Solved redirect/ fake virus scanner problem..

gideon01 · 2010/03/28

========== Files/Folders - Created Within 14 Days ==========

[2010/03/28 14:19:54 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
[2010/03/28 04:30:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\Tansee
[2010/03/28 03:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop\New Folder
[2010/03/28 02:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Tansee iPhone Copy
[2010/03/27 21:05:38 | 000,278,016 | ---- | C] (SteelWerX) -- C:\WINDOWS\swreg.exe
[2010/03/27 20:40:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\Recent
[2010/03/26 19:40:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/26 07:50:00 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/03/26 07:49:48 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/26 07:47:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/26 07:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/26 07:47:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/03/26 07:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2010/03/26 07:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\addware malware tools
[2010/03/26 07:33:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\ccleaner logs
[2010/03/26 07:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\WinPatrol
[2010/03/26 07:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/03/26 07:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\ForceField Shared Files
[2010/03/26 07:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\CheckPoint
[2010/03/26 07:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010/03/26 07:14:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010/03/26 07:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010/03/26 07:13:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010/03/26 07:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/26 07:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/03/26 06:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\QuickScan
[2010/03/25 18:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/03/25 16:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop\iPhone Ringtones
[2010/03/24 18:54:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/24 18:54:49 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/24 18:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/24 17:40:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/24 16:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/03/24 16:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/03/24 16:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/03/24 15:58:28 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\.COMMgr
[2010/03/24 15:57:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\msapps
[2010/03/24 15:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\D8585968FC18271731C4ED43D7D5AD4E
[2010/03/23 18:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\DVDVideoSoft
[2010/03/23 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/03/23 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/03/23 18:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\OxelonMC
[2010/03/23 18:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\OxelonMedia
[2010/03/23 16:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/03/23 16:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\.SunDownloadManager
[2010/03/22 06:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\ProfitUI Reborn Updater
[2010/03/22 06:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010/03/22 06:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/03/21 21:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/03/21 19:00:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/03/21 18:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/21 15:41:06 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/21 15:38:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/21 14:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Malwarebytes
[2010/03/21 14:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/21 14:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/21 14:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\Downloads
[2010/03/21 08:37:42 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/21 03:19:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/03/21 03:05:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Mozilla
[2010/03/21 03:02:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2010/03/21 02:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/21 02:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2010/03/21 02:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Windows Search
[2010/03/21 02:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\LimeWire
[2010/03/21 02:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Mozilla
[2010/03/21 02:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\WinRAR
[2010/03/21 02:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/03/21 01:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/03/21 01:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2010/03/21 01:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Apple Computer
[2010/03/21 01:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/03/21 01:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/03/21 01:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/21 01:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/03/21 01:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/21 01:18:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/21 01:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Apple
[2010/03/21 01:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/03/21 01:18:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/03/21 01:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/21 01:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/03/21 01:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Apple Computer
[2010/03/21 00:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\ApplicationHistory
[2010/03/21 00:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Yahoo!
[2010/03/21 00:04:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/03/20 23:58:52 | 000,242,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/20 23:58:47 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/20 23:58:47 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/20 23:58:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/03/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/03/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/20 23:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/03/20 23:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/20 23:56:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/03/20 23:56:27 | 000,381,056 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\drivers\senfilt.sys
[2010/03/20 23:56:26 | 000,991,232 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\virtear.dll
[2010/03/20 23:56:26 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2010/03/20 23:56:26 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2010/03/20 23:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar
[2010/03/20 23:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2010/03/20 23:55:50 | 000,446,464 | R--- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\hhactivex.dll
[2010/03/20 23:55:49 | 000,328,480 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System32\ssa3d30.ocx
[2010/03/20 23:55:47 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/20 23:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/03/20 23:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/03/20 23:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/20 23:55:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/20 23:55:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/20 23:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Macromedia
