04/13 09:45:30 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\moricons.dll
[2008/04/13 09:23:31 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msprivs.dll
[2008/04/13 09:22:12 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/04/13 08:42:06 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole2.tlb
[2008/04/13 08:39:43 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msimsg.dll
[2008/03/24 21:50:58 | 000,621,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswstr10.dll
[2008/03/24 21:50:58 | 000,621,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswstr10.dll
[2008/03/24 21:50:58 | 000,355,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxbde40.dll
[2008/03/24 21:50:58 | 000,355,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxbde40.dll
[2008/03/24 21:50:57 | 000,838,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswdat10.dll
[2008/03/24 21:50:57 | 000,838,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswdat10.dll
[2008/03/24 21:50:55 | 000,264,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstext40.dll
[2008/03/24 21:50:55 | 000,264,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstext40.dll
[2008/03/24 21:50:52 | 000,559,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrepl40.dll
[2008/03/24 21:50:52 | 000,559,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrepl40.dll
[2008/03/24 21:50:49 | 000,322,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd3x40.dll
[2008/03/24 21:50:49 | 000,322,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd3x40.dll
[2008/03/24 21:50:47 | 000,432,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd2x40.dll
[2008/03/24 21:50:47 | 000,432,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd2x40.dll
[2008/03/24 21:50:45 | 000,355,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspbde40.dll
[2008/03/24 21:50:45 | 000,355,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspbde40.dll
[2008/03/24 21:50:44 | 000,219,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msltus40.dll
[2008/03/24 21:50:44 | 000,219,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msltus40.dll
[2008/03/24 21:50:42 | 000,248,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msjtes40.dll
[2008/03/24 21:50:42 | 000,248,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjtes40.dll
[2008/03/24 21:50:42 | 000,060,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msjter40.dll
[2008/03/24 21:50:42 | 000,060,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjter40.dll
[2008/03/24 21:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msjetol1.dll
[2008/03/24 21:50:34 | 001,516,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msjet40.dll
[2008/03/24 21:50:34 | 001,516,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjet40.dll
[2008/03/24 21:50:30 | 000,326,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msexcl40.dll
[2008/03/24 21:50:30 | 000,326,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexcl40.dll
[2008/03/24 21:50:28 | 000,518,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msexch40.dll
[2008/03/24 21:50:28 | 000,518,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexch40.dll
[2008/03/24 21:50:25 | 000,554,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/03/16 14:08:26 | 000,001,807 | ---- | M] () -- C:\WINDOWS\mozver.dat
[2008/03/16 10:21:53 | 000,000,147 | ---- | M] () -- C:\WINDOWS\brpcfx.ini
[2008/03/06 08:21:01 | 000,000,040 | ---- | M] () -- C:\WINDOWS\opt_2460.ini
[2008/02/29 21:06:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2008/02/18 19:15:52 | 000,000,959 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Pirates of the Caribbean Online.lnk
[2008/02/18 19:08:28 | 001,506,795 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\PotC-setup.exe
[2008/02/04 19:23:10 | 000,693,792 | ---- | M] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/12/23 21:06:48 | 000,089,424 | ---- | M] () -- C:\VETlog.dmp
[2007/12/16 10:56:03 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2007/12/15 19:13:29 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Shortcut to Internet Explorer.lnk
[2007/12/15 14:28:57 | 000,001,026 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MA101 Configuration Utility .lnk
[2007/12/01 02:00:17 | 000,001,478 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2007/12/01 02:00:16 | 000,001,394 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Media Center.lnk
[2007/11/30 22:01:34 | 000,001,058 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Fotomat.lnk
[2007/10/27 18:40:30 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmasf.dll
[2007/10/27 18:40:30 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2007/10/11 18:31:00 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2007/10/11 18:31:00 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Windows Media Player.lnk
[2007/09/19 14:35:00 | 000,061,440 | ---- | M] (Monotype Imaging Inc.) -- C:\WINDOWS\System32\KMP4MON.DLL
[2007/09/02 20:00:41 | 000,001,353 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/13 19:54:10 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2007/08/13 19:54:10 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msls31.dll
[2007/08/13 19:54:10 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[2007/08/13 19:54:10 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2007/08/13 19:45:16 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2007/08/13 19:44:18 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2007/08/13 19:44:18 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2007/08/13 19:44:02 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2007/08/13 19:39:20 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[2007/08/13 19:39:20 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\admparse.dll
[2007/08/13 19:39:12 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[2007/08/13 19:39:12 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[2007/08/13 19:39:02 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[2007/08/13 19:39:02 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2007/08/13 19:36:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2007/08/13 19:36:06 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\imgutil.dll
[2007/08/13 19:36:06 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[2007/08/13 19:32:30 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2007/08/13 19:32:16 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2007/08/13 19:18:02 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2007/08/13 19:06:32 | 000,056,700 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2007/08/13 19:01:12 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
[2007/08/13 19:01:12 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[2007/08/13 18:50:08 | 001,383,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2007/08/13 18:50:08 | 001,383,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[2007/07/12 16:31:54 | 000,765,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2007/07/07 05:19:34 | 000,045,056 | ---- | M] () -- C:\WINDOWS\ssunstl.exe
[2007/07/07 05:18:47 | 001,411,072 | ---- | M] () -- C:\WINDOWS\blink-182 - mark.scr
[2007/06/20 22:52:36 | 000,000,974 | ---- | M] () -- C:\WINDOWS\System32\pid.inf
[2007/06/06 11:53:34 | 001,195,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\FM20.DLL
[2007/05/18 14:48:22 | 000,238,208 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\rtl8187B.sys
[2007/05/11 15:40:04 | 000,591,400 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Mom and Dad\Desktop\DMSetup.exe
[2007/04/24 09:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s125mdm.sys
[2007/04/24 09:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s125mdfl.sys
[2007/04/24 09:33:38 | 000,012,424 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s125cmnt.sys
[2007/04/24 09:33:38 | 000,012,424 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s125cm.sys
[2007/04/20 07:59:58 | 000,000,029 | ---- | M] () -- C:\WINDOWS\atid.ini
[2007/04/16 20:31:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2007/04/16 20:31:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2007/03/22 20:17:04 | 000,035,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\FM20ENU.DLL
[2007/03/06 23:03:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) -- C:\WINDOWS\System32\drivers\dsunidrv.sys
[2007/02/17 15:19:44 | 000,001,589 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smilebox.lnk
[2007/02/16 18:15:34 | 000,001,675 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Disc2Phone.lnk
[2007/02/12 20:04:22 | 000,073,850 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\FW.zip
[2007/01/08 11:41:32 | 000,003,078 | ---- | M] () -- C:\WINDOWS\System32\drivers\EAPPkt.inf
[2007/01/01 19:22:20 | 000,001,789 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2006/12/30 18:26:44 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpkrsrc.dll
[2006/12/18 19:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) -- C:\WINDOWS\System32\drivers\packet.sys
[2006/12/04 16:21:50 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscp.dll
[2006/11/29 18:52:11 | 000,001,912 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play NCAA Championship Run 2006.lnk
[2006/11/16 09:44:29 | 000,103,984 | ---- | M] (AOL LLC) -- C:\WINDOWS\System32\AOLDial.dll
[2006/11/16 09:44:22 | 000,033,592 | ---- | M] (America Online) -- C:\WINDOWS\System32\drivers\atwpkt264.sys
[2006/11/16 09:44:08 | 000,025,136 | ---- | M] (America Online) -- C:\WINDOWS\System32\drivers\atwpkt2.sys
[2006/11/06 16:08:09 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Push Client.LNK
[2006/10/18 22:58:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uwdf.exe
[2006/10/18 22:47:22 | 001,574,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVENCOD.dll
[2006/10/18 22:47:22 | 001,543,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVDECOD.dll
[2006/10/18 22:47:22 | 001,382,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVSDECD.dll
[2006/10/18 22:47:22 | 001,329,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMSPDMOE.dll
[2006/10/18 22:47:22 | 000,767,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVSENCD.dll
[2006/10/18 22:47:22 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\UMDF\wpdmtpdr.dll
[2006/10/18 22:47:22 | 000,656,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVXENCD.dll
[2006/10/18 22:47:22 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpd_ci.dll
[2006/10/18 22:47:22 | 000,356,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdsp.dll
[2006/10/18 22:47:22 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdmtp.dll
[2006/10/18 22:47:22 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdmtpus.dll
[2006/10/18 22:47:22 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdconns.dll
[2006/10/18 22:47:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2006/10/18 22:47:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmod.dll
[2006/10/18 22:47:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVADVE.DLL
[2006/10/18 22:47:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVADVD.dll
[2006/10/18 22:47:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2006/10/18 22:47:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmod.dll
[2006/10/18 22:47:20 | 008,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmploc.dll
[2006/10/18 22:47:20 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpencen.dll
[2006/10/18 22:47:20 | 000,613,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpmde.dll
[2006/10/18 22:47:20 | 000,535,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdrmsdk.dll
[2006/10/18 22:47:20 | 000,348,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdrmnet.dll
[2006/10/18 22:47:20 | 000,242,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2006/10/18 22:47:20 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2006/10/18 22:47:20 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpsrcwp.dll
[2006/10/18 22:47:20 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2006/10/18 22:47:20 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpps.dll
[2006/10/18 22:47:18 | 001,117,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMADMOE.dll
[2006/10/18 22:47:18 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMADMOD.dll
[2006/10/18 22:47:18 | 000,429,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdrmdev.dll
[2006/10/18 22:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceApi.dll
[2006/10/18 22:47:18 | 000,211,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2006/10/18 22:47:18 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceWMDRM.dll
[2006/10/18 22:47:18 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceTypes.dll
[2006/10/18 22:47:18 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceWiaCompat.dll
[2006/10/18 22:47:18 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PortableDeviceClassExtension.dll
[2006/10/18 22:47:18 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdmps.dll
[2006/10/18 22:47:18 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdmlog.dll
[2006/10/18 22:47:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfapi.dll
[2006/10/18 22:47:16 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswmdm.dll
[2006/10/18 22:47:16 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msnetobj.dll
[2006/10/18 22:47:16 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspmsp.dll
[2006/10/18 22:47:14 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MPG4DECD.dll
[2006/10/18 22:47:14 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MP43DECD.dll
[2006/10/18 22:47:14 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFPLAT.dll
[2006/10/18 22:47:14 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\LAPRXY.dll
[2006/10/18 22:47:14 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MPG4DMOD.dll