[2010/03/20 23:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Adobe
[2010/03/20 23:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Identities
[2010/03/20 23:52:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/03/20 23:52:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents\My Music
[2010/03/20 23:52:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents\My Pictures
[2010/03/20 23:52:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\home\Application Data\Microsoft
[2010/03/20 23:52:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\SendTo
[2010/03/20 23:52:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\Application Data
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\Start Menu
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\Favorites
[2010/03/20 23:52:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\Cookies
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\Templates
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\PrintHood
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\NetHood
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\Local Settings
[2010/03/20 23:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Microsoft
[2010/03/20 23:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop
[2010/03/20 23:51:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/03/20 23:51:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/03/20 23:51:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\IECompatCache
[2010/03/20 23:50:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\PrivacIE
[2010/03/20 23:49:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\IETldCache
[2010/03/20 23:49:32 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/03/20 23:49:32 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/03/20 23:48:49 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/03/20 23:48:49 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/03/20 23:48:49 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/03/20 23:48:36 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/03/20 23:48:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/03/20 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/03/20 23:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/03/20 23:48:18 | 000,000,000 | ---D | C] -- C:\DELL
[2010/03/20 23:47:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/03/20 23:47:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/03/20 23:47:26 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/03/20 23:47:19 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/03/20 23:47:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/03/20 23:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/03/20 23:46:32 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/03/20 23:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/20 23:46:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/03/20 23:46:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/03/20 23:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/03/20 23:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/03/20 23:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/03/20 23:46:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/03/20 23:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/03/20 23:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/03/20 23:45:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/03/20 23:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/03/20 23:45:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/03/20 23:45:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/03/20 23:45:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/03/20 23:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/03/20 23:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/03/20 23:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/03/20 23:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/03/20 23:44:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/03/20 23:44:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/03/20 23:44:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/03/20 23:44:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/03/20 23:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/03/20 23:43:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/03/20 23:43:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/03/20 23:39:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/03/20 23:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/03/20 23:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/03/20 23:38:54 | 000,000,000 | ---D | C] -- C:\950cce00c90ed71ec89d5b7c4e7f
[2010/03/20 23:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Identities
[2010/03/20 23:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Windows Desktop Search
[2010/03/20 23:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010/03/20 23:35:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/03/20 23:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/03/20 23:34:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/03/20 23:34:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/03/20 23:33:46 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/03/20 23:33:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/03/20 23:33:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/03/20 23:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/20 23:27:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/03/20 23:21:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/03/20 23:20:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/03/20 23:19:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/03/20 23:19:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/03/20 23:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/03/20 23:04:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/03/20 23:04:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/03/20 23:04:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/03/20 23:03:49 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\UserData
[2010/03/20 23:00:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/03/20 22:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Sun
[2010/03/20 22:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/20 22:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/20 22:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2010/03/20 22:58:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/20 18:42:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/03/20 18:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/03/20 18:42:19 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/03/20 18:41:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/03/20 18:41:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/03/20 18:41:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/03/20 18:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/03/20 18:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/03/20 18:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/03/20 18:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/03/20 18:39:37 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/03/20 18:39:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/03/20 18:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/03/20 18:39:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/20 18:33:12 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/03/20 18:33:12 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/03/20 18:33:12 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/03/20 18:33:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