[2006/10/18 22:47:14 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MP4SDMOD.dll
[2006/10/18 22:47:14 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MP43DMOD.dll
[2006/10/18 22:47:10 | 000,991,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drmv2clt.dll
[2006/10/18 22:47:10 | 000,542,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\blackbox.dll
[2006/10/18 22:47:10 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cewmdm.dll
[2006/10/18 22:47:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asferror.dll
[2006/10/18 21:47:22 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdshextres.dll
[2006/10/18 21:05:16 | 000,232,448 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecp.acm
[2006/10/18 21:00:46 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drmupgds.exe
[2006/10/18 21:00:14 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdshextautoplay.exe
[2006/10/09 17:19:14 | 003,223,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehshell.exe
[2006/10/09 17:17:04 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehglid.dll
[2006/10/09 17:16:30 | 000,558,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehui.dll
[2006/10/09 17:16:00 | 001,863,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehcm.dll
[2006/10/09 17:15:52 | 001,669,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2006/10/09 17:12:30 | 000,224,256 | ---- | M] () -- C:\WINDOWS\System32\psisrndr.ax
[2006/10/09 17:12:30 | 000,224,256 | ---- | M] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2006/10/09 17:12:14 | 000,235,008 | ---- | M] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/10/09 17:12:14 | 000,235,008 | ---- | M] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2006/10/09 17:07:44 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepg.dll
[2006/10/04 19:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2006/10/04 19:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2006/10/04 17:07:44 | 000,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2006/10/02 16:28:42 | 000,312,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdelta.dll
[2006/10/01 16:57:38 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2006/09/28 21:13:26 | 000,095,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WUDFCoinstaller.dll
[2006/09/28 19:56:38 | 000,316,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WUDFx.dll
[2006/09/28 19:56:16 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WudfPlatform.dll
[2006/09/27 14:53:23 | 000,379,640 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\PxWave.dll
[2006/09/27 14:53:23 | 000,039,672 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2006/09/27 14:53:22 | 000,514,808 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Px.dll
[2006/09/27 14:53:22 | 000,477,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2006/09/27 14:53:22 | 000,183,032 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\PxMas.dll
[2006/09/27 14:53:22 | 000,068,344 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2006/09/23 14:12:50 | 001,497,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2006/09/23 14:12:50 | 001,022,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2006/09/23 14:12:38 | 000,074,715 | ---- | M] () -- C:\WINDOWS\System32\IE7Eula.rtf
[2006/09/06 18:20:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Biport
[2006/09/04 19:46:53 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dell Printer Supplies - Inkjet.lnk
[2006/09/04 19:44:44 | 000,001,353 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2006/09/03 12:09:48 | 000,000,193 | ---- | M] () -- C:\WINDOWS\KA.INI
[2006/09/03 11:42:23 | 000,002,759 | ---- | M] () -- C:\WINDOWS\SportballChallenge.ini
[2006/09/02 16:23:25 | 000,000,016 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2006/09/01 09:44:04 | 000,008,798 | ---- | M] () -- C:\WINDOWS\System32\icrav03.rat
[2006/09/01 09:44:04 | 000,001,988 | ---- | M] () -- C:\WINDOWS\System32\ticrf.rat
[2006/09/01 03:04:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2006/08/30 20:05:22 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\PartyPoker.net.lnk
[2006/08/30 20:05:22 | 000,001,717 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\PartyPoker.net.lnk
[2006/08/30 18:56:07 | 000,000,052 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2006/08/29 19:42:05 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2006/08/27 21:27:56 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\fusioncache.dat
[2006/08/27 19:39:31 | 000,000,448 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2006/08/27 19:29:25 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2006/08/24 16:15:06 | 000,150,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rgb9rast_2.dll
[2006/08/21 05:43:01 | 000,000,061 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2006/08/21 05:42:58 | 000,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf
[2006/08/21 05:41:07 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Internet Service Offers.lnk
[2006/08/21 05:41:00 | 000,001,965 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Games, Music, & Photos.lnk
[2006/08/21 05:40:53 | 000,001,958 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Documentation & Support.lnk
[2006/08/21 05:31:29 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Musicmatch Jukebox.lnk
[2006/08/21 05:30:30 | 000,002,007 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Play Games.lnk
[2006/08/21 05:29:55 | 000,002,764 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.PNF
[2006/08/21 05:29:46 | 000,001,655 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AOL Free 6 Months.lnk
[2006/08/21 05:29:37 | 000,001,066 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2006/08/21 05:28:53 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini
[2006/08/21 05:28:41 | 000,000,669 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\America Online 9.0.lnk
[2006/08/21 05:28:29 | 000,157,696 | ---- | M] (RealNetworks) -- C:\WINDOWS\System32\rmoc3260.dll
[2006/08/21 05:28:28 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys
[2006/08/21 05:28:25 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2006/08/21 05:28:25 | 000,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\prefscpl.cpl
[2006/08/21 05:28:25 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2006/08/21 05:28:25 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2006/08/21 05:27:38 | 000,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2006/08/21 05:25:56 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
[2006/08/21 05:06:38 | 000,006,694 | RH-- | M] () -- C:\dell.sdr
[2006/08/21 05:01:16 | 000,000,392 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/08/21 05:01:14 | 000,006,694 | ---- | M] () -- C:\WINDOWS\System32\drivers\1028_Dell_DIM_DM051.mrk
[2006/06/29 09:05:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\idndl.dll
[2006/06/28 18:59:26 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nlsdl.dll
[2006/05/29 08:32:10 | 001,496,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shdocvw.bak
[2006/05/03 15:31:56 | 001,019,904 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\cmdvdpak.cpl
[2006/04/06 00:08:26 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2006/04/06 00:07:48 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2006/04/06 00:07:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2006/04/05 22:56:58 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
[2006/04/05 22:16:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2006/04/04 05:18:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/03/31 00:23:59 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2006/03/20 20:23:12 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\kb913800.exe
[2006/03/16 09:43:55 | 000,000,083 | ---- | M] () -- C:\WINDOWS\brmx2001.ini
[2006/03/13 07:50:20 | 000,005,840 | R--- | M] (MCCI) -- C:\WINDOWS\System32\drivers\w300whnt.sys
[2006/03/13 07:50:20 | 000,005,840 | R--- | M] (MCCI) -- C:\WINDOWS\System32\drivers\w300wh.sys
[2006/03/13 07:50:08 | 000,085,696 | R--- | M] (MCCI) -- C:\WINDOWS\System32\drivers\w300obex.sys
[2006/03/13 07:49:56 | 000,006,208 | R--- | M] (MCCI) -- C:\WINDOWS\System32\drivers\w300cmnt.sys
[2006/03/13 07:49:56 | 000,006,208 | R--- | M] (MCCI) -- C:\WINDOWS\System32\drivers\w300cm.sys
[2006/03/13 07:49:54 | 000,060,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\drivers\w300bus.sys
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Mom and Dad\*.tmp files -> C:\Documents and Settings\Mom and Dad\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/14 16:44:11 | 000,015,490 | -HS- | C] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\yi14w8p50v3v54040mxn87220nq
[2011/05/14 16:44:11 | 000,015,490 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\yi14w8p50v3v54040mxn87220nq
[2011/05/14 16:43:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\2gweorjqjutp92vjy9gake
[2011/05/14 16:43:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/14 09:31:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\defogger_reenable
[2011/05/13 18:15:43 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Spybot - Search & Destroy.lnk
[2011/05/08 16:37:53 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/02 17:57:23 | 000,000,123 | ---- | C] () -- C:\WINDOWS\System32\1649518602
[2011/04/09 18:41:31 | 003,005,440 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\TvantsSetup[1].exe
[2011/04/08 17:54:44 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\VLC.lnk
[2011/02/17 14:25:02 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/01/04 12:04:22 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/01/03 18:59:13 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/22 17:21:53 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/19 15:58:43 | 000,189,203 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\KMBS_UHC_FSA_Claim_Form.pdf
[2010/10/25 20:07:28 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\GoToAssistDownloadHelper.exe
[2010/10/12 11:05:26 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/08/11 13:02:12 | 000,000,416 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2010/06/15 00:15:56 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Prism Video Converter.lnk
[2010/06/15 00:15:31 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Switch Sound File Converter.lnk
[2010/06/15 00:13:27 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Clip Extractor.lnk
[2010/05/29 11:02:23 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\StreamTorrent 1.0.lnk
[2010/05/29 10:59:38 | 000,000,681 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Flash Player.lnk
[2010/04/09 13:08:43 | 000,063,756 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/22 15:05:50 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
[2010/03/16 09:50:22 | 000,000,066 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\XSitePro2.cfg
[2010/03/16 09:25:03 | 001,058,697 | ---- | C] () -- C:\WINDOWS\XSitePro2 Uninstaller.exe
[2010/03/15 19:27:16 | 000,001,605 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2010/02/24 18:23:20 | 000,061,236 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\aaron.php
[2010/02/21 10:03:52 | 005,370,411 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\3-4-600_series_Colman_2003.pdf
[2010/02/21 09:57:48 | 002,627,518 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\coleman_2004_en.pdf
[2010/02/19 22:24:02 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/01/05 21:01:44 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/05 21:01:44 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/30 14:15:01 | 000,001,962 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dell Support Center.lnk
[2009/12/30 13:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\null
[2009/12/15 22:50:26 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/12/15 22:30:19 | 000,001,536 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2009/12/15 22:28:45 | 000,001,578 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\LimeWire 5.3.6.lnk
[2009/11/13 15:42:14 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/10/25 14:25:44 | 000,217,930 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\Car Blutooth Surface_Sound_Compact_Manual_English.pdf
[2009/10/13 06:24:24 | 000,000,878 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Shortcut to P90X.lnk
[2009/10/03 10:06:43 | 000,002,321 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 7.0.lnk
[2009/10/03 10:06:43 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2009/10/03 10:06:43 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[2009/09/04 10:58:38 | 033,613,523 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\090902MZWatsonaudio.wma
[2009/08/22 09:52:48 | 005,420,941 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\SopCast-3.2.4.zip
[2009/07/15 19:00:44 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PokerStars.net.lnk
[2009/07/12 20:13:35 | 002,982,334 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\JVC VIDEO CAMERA.pdf
[2009/07/08 21:29:35 | 000,165,144 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\7-7-09-housing-crisis-report.pdf
[2009/06/18 00:13:31 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd
[2009/06/18 00:08:03 | 000,001,966 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MLBDugoutHeroes.lnk
[2009/05/16 11:18:07 | 000,740,963 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\san fran beach 061(2).jpg
[2009/05/16 11:14:49 | 000,740,963 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\san fran beach 061.jpg
[2009/05/02 09:07:28 | 000,004,752 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Taps.gif
[2009/04/19 10:37:42 | 003,006,976 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\TvantsSetup(2).exe
[2009/03/24 23:01:37 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/03/15 11:38:16 | 000,284,437 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\TheBible-2.htm
[2009/02/24 00:06:25 | 000,035,910 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\bailey doza and fanning and cardoso.jpg
[2009/01/31 19:48:00 | 000,039,651 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\super-bowl-squares.pdf
[2009/01/16 09:34:15 | 000,004,879 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\Absolute magnitude amount of light a star actually gives.wpd
[2009/01/15 19:20:32 | 000,001,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GameTap.lnk
[2008/12/14 13:00:33 | 002,766,389 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\tree house.pdf
[2008/12/01 23:28:50 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\PFP120JPR.{PB
[2008/12/01 23:28:50 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\PFP120JCM.{PB
[2008/11/23 10:29:53 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2008/11/23 10:29:06 | 000,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2008/11/23 10:28:40 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2008/11/23 10:28:30 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2008/09/28 09:49:35 | 000,028,930 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\factsheetwhopaysmostindividualincometaxes.update.pdf
[2008/09/27 09:25:58 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\TV Player Pro.lnk
[2008/09/27 09:23:57 | 003,728,175 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\TV_Player_Pro_Setup_0.7.exe
[2008/06/29 09:15:32 | 000,001,589 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Airlink101 USB Wireless Configuration Utility.lnk
[2008/06/29 09:15:32 | 000,001,493 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Airlink101 USB Wireless Configuration Utility.lnk
[2008/06/29 09:15:27 | 000,003,078 | ---- | C] () -- C:\WINDOWS\System32\drivers\EAPPkt.inf
[2008/06/07 20:37:10 | 000,906,960 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Google Updater.exe
[2008/06/01 21:48:05 | 001,634,273 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Picture.jpg
[2008/05/06 22:12:40 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2008/04/14 16:52:35 | 002,889,336 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\tvantssetup.exe
[2008/03/24 21:50:40 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msjetol1.dll
[2008/03/06 08:21:01 | 000,000,083 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2008/03/06 08:21:01 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2008/02/29 21:06:16 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2008/02/18 19:15:52 | 000,000,959 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Pirates of the Caribbean Online.lnk
[2008/02/18 19:08:21 | 001,506,795 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\PotC-setup.exe
[2008/02/04 19:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/12/23 10:38:42 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\SopCast.lnk
[2007/12/15 19:13:29 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Shortcut to Internet Explorer.lnk
[2007/12/15 14:28:57 | 000,001,026 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MA101 Configuration Utility .lnk
[2007/11/30 22:01:34 | 000,001,058 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Fotomat.lnk
[2007/10/11 18:31:00 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2007/09/02 20:00:41 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/07/07 05:19:34 | 001,411,072 | ---- | C] () -- C:\WINDOWS\blink-182 - mark.scr
[2007/07/07 05:19:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\ssunstl.exe
[2007/06/15 23:20:55 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/20 07:59:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/03/06 23:03:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2007/03/06 00:07:58 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2007/03/06 00:07:57 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2007/03/04 02:38:48 | 000,089,424 | ---- | C] () -- C:\VETlog.dmp
[2007/02/16 18:15:34 | 000,001,675 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Disc2Phone.lnk
[2007/02/12 20:04:21 | 000,073,850 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\My Documents\FW.zip
[2007/02/05 18:12:22 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Smilebox.lnk
[2007/02/05 18:12:22 | 000,001,589 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Smilebox.lnk
[2007/01/07 23:36:21 | 000,001,587 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk
[2007/01/07 23:36:19 | 000,001,513 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Free AOL Email.lnk
[2006/12/10 21:30:54 | 000,001,807 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/12/10 11:38:07 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2006/12/10 11:38:07 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2006/12/10 11:17:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2006/11/29 18:52:11 | 000,001,912 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play NCAA Championship Run 2006.lnk
[2006/11/06 16:08:09 | 000,000,617 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Push Client.LNK
[2006/10/09 17:12:44 | 000,456,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2006/10/09 17:12:40 | 000,291,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2006/10/09 17:12:30 | 000,224,256 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2006/10/09 17:12:14 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2006/10/01 16:57:38 | 000,010,920 | ---- | C] () -- C:\aolconnfix.exe
[2006/09/23 14:12:38 | 000,074,715 | ---- | C] () -- C:\WINDOWS\System32\IE7Eula.rtf
[2006/09/20 18:53:00 | 000,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2006/09/04 19:46:53 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dell Printer Supplies - Inkjet.lnk
[2006/09/04 19:44:44 | 000,001,353 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf
[2006/09/03 12:09:25 | 000,000,193 | ---- | C] () -- C:\WINDOWS\KA.INI
[2006/09/03 11:42:23 | 000,002,759 | ---- | C] () -- C:\WINDOWS\SportballChallenge.ini
[2006/09/02 16:23:25 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/09/02 16:06:03 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/09/02 16:06:03 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\06E05D1336.sys
[2006/09/01 09:44:04 | 000,008,798 | ---- | C] () -- C:\WINDOWS\System32\icrav03.rat
[2006/09/01 09:44:04 | 000,001,988 | ---- | C] () -- C:\WINDOWS\System32\ticrf.rat
[2006/08/30 21:02:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/30 20:05:22 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\PartyPoker.net.lnk
[2006/08/30 20:05:22 | 000,001,717 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\PartyPoker.net.lnk
[2006/08/30 18:56:07 | 000,000,820 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2006/08/30 18:56:07 | 000,000,426 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2006/08/30 18:56:07 | 000,000,147 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2006/08/30 18:56:07 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7820N.dat
[2006/08/30 18:56:07 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2006/08/30 18:55:44 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2006/08/30 18:55:38 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2006/08/30 18:55:35 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.BMP
[2006/08/30 18:55:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2006/08/30 18:52:46 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2006/08/29 19:42:05 | 000,004,128 | ---- | C] () -- C:\INFCACHE.1
[2006/08/27 19:41:48 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Windows Media Player.lnk
[2006/08/27 19:41:42 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Musicmatch Jukebox.lnk
[2006/08/27 19:41:42 | 000,001,478 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2006/08/27 19:41:42 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2006/08/27 19:41:42 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\America Online 9.0.lnk
[2006/08/27 19:41:41 | 000,002,007 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Play Games.lnk
[2006/08/27 19:41:41 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Remote Assistance.lnk
[2006/08/27 19:41:41 | 000,001,394 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Media Center.lnk
[2006/08/27 19:41:41 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Internet Explorer.lnk
[2006/08/27 19:41:41 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Windows Media Player.lnk
[2006/08/27 19:41:41 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Outlook Express.lnk
[2006/08/27 19:41:41 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\fusioncache.dat
[2006/08/27 19:41:41 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2006/08/27 19:29:25 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2006/08/22 05:05:26 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2006/08/21 05:43:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/21 05:41:07 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Internet Service Offers.lnk
[2006/08/21 05:41:00 | 000,001,965 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Games, Music, & Photos.lnk
[2006/08/21 05:40:53 | 000,001,958 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Documentation & Support.lnk
[2006/08/21 05:35:47 | 000,005,155 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/08/21 05:31:59 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/08/21 05:31:29 | 000,001,907 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Musicmatch Jukebox.lnk
[2006/08/21 05:29:55 | 000,002,764 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.PNF
[2006/08/21 05:29:46 | 000,001,655 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AOL Free 6 Months.lnk
[2006/08/21 05:28:53 | 000,000,087 | ---- | C] () -- C:\SystemInfo.ini
[2006/08/21 05:27:38 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/08/21 05:27:36 | 000,001,934 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Plus! Photo Story 2 LE.lnk
[2006/08/21 05:25:56 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
[2006/08/21 05:06:36 | 000,006,694 | RH-- | C] () -- C:\dell.sdr
[2006/08/21 05:02:18 | 000,128,398 | ---- | C] () -- C:\WINDOWS\System32\drivers\del200f.cty
[2006/08/21 05:02:12 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcfjswr.dll
[2006/08/21 05:02:12 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcfinsr.dll
[2006/08/21 05:02:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcfvs.dll
[2006/08/21 05:02:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcfcur.dll
[2006/08/21 05:02:11 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlcfutil.dll
[2006/08/21 05:02:10 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\dlcfinsb.dll
[2006/08/21 05:02:10 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcfins.dll
[2006/08/21 05:02:09 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcfcub.dll
[2006/08/21 05:02:09 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcfcu.dll
[2006/08/21 05:02:09 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcfcfg.dll
[2006/08/21 05:02:08 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\dlcf.loc
[2006/08/21 05:01:57 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/08/21 05:01:53 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2006/08/21 05:01:53 | 000,058,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2006/08/21 05:01:53 | 000,021,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2006/08/21 05:01:53 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2006/08/21 05:01:52 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/08/21 05:01:52 | 000,005,496 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2006/08/21 05:01:50 | 000,787,512 | ---- | C] () -- C:\WINDOWS\Dell.bmp
[2006/08/21 05:01:40 | 000,005,110 | ---- | C] () -- C:\WINDOWS\System32\e100b325.din
[2006/08/21 05:01:12 | 000,006,694 | ---- | C] () -- C:\WINDOWS\System32\drivers\1028_Dell_DIM_DM051.mrk
[2006/08/21 04:59:58 | 000,787,356 | ---- | C] () -- C:\WINDOWS\System32\OEMBKGN1.BMP
[2006/08/21 04:59:58 | 000,096,310 | ---- | C] () -- C:\WINDOWS\System32\DELLWALL.BMP
[2006/08/21 04:59:58 | 000,005,134 | ---- | C] () -- C:\WINDOWS\System32\OEMLOGO.BMP
[2006/08/21 04:59:58 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/08 22:14:13 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2006/04/08 22:14:09 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2006/04/05 22:16:44 | 1071,796,224 | -HS- | C] () -- C:\hiberfil.sys
[2006/03/31 00:23:59 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/11/09 23:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/31 10:11:14 | 000,000,442 | ---- | C] () -- C:\WINDOWS\System32\dlcfplc.ini
[2005/08/16 02:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 02:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 02:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 02:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 02:27:59 | 000,303,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 02:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 02:18:33 | 000,445,472 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 02:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 02:18:33 | 000,072,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 02:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 02:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 02:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 02:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 02:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 02:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 02:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 02:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 12:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

========== Files - Unicode (All) ==========
[2011/04/12 20:25:50 | 000,000,000 | ---- | M] ()(C:\Documents and Settings\Mom and Dad\My Documents\????) -- C:\Documents and Settings\Mom and Dad\My Documents\曐Ȧ㢳硔
[2011/04/12 20:25:50 | 000,000,000 | ---- | C] ()(C:\Documents and Settings\Mom and Dad\My Documents\????) -- C:\Documents and Settings\Mom and Dad\My Documents\曐Ȧ㢳硔

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >




Thatcher

#11 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:05:20 AM

Posted 21 May 2011 - 05:14 PM

Please be sure to take a look at this post: http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2257693

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#12 thatcher

thatcher
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 21 May 2011 - 09:56 PM

http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2255207


ST I did not open those ports Thanks..............Thantcher



OTL Extras logfile created on: 4/6/2006 12:25:04 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mom and Dad\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 419.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 11.21 Gb Free Space | 16.06% Space Free | Partition Type: NTFS

Computer Name: FAMILYROOM | User Name: Mom and Dad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\WINDOWS\system32\secur3232.exe" = C:\WINDOWS\system32\secur3232.exe:*:Enabled:Windows Update Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dlcfcoms.exe" = C:\WINDOWS\system32\dlcfcoms.exe:*:Enabled:Color Printer 725 Server -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcfpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcfpswx.exe:*:Enabled:Color Printer 725 Printer Status -- ()
"C:\Program Files\Yahoo! Games\Lemonade Tycoon 2\Lemonade2.exe" = C:\Program Files\Yahoo! Games\Lemonade Tycoon 2\Lemonade2.exe:*:Enabled:Lemonade2
"C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\Content.IE5\0HYZC9Q7\wowclient-downloader[1].exe" = C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\Content.IE5\0HYZC9Q7\wowclient-downloader[1].exe:*:Enabled:Blizzard Downloader
"C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe" = C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe" = C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Home Networking Application
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Mom and Dad\Desktop\XSitePro2\XSitePro2.exe" = C:\Documents and Settings\Mom and Dad\Desktop\XSitePro2\XSitePro2.exe:*:Enabled:XSitePro2 -- (Intellimon Ltd.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\Mom and Dad\My Documents\Downloads\FLV_Player_Setup.exe" = C:\Documents and Settings\Mom and Dad\My Documents\Downloads\FLV_Player_Setup.exe:*:Enabled:Flash FLV Player
"C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe" = C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe:*:Enabled:StreamTorrent Media Player -- (StreamTorrent)
"C:\Program Files\AIM7\aim.exe" = C:\Program Files\AIM7\aim.exe:*:Disabled:AIM -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Disabled:AIM
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Disabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL -- (AOL LLC)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Disabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1176529941\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1176529941\ee\aolsoftware.exe:*:Disabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire -- (Lime Wire, LLC)
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer -- (LimeWire)
"C:\WINDOWS\system32\secur3232.exe" = C:\WINDOWS\system32\secur3232.exe:*:Enabled:Windows Update Service


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{162D2FB8-60A3-4871-B6A1-5C744CD34FF5}" = 725plc32
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3B78B379-C0E7-4FBF-9FD9-04FB6E05E60F}" = Debug Diagnostics Tool 1.1 (x86)
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{4CFCCE34-34E6-418A-ACA1-B05F24D727AE}" = DisplayLink Graphics
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5DF7DE47-B115-442D-BA4E-ACEB999CA327}" = DisplayLink Core Software
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{67E158AF-8856-4337-B483-EA21930786AF}" = GameTap
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7A3F0566-5E05-4919-9C98-456F6B5CF831}" = Get High Speed Internet!
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}" = Slingo
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{889457D5-7B32-4939-A775-D6FF973B40E9}" = Airlink101 USB Wireless Configuration Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B1E1FB29-E2FD-47D2-A06D-B6DCF7BF627E}" = MLBDugoutHeroes
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B46834CC-141E-11D5-A76F-0030AB007078}" = MA101 USB Adapter Configuration Utility
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"26D2C2C3-CF14-4ED7-B1FC-0BE64AFBA3B3" = Polar Bowler
"6285CE09-455B-494A-9E70-C9AEFD31C7CC" = Slyder
"651956B7-1969-42AA-9453-E0B813019D54" = Polar Golfer
"7-Zip" = 7-Zip 9.20
"989E4C3B-B2C9-4486-9A09-D5A8F953837C" = Bejeweled 2 Deluxe
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM Toolbar" = AIM Toolbar
"AIM YGP Picture Finder" = AIM "You've Got Pictures" Picture Finder Plugin v9.5.1.8
"AIM_7" = AIM 7
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"BitTorrent" = BitTorrent
"blink-182 - mark" = blink-182.org mark
"CCleaner" = CCleaner
"Clip Extractor_is1" = Clip Extractor 2.2.0.9
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"conduitEngine" = Conduit Engine
"Dell Color Printer 725" = Dell Color Printer 725
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Game Console" = Dell Game Console
"Disney Pirates of the Caribbean Online" = Disney Pirates of the Caribbean Online
"Dream Day Wedding" = Dream Day Wedding (remove only)
"E0814F95-5380-4892-B8C8-7FA4B349EF46" = Chuzzle Deluxe
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ESPNMotion" = ESPNMotion
"F346023B-4BB1-4541-B9D6-A4DEA1B61035" = Lemonade Tycoon 2
"FileZilla Server" = FileZilla Server (remove only)
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist Corporate
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Interwise Participant" = Interwise Participant
"KG98_2.3" = JumpStart Kindergarten 98 v2.3
"LimeWire" = LimeWire 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"myBabylon_English Toolbar" = myBabylon_English Toolbar
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"PartyPoker" = PartyPoker
"PartyPokerNet" = PartyPokerNet
"PersonalWeb" = PersonalWeb
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"Prism" = Prism Video Converter
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"Smilebox" = Smilebox
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SopCast" = SopCast 3.2.4
"StartNow Toolbar" = StartNow Toolbar 2.0
"StreamTorrent 1.0" = StreamTorrent 1.0
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Switch" = Switch Sound File Converter
"TV Player Pro" = TV Player Pro v0.7
"TVAnts 1.0" = TVAnts 1.0
"USB-Ethernet Adapter Device" = USB-Ethernet Adapter Device
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC Player" = VLC Player
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"WT014560" = Balloon Blast
"WT014655" = Penguins!
"WT014665" = Polar Golfer Pineapple Cup
"WT014696" = Sportball Challenge
"WT014757" = Run 'N Gun Football
"WT014813" = NCAA Championship Run 2006
"WT016031" = Super Granny
"WT018055" = Diner Dash - Flo on the Go
"WT018137" = Believe in Santa
"WT019187" = Golf Adventure Galaxy
"WT019197" = Granny in Paradise
"WT020478" = Super Granny 3
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XSitePro2" = XSitePro2
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.2
"Move Media Player" = Move Media Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/4/2011 6:39:22 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/4/2011 6:39:22 PM | Computer Name = FAMILYROOM | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\events\lcedisp.cpp(131),
hr = 80040206: Failed to CoCreate EventSystem objec

Error - 5/4/2011 6:39:52 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/6/2011 6:44:26 PM | Computer Name = FAMILYROOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 5/6/2011 6:44:27 PM | Computer Name = FAMILYROOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/6/2011 7:15:05 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/6/2011 7:34:41 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/6/2011 8:06:48 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/6/2011 8:06:48 PM | Computer Name = FAMILYROOM | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\events\lcedisp.cpp(131),
hr = 80040206: Failed to CoCreate EventSystem objec

Error - 5/6/2011 8:07:18 PM | Computer Name = FAMILYROOM | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

[ System Events ]
Error - 5/14/2011 8:01:20 PM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor
Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error - 5/14/2011 8:01:21 PM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor
Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error - 5/14/2011 8:01:22 PM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor
Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error - 5/14/2011 8:52:27 PM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/15/2011 1:27:10 AM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service dlcf_device
with arguments "" in order to run the server: {323CE21C-A448-40AA-BA74-7FCF1E441060}

Error - 5/15/2011 1:27:10 AM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the dlcf_device service to
connect.

Error - 5/15/2011 1:27:10 AM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7000
Description = The dlcf_device service failed to start due to the following error:
%%1053

Error - 5/15/2011 1:31:40 AM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/15/2011 1:32:46 AM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 aswSnx aswSP aswTdi Fips intelppm

Error - 5/15/2011 10:44:20 AM | Computer Name = FAMILYROOM | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >











2006/04/06 06:22:41.0015 3748 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
2006/04/06 06:22:43.0031 3748 ================================================================================
2006/04/06 06:22:43.0031 3748 SystemInfo:
2006/04/06 06:22:43.0031 3748
2006/04/06 06:22:43.0031 3748 OS Version: 5.1.2600 ServicePack: 3.0
2006/04/06 06:22:43.0031 3748 Product type: Workstation
2006/04/06 06:22:43.0031 3748 ComputerName: FAMILYROOM
2006/04/06 06:22:43.0031 3748 UserName: Mom and Dad
2006/04/06 06:22:43.0031 3748 Windows directory: C:\WINDOWS
2006/04/06 06:22:43.0031 3748 System windows directory: C:\WINDOWS
2006/04/06 06:22:43.0031 3748 Processor architecture: Intel x86
2006/04/06 06:22:43.0031 3748 Number of processors: 2
2006/04/06 06:22:43.0031 3748 Page size: 0x1000
2006/04/06 06:22:43.0031 3748 Boot type: Normal boot
2006/04/06 06:22:43.0031 3748 ================================================================================
2006/04/06 06:22:43.0984 3748 Initialize success
2006/04/06 06:22:49.0437 5248 ================================================================================
2006/04/06 06:22:49.0437 5248 Scan started
2006/04/06 06:22:49.0437 5248 Mode: Manual;
2006/04/06 06:22:49.0437 5248 ================================================================================
2006/04/06 06:22:50.0062 5248 Aavmker4 (3f6884eff406238d39aaa892218f1df7) C:\WINDOWS\system32\drivers\Aavmker4.sys
2006/04/06 06:22:50.0281 5248 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2006/04/06 06:22:50.0343 5248 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2006/04/06 06:22:50.0390 5248 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2006/04/06 06:22:50.0484 5248 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2006/04/06 06:22:50.0531 5248 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2006/04/06 06:22:50.0578 5248 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2006/04/06 06:22:50.0625 5248 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2006/04/06 06:22:50.0687 5248 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2006/04/06 06:22:50.0734 5248 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2006/04/06 06:22:50.0796 5248 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2006/04/06 06:22:51.0125 5248 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2006/04/06 06:22:51.0296 5248 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2006/04/06 06:22:51.0390 5248 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2006/04/06 06:22:51.0484 5248 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2006/04/06 06:22:51.0546 5248 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2006/04/06 06:22:51.0625 5248 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2006/04/06 06:22:51.0734 5248 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2006/04/06 06:22:51.0812 5248 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2006/04/06 06:22:51.0906 5248 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2006/04/06 06:22:51.0984 5248 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2006/04/06 06:22:52.0093 5248 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2006/04/06 06:22:52.0125 5248 aswMon2 (c2181ef6b54752273a0759a968c59279) C:\WINDOWS\system32\drivers\aswMon2.sys
2006/04/06 06:22:52.0187 5248 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\WINDOWS\system32\drivers\aswRdr.sys
2006/04/06 06:22:52.0265 5248 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\WINDOWS\system32\drivers\aswSnx.sys
2006/04/06 06:22:52.0328 5248 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\WINDOWS\system32\drivers\aswSP.sys
2006/04/06 06:22:52.0406 5248 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\WINDOWS\system32\drivers\aswTdi.sys
2006/04/06 06:22:52.0515 5248 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2006/04/06 06:22:52.0593 5248 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2006/04/06 06:22:52.0781 5248 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2006/04/06 06:22:52.0890 5248 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2006/04/06 06:22:52.0953 5248 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2006/04/06 06:22:52.0984 5248 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2006/04/06 06:22:53.0093 5248 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2006/04/06 06:22:53.0140 5248 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2006/04/06 06:22:53.0234 5248 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2006/04/06 06:22:53.0296 5248 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2006/04/06 06:22:53.0343 5248 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2006/04/06 06:22:53.0421 5248 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2006/04/06 06:22:53.0578 5248 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2006/04/06 06:22:53.0671 5248 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2006/04/06 06:22:53.0718 5248 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2006/04/06 06:22:53.0765 5248 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2006/04/06 06:22:53.0890 5248 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2006/04/06 06:22:53.0953 5248 DisplayLinkFilter (6ab4b3859d87dc40dc93f1427c366db8) C:\WINDOWS\system32\DRIVERS\DisplayLinkFilter.sys
2006/04/06 06:22:53.0968 5248 DisplayLinkmirror (f974762414e831e3469fe4d14c378f2c) C:\WINDOWS\system32\DRIVERS\DisplayLinkmirrorport.sys
2006/04/06 06:22:54.0109 5248 DisplayLinkUsbPort (c0d65f338f01d313c0251f2d3e92d200) C:\WINDOWS\system32\DRIVERS\DisplayLinkUsbPort_5.2.22271.0.sys
2006/04/06 06:22:54.0265 5248 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
2006/04/06 06:22:54.0296 5248 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
2006/04/06 06:22:54.0343 5248 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
2006/04/06 06:22:54.0437 5248 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
2006/04/06 06:22:54.0453 5248 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
2006/04/06 06:22:54.0515 5248 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
2006/04/06 06:22:54.0546 5248 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
2006/04/06 06:22:54.0593 5248 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
2006/04/06 06:22:54.0656 5248 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
2006/04/06 06:22:54.0734 5248 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2006/04/06 06:22:54.0781 5248 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2006/04/06 06:22:54.0812 5248 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2006/04/06 06:22:54.0859 5248 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2006/04/06 06:22:54.0906 5248 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS
2006/04/06 06:22:55.0031 5248 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2006/04/06 06:22:55.0109 5248 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2006/04/06 06:22:55.0187 5248 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
2006/04/06 06:22:55.0218 5248 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
2006/04/06 06:22:55.0375 5248 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2006/04/06 06:22:55.0484 5248 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2006/04/06 06:22:55.0531 5248 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2006/04/06 06:22:55.0640 5248 EAPPkt (d82414ec520453efe2eba936f6a9115a) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
2006/04/06 06:22:55.0875 5248 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2006/04/06 06:22:55.0984 5248 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2006/04/06 06:22:56.0015 5248 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2006/04/06 06:22:56.0062 5248 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2006/04/06 06:22:56.0109 5248 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2006/04/06 06:22:56.0125 5248 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2006/04/06 06:22:56.0218 5248 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2006/04/06 06:22:56.0390 5248 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2006/04/06 06:22:56.0546 5248 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2006/04/06 06:22:56.0609 5248 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2006/04/06 06:22:56.0687 5248 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2006/04/06 06:22:56.0750 5248 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2006/04/06 06:22:56.0812 5248 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2006/04/06 06:22:56.0875 5248 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2006/04/06 06:22:56.0953 5248 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2006/04/06 06:22:57.0015 5248 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2006/04/06 06:22:57.0093 5248 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2006/04/06 06:22:57.0171 5248 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2006/04/06 06:22:57.0250 5248 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2006/04/06 06:22:57.0328 5248 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2006/04/06 06:22:57.0359 5248 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2006/04/06 06:22:57.0437 5248 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2006/04/06 06:22:57.0468 5248 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2006/04/06 06:22:57.0500 5248 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2006/04/06 06:22:57.0562 5248 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2006/04/06 06:22:57.0640 5248 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2006/04/06 06:22:57.0671 5248 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2006/04/06 06:22:57.0718 5248 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2006/04/06 06:22:57.0765 5248 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2006/04/06 06:22:57.0796 5248 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2006/04/06 06:22:57.0812 5248 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2006/04/06 06:22:57.0875 5248 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2006/04/06 06:22:57.0953 5248 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2006/04/06 06:22:58.0125 5248 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2006/04/06 06:22:58.0218 5248 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2006/04/06 06:22:58.0265 5248 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2006/04/06 06:22:58.0343 5248 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2006/04/06 06:22:58.0406 5248 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2006/04/06 06:22:58.0546 5248 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2006/04/06 06:22:58.0687 5248 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2006/04/06 06:22:58.0703 5248 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2006/04/06 06:22:58.0765 5248 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2006/04/06 06:22:58.0812 5248 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2006/04/06 06:22:58.0859 5248 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2006/04/06 06:22:58.0906 5248 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2006/04/06 06:22:58.0968 5248 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006/04/06 06:22:58.0984 5248 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006/04/06 06:22:59.0000 5248 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2006/04/06 06:22:59.0046 5248 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2006/04/06 06:22:59.0109 5248 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2006/04/06 06:22:59.0171 5248 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2006/04/06 06:22:59.0234 5248 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2006/04/06 06:22:59.0281 5248 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2006/04/06 06:22:59.0312 5248 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2006/04/06 06:22:59.0484 5248 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2006/04/06 06:22:59.0562 5248 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2006/04/06 06:22:59.0656 5248 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2006/04/06 06:22:59.0781 5248 NETGEAR NETGEAR_MA101_USB_Adapter® (7d4b6dca2435b8d3e1cbcfc600f63319) C:\WINDOWS\system32\DRIVERS\ma1012kr.sys
2006/04/06 06:22:59.0890 5248 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2006/04/06 06:22:59.0968 5248 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
2006/04/06 06:23:00.0093 5248 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2006/04/06 06:23:00.0234 5248 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2006/04/06 06:23:00.0359 5248 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2006/04/06 06:23:00.0531 5248 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2006/04/06 06:23:00.0578 5248 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2006/04/06 06:23:00.0656 5248 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2006/04/06 06:23:00.0671 5248 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2006/04/06 06:23:00.0703 5248 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2006/04/06 06:23:00.0781 5248 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
2006/04/06 06:23:00.0875 5248 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2006/04/06 06:23:00.0937 5248 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2006/04/06 06:23:01.0015 5248 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2006/04/06 06:23:01.0078 5248 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2006/04/06 06:23:01.0156 5248 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2006/04/06 06:23:01.0203 5248 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2006/04/06 06:23:01.0343 5248 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2006/04/06 06:23:01.0484 5248 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2006/04/06 06:23:01.0734 5248 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2006/04/06 06:23:01.0765 5248 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2006/04/06 06:23:01.0812 5248 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2006/04/06 06:23:01.0859 5248 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2006/04/06 06:23:01.0921 5248 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2006/04/06 06:23:01.0937 5248 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2006/04/06 06:23:02.0015 5248 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2006/04/06 06:23:02.0093 5248 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2006/04/06 06:23:02.0187 5248 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2006/04/06 06:23:02.0250 5248 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2006/04/06 06:23:02.0312 5248 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2006/04/06 06:23:02.0359 5248 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2006/04/06 06:23:02.0437 5248 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2006/04/06 06:23:02.0468 5248 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2006/04/06 06:23:02.0515 5248 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2006/04/06 06:23:02.0578 5248 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2006/04/06 06:23:02.0625 5248 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2006/04/06 06:23:02.0687 5248 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2006/04/06 06:23:02.0796 5248 RTL8187B (d668006d3f4249d20729ef6da27c916e) C:\WINDOWS\system32\DRIVERS\RTL8187B.sys
2006/04/06 06:23:02.0843 5248 s125mdfl (f83f88e1b125308fb5015ea0349502b0) C:\WINDOWS\system32\DRIVERS\s125mdfl.sys
2006/04/06 06:23:02.0906 5248 s125mdm (402a97756c14940ad6ae5169c2fb105e) C:\WINDOWS\system32\DRIVERS\s125mdm.sys
2006/04/06 06:23:03.0046 5248 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2006/04/06 06:23:03.0125 5248 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2006/04/06 06:23:03.0171 5248 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2006/04/06 06:23:03.0234 5248 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2006/04/06 06:23:03.0390 5248 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2006/04/06 06:23:03.0484 5248 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2006/04/06 06:23:03.0578 5248 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2006/04/06 06:23:03.0640 5248 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2006/04/06 06:23:03.0703 5248 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2006/04/06 06:23:03.0859 5248 STHDA (0aa91bbe468b3f46072091f18003ecaa) C:\WINDOWS\system32\drivers\sthda.sys
2006/04/06 06:23:03.0937 5248 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
2006/04/06 06:23:03.0968 5248 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2006/04/06 06:23:04.0031 5248 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2006/04/06 06:23:04.0109 5248 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2006/04/06 06:23:04.0140 5248 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2006/04/06 06:23:04.0171 5248 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2006/04/06 06:23:04.0203 5248 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2006/04/06 06:23:04.0265 5248 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2006/04/06 06:23:04.0343 5248 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2006/04/06 06:23:04.0453 5248 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
2006/04/06 06:23:04.0500 5248 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2006/04/06 06:23:04.0562 5248 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2006/04/06 06:23:04.0593 5248 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2006/04/06 06:23:04.0703 5248 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2006/04/06 06:23:04.0796 5248 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
2006/04/06 06:23:04.0843 5248 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2006/04/06 06:23:04.0921 5248 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2006/04/06 06:23:05.0000 5248 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2006/04/06 06:23:05.0093 5248 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
2006/04/06 06:23:05.0171 5248 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2006/04/06 06:23:05.0250 5248 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2006/04/06 06:23:05.0296 5248 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2006/04/06 06:23:05.0328 5248 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2006/04/06 06:23:05.0375 5248 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2006/04/06 06:23:05.0421 5248 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2006/04/06 06:23:05.0437 5248 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2006/04/06 06:23:05.0468 5248 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2006/04/06 06:23:05.0515 5248 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2006/04/06 06:23:05.0593 5248 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2006/04/06 06:23:05.0625 5248 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2006/04/06 06:23:05.0687 5248 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2006/04/06 06:23:05.0750 5248 w300bus (d4baa1ac8dcea1382e81aa6fe48cdd7c) C:\WINDOWS\system32\DRIVERS\w300bus.sys
2006/04/06 06:23:05.0812 5248 w300obex (a2bc36924ae02ca1e01ec39c99afea09) C:\WINDOWS\system32\DRIVERS\w300obex.sys
2006/04/06 06:23:05.0890 5248 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2006/04/06 06:23:05.0937 5248 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2006/04/06 06:23:06.0015 5248 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2006/04/06 06:23:06.0109 5248 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2006/04/06 06:23:06.0265 5248 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2006/04/06 06:23:06.0312 5248 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2006/04/06 06:23:06.0437 5248 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2006/04/06 06:23:06.0484 5248 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2006/04/06 06:23:06.0640 5248 X4HSX32 (72e8f37e00dcbd7432c7824570a3a7aa) C:\Program Files\GameTap\bin\Release\X4HSX32.Sys
2006/04/06 06:23:06.0734 5248 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2006/04/06 06:23:06.0734 5248 ================================================================================
2006/04/06 06:23:06.0734 5248 Scan finished
2006/04/06 06:23:06.0734 5248 ================================================================================
2006/04/06 06:23:06.0750 4340 Detected object count: 1
2006/04/06 06:23:14.0671 4340 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2006/04/06 06:23:14.0671 4340 \HardDisk0 - ok
2006/04/06 06:23:14.0671 4340 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2006/04/06 06:24:46.0062 4148 Deinitialize success

#13 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:05:20 AM

Posted 22 May 2011 - 09:16 AM

Hi thatcher!

I'm going to close those open ports then.

Looks like TDSSKiller found the main culprit!

The main infection that you were infected with is called TDL4.

See the snippet of text below:

2006/04/06 06:23:06.0750 4340 Detected object count: 1
2006/04/06 06:23:14.0671 4340 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2006/04/06 06:23:14.0671 4340 \HardDisk0 - ok
2006/04/06 06:23:14.0671 4340 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2006/04/06 06:24:46.0062 4148 Deinitialize succ


You can read more about this infection here:

Special thanks to quietman7 for providing the above links.



NEXT:



Disable SpyBot TeaTimer
We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Posted Image and then on "Advanced Mode"
    Posted Image
  • You may be presented with a warning dialog. If so, press Posted Image
  • Click on Posted Image
  • Click on Posted Image
  • Uncheck this checkbox:
    Posted Image
  • Close/Exit Spybot Search and Destroy


NEXT:



GooredFix
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


NEXT:



OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
    :OTL
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8992
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8992
    IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJxdm086YYUS&fl=0&ptb=qMR._V1CFwXWvyOeIi7JIw&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
    IE - HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE_PLUSY_USONLY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110409&user_guid=5A9AE84CC413451A91372FDC8262F2A7&machine_id=bd5d5e390a25fd3b85b195c2c7a5663d&browser=IE&os=win&os_version=5.1-x86-SP3
    FF - prefs.js..keyword.URL: "http://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE_PLUSY_USONLY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110409&user_guid=5A9AE84CC413451A91372FDC8262F2A7&machine_id=bd5d5e390a25fd3b85b195c2c7a5663d&browser=FF&os=win&os_version=5.1-x86-SP3&q="
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - File not found
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [%PROVIDERID%] File not found
    O4 - HKU\S-1-5-21-318017457-2645039958-1548573548-1005..\Run: [Malware Protection] File not found
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
    O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Java Plug-in 1.5.0_08)
    O33 - MountPoints2\{174d5b78-c7aa-11db-8592-00095b36f912}\Shell\AutoRun\command - "" = F:\setupSNK.exe
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
    [2011/05/14 17:01:54 | 000,015,490 | -HS- | M] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\yi14w8p50v3v54040mxn87220nq
    [2011/05/14 17:01:54 | 000,015,490 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\yi14w8p50v3v54040mxn87220nq
    [2011/05/14 16:43:57 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\2gweorjqjutp92vjy9gake
    [2011/05/03 11:13:35 | 000,000,123 | ---- | M] () -- C:\WINDOWS\System32\1649518602
    [2011/05/14 16:44:11 | 000,015,490 | -HS- | C] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\yi14w8p50v3v54040mxn87220nq
    [2011/05/14 16:44:11 | 000,015,490 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\yi14w8p50v3v54040mxn87220nq
    [2011/05/14 16:43:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\2gweorjqjutp92vjy9gake
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "135:TCP"=-
    "5000:TCP"=-
    "5001:TCP"=-
    "5002:TCP"=-
    "5003:TCP"=-
    "5004:TCP"=-
    "5005:TCP"=-
    "5006:TCP"=-
    "5007:TCP"=-
    "5008:TCP"=-
    "5009:TCP"=-
    "5010:TCP"=-
    "5011:TCP"=-
    "5012:TCP"=-
    "5013:TCP"=-
    "5014:TCP"=-
    "5015:TCP"=-
    "5016:TCP"=-
    "5017:TCP"=-
    "5018:TCP"=-
    "5019:TCP"=-
    "5020:TCP"=-
    :Files
    ipconfig /flushdns /c
    :Commands
    [purity]
    [resethosts]
    [CreateRestorePoint]
    [emptytemp]
    [EMPTYFLASH]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



VirusTotal File Scan
Please go to: VirusTotal
  • Posted Image
  • Click the Browse button and search for the following file: C:\WINDOWS\system32\lftif11n32.dll
  • Click Open
  • Then click Send File
  • Please be patient while the file is scanned.
  • Once the scan results appear, please provide them in your next reply.
If it says already scanned -- click "reanalyze now"

Please post the results in your next reply

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#14 thatcher

thatcher
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 22 May 2011 - 12:39 PM

http://www.bleepingcomputer.com/forums/topic397325.html/page__view__findpost__p__2257693

ST things are looking much better. Thanks, Thatcher



GooredFix by jpshortstuff (04.04.11.1)
Log created at 20:58 on 06/04/2006 (Mom and Dad)
Firefox version 4.0.1 (en-US)

========== GooredScan ==========

Deleting "C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{c868dfad-b7cf-41c1-88b8-c423ac5ed7c7}" -> Success!
Deleting "C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\{d9a61b0e-6a8b-45e7-8119-7151fbb0facc}" -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
button@youtubeclipextractor.com [07:14 15/06/2010]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [23:37 08/05/2011]
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [05:28 16/12/2009]

C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Firefox\Profiles\owartlur.default\extensions\
engine@conduit.com [22:39 09/05/2011]
{20a82645-c095-46ed-80e3-08825760534b} [16:19 31/07/2010]
{5911488E-9D1E-40ec-8CBB-06B231CC153F} [00:53 09/04/2011]
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [22:39 09/05/2011]
{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} [22:39 09/05/2011]
{c2f863cd-0429-48c7-bb54-db756a951760} [22:39 09/05/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"PersonalWeb_v1310@claria.com"="C:\Program Files\Claria\PersonalWeb\FF_v1310" [00:27 18/09/2006]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [05:27 16/12/2009]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [16:58 27/03/2010]
"{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files\McAfee\SiteAdvisor" [03:44 26/10/2010]

-=E.O.F=-


All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultUrl| /E : value set successfully!
HKU\S-1-5-21-318017457-2645039958-1548573548-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "http://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE_PLUSY_USONLY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110409&user_guid=5A9AE84CC413451A91372FDC8262F2A7&machine_id=bd5d5e390a25fd3b85b195c2c7a5663d&browser=FF&os=win&os_version=5.1-x86-SP3&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\%PROVIDERID% deleted successfully.
Registry value HKEY_USERS\S-1-5-21-318017457-2645039958-1548573548-1005\Software\Microsoft\Windows\CurrentVersion\Run\\Malware Protection deleted successfully.
Starting removal of ActiveX control {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{174d5b78-c7aa-11db-8592-00095b36f912}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{174d5b78-c7aa-11db-8592-00095b36f912}\ not found.
File F:\setupSNK.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
File E:\setup.exe not found.
C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\yi14w8p50v3v54040mxn87220nq moved successfully.
C:\Documents and Settings\All Users\Application Data\yi14w8p50v3v54040mxn87220nq moved successfully.
C:\Documents and Settings\Mom and Dad\2gweorjqjutp92vjy9gake moved successfully.
C:\WINDOWS\system32\1649518602 moved successfully.
File C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\yi14w8p50v3v54040mxn87220nq not found.
File C:\Documents and Settings\All Users\Application Data\yi14w8p50v3v54040mxn87220nq not found.
File C:\Documents and Settings\Mom and Dad\2gweorjqjutp92vjy9gake not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\135:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5000:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5001:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5002:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5003:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5004:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5005:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5006:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5007:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5008:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5009:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5010:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5011:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5012:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5013:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5014:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5015:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5016:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5017:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5018:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5019:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5020:TCP deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Mom and Dad\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Mom and Dad\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
HOSTS file reset successfully
Restore point Set: OTL Restore Point (0)

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 41996 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes

User: All Users

User: Brooke

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 189405 bytes
->Flash cache emptied: 41 bytes

User: DJ
->Temp folder emptied: 75936206 bytes
->Temporary Internet Files folder emptied: 32511610 bytes
->Java cache emptied: 37867559 bytes
->FireFox cache emptied: 65793621 bytes
->Flash cache emptied: 53741 bytes

User: LocalService
->Temp folder emptied: 67560 bytes
->Temporary Internet Files folder emptied: 47219025 bytes
->FireFox cache emptied: 5025162 bytes
->Flash cache emptied: 579 bytes

User: Mom and Dad
->Temp folder emptied: 59116790 bytes
->Temporary Internet Files folder emptied: 18565264 bytes
->Java cache emptied: 53253062 bytes
->FireFox cache emptied: 68168714 bytes
->Flash cache emptied: 1722631 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 22418293 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 482676 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 52828712 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 4735475 bytes
RecycleBin emptied: 223271067 bytes

Total Files Cleaned = 734.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Brooke

User: Default User
->Flash cache emptied: 0 bytes

User: DJ
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: Mom and Dad
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04062006_210605

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

AhnLab-V32011.05.23.002011.05.22-AntiVir7.11.8.892011.05.21-Antiy-AVL2.0.3.72011.05.22-Avast4.8.1351.02011.05.22-Avast55.0.677.02011.05.22-AVG10.0.0.11902011.05.22-BitDefender7.22011.05.22-CAT-QuickHeal11.002011.05.22-ClamAV0.97.0.02011.05.22-Commtouch5.3.2.62011.05.22-Comodo87942011.05.22-Emsisoft5.1.0.52011.05.22-eTrust-Vet36.1.83392011.05.20-F-Prot4.6.2.1172011.05.22-F-Secure9.0.16440.02011.05.22-Fortinet4.2.257.02011.05.22-GData222011.05.22-IkarusT3.1.1.104.02011.05.22-Jiangmin13.0.9002011.05.22-K7AntiVirus9.103.46932011.05.20-Kaspersky9.0.0.8372011.05.22-McAfee5.400.0.11582011.05.22-McAfee-GW-Edition2010.1D2011.05.22-Microsoft1.69032011.05.22-NOD3261422011.05.22-Norman6.07.072011.05.22-nProtect2011-05-22.012011.05.22-Panda10.0.3.52011.05.22-PCTools7.0.3.52011.05.19-Prevx3.02011.05.22-Rising23.58.06.032011.05.22-Sophos4.65.02011.05.22-TheHacker6.7.0.1.2022011.05.20-TrendMicro9.200.0.10122011.05.22-VIPRE93562011.05.22-ViRobot2011.5.21.44722011.05.22-VirusBuster13.6.367.02011.05.22- Additional information MD5 : 88428aae94d498207712b659fef6108e SHA1 : 9cd11a5abfe88d6ee3341f1d1e2c24f52ba2fbca SHA256: 6306f144698e2499b44708855e6cd123a240e4f682f557a352ff0574226998c5 ssdeep: 3072:pwEU9qOq9LoQajegudD0B5yjiSkViuHw3IVlC/PL419MZSM9au:pfcPqGQeeg4QCiS+vw4
vGeMZS File size : 155648 bytes First seen: 2011-05-03 00:05:25 Last seen : 2011-05-22 17:18:32 TrID:
Win32 Executable MS Visual C++ (generic) (65.1%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%) sigcheck:
publisher....: AIDEX Team
copyright....: Copyright © 2002-2003 AIDEX Team
product......: AIDEX SDK
description..: AIDEX Runtime
original name: AIDEX.DLL
internal name: aidex
file version.: 1.0.1.52
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x6912
timedatestamp....: 0x48EB7CCA (Tue Oct 07 15:14:18 2008)
machinetype......: 0x14c (I386)

[[ 8 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x7000, 0x6200, 5.88, 2cf2dd5b37e465288124caa8a3d98ec9
.data, 0x8000, 0xF000, 0xE600, 7.56, 68548beb5686374dc45c385b0b7441b5
.rdata, 0x17000, 0xF000, 0xEA00, 7.48, 9d21658d3ffa8bfab866a92b457de07e
.bss, 0x26000, 0x4000, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
.edata, 0x2A000, 0x1000, 0x200, 4.91, 1bc9a5e14dbb5aad4636be22501f072e
.idata, 0x2B000, 0x1000, 0x800, 4.63, f4eb1e2d95422309e58b265a79fef913
.rsrc, 0x2C000, 0x2000, 0x1600, 3.27, 4d864e64dc7f0ffc217003b2ab231b1a
.reloc, 0x2E000, 0x993, 0xA00, 6.46, ea237d8a4e6c68ea8d333cc1f20c1da8

[[ 10 import(s) ]]
ADVAPI32.dll: ChangeServiceConfigW, CloseEventLog, RegEnumKeyExW, BuildTrusteeWithObjectsAndNameW
KERNEL32.dll: GetProcAddress, InterlockedIncrement, LoadLibraryA, GetModuleHandleA, VirtualFree, ExitProcess, VirtualAlloc, GetEnvironmentStringsW
ole32.dll: CLSIDFromString, CoCreateGuid, IsValidPtrIn, CoGetMalloc, CoFileTimeNow
SETUPAPI.dll: SetupInstallFilesFromInfSectionW, SetupDiCreateDevRegKeyA, SetupRenameErrorA
USER32.dll: ToUnicodeEx, TileWindows, SetThreadDesktop, SendNotifyMessageW, EnumDisplayDevicesW, RegisterDeviceNotificationA, PostMessageA, IsCharUpperA, GetUserObjectInformationW, GetMonitorInfoW, GetMonitorInfoA, GetKeyboardLayout, GetClipboardViewer, OpenWindowStationW
OLEPRO32.DLL: -, -, -, -, -, -, -
OLEACC.dll: GetRoleTextW, AccessibleChildren
security.dll: RevertSecurityContext, ImpersonateSecurityContext
COMCTL32.dll: ImageList_SetDragCursorImage, -
MSVCRT.dll: __p__commode, __getmainargs, exit, time, fprintf, __set_app_type

[[ 14 export(s) ]]
CompressedFileWriterObjectWrite, DiscAtOnceRawPWFromFileAudioUnicode, FileMemoryCreate, FileMemoryUnicodeCreate, GetDVDRegionMask, GetLastTrack, GetMediaTrayStatus, GrabDVD, ISO9660JolietFileTreeGetNodeSystemTime, IsDiscBlank, Read10, SetBUP, TrackAtOnceFromMemoryEx, VolumeUnicodeCreate
ExifTool:
file metadata
CharacterSet: Windows, Latin1
CodeSize: 28672
Comments:
CompanyName: AIDEX Team
EntryPoint: 0x6912
FileDescription: AIDEX Runtime
FileFlagsMask: 0x003f
FileOS: Win32
FileSize: 152 kB
FileSubtype: 0
FileType: Win32 DLL
FileVersion: 1.0.1.52
FileVersionNumber: 1.0.1.52
ImageVersion: 1.0
InitializedDataSize: 170496
InternalName: aidex
LanguageCode: English (U.S.)
LegalCopyright: Copyright © 2002-2003 AIDEX Team
LegalTrademarks:
LinkerVersion: 2.38
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
ObjectFileType: Dynamic link library
OriginalFilename: AIDEX.DLL
PEType: PE32
ProductName: AIDEX SDK
ProductVersion: 1.0.1.52
ProductVersionNumber: 1.0.1.52
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2008:10:07 17:14:18+02:00
UninitializedDataSize: 16384

#15 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:05:20 AM

Posted 22 May 2011 - 12:50 PM

Logs are looking good!

Lets see what this scan finds:


Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform quick scan, then click on Scan
  • Leave the default options as it is and click on Start Scan
  • When done, you will be prompted. Click OK, then click on Show Results
  • Checked (ticked) all items and click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users