gideon01 · 2010/03/28

========== Files - Modified Within 14 Days ==========

[2010/03/28 15:08:33 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/28 15:08:10 | 010,747,904 | -H-- | M] () -- C:\Documents and Settings\home\NTUSER.DAT
[2010/03/28 15:08:10 | 002,139,654 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Ultimate (v1.4 os31)-samgo9861.ipa
[2010/03/28 14:19:55 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
[2010/03/28 14:18:16 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/28 14:15:09 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/28 14:14:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/28 14:13:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/28 09:55:28 | 058,110,411 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/28 04:45:16 | 000,013,132 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/28 03:21:43 | 000,013,104 | ---- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/28 03:18:48 | 002,139,654 | R--- | M] () -- C:\Documents and Settings\home\Desktop\Ultimate (v1.4 os31)-samgo9861.ipa.zip
[2010/03/28 02:59:38 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\home\Desktop\iPhone Copy.lnk
[2010/03/27 21:09:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\home\ntuser.ini
[2010/03/27 21:05:17 | 000,488,240 | ---- | M] () -- C:\Documents and Settings\home\Desktop\HelpAsst_mebroot_fix.exe
[2010/03/27 20:32:21 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/26 19:17:03 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/26 19:16:33 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/03/26 17:26:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/26 07:49:47 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/26 07:49:45 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/03/26 07:47:54 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/03/26 07:15:15 | 000,422,437 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/03/26 07:14:22 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/03/25 18:21:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/25 07:51:25 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\home\Application Data\winscp.rnd
[2010/03/25 06:19:43 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/24 16:22:16 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Spybot - Search & Destroy.lnk
[2010/03/24 15:58:44 | 000,001,834 | -HS- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\Mh3jm32txN
[2010/03/24 15:58:44 | 000,001,834 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/23 20:32:18 | 004,795,504 | -H-- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\IconCache.db
[2010/03/23 18:26:37 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\home\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/23 18:19:43 | 000,000,467 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oxelon Media Converter.lnk
[2010/03/23 18:19:43 | 000,000,047 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oxelon.com.url
[2010/03/22 06:53:36 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\home\Desktop\EQ2MAP Updater.lnk
[2010/03/22 06:35:28 | 000,001,850 | ---- | M] () -- C:\Documents and Settings\home\My Documents\ProfitUI Reborn Updater.lnk
[2010/03/22 06:08:12 | 000,000,262 | ---- | M] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/22 06:08:11 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/03/21 19:12:16 | 000,876,742 | ---- | M] () -- C:\Documents and Settings\home\Desktop\ACT-Setup.exe
[2010/03/21 15:41:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/21 08:37:44 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/21 08:37:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/21 08:37:42 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/21 08:37:10 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/21 03:06:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/03/21 02:41:55 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Internet Explorer.lnk
[2010/03/21 02:27:32 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/21 02:25:25 | 000,001,464 | ---- | M] () -- C:\Documents and Settings\home\Desktop\WinSCP.lnk
[2010/03/21 01:23:00 | 000,001,453 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EverQuest II.lnk
[2010/03/21 01:18:34 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/21 00:22:08 | 000,551,164 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/21 00:22:08 | 000,462,168 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/21 00:22:08 | 000,078,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/21 00:04:12 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\home\Desktop\CCleaner.lnk
[2010/03/20 23:58:54 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/03/20 23:58:47 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/03/20 23:58:46 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/03/20 23:58:46 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/03/20 23:58:46 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/03/20 23:50:38 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 23:49:56 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/20 23:48:10 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/20 23:48:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/20 23:48:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/20 23:47:58 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/20 23:47:26 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 23:47:26 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 23:47:19 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Windows Movie Maker.lnk
[2010/03/20 23:45:55 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 23:45:54 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/03/20 23:45:54 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/03/20 23:44:27 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/20 23:36:01 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/03/20 23:35:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 23:35:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 23:35:22 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/20 23:34:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/20 23:28:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/20 23:27:56 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 23:20:26 | 000,250,048 | RHS- | M] () -- C:\ntldr

========== Files Created - No Company Name ==========

[2010/03/28 15:08:01 | 002,139,654 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Ultimate (v1.4 os31)-samgo9861.ipa
[2010/03/28 04:45:16 | 000,013,132 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/28 03:18:48 | 002,139,654 | R--- | C] () -- C:\Documents and Settings\home\Desktop\Ultimate (v1.4 os31)-samgo9861.ipa.zip
[2010/03/28 02:59:38 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\home\Desktop\iPhone Copy.lnk
[2010/03/27 21:05:38 | 000,082,944 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/27 21:05:16 | 000,488,240 | ---- | C] () -- C:\Documents and Settings\home\Desktop\HelpAsst_mebroot_fix.exe
[2010/03/26 17:56:35 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/26 17:56:35 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/26 08:22:09 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/03/26 07:51:18 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/26 07:47:54 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/03/26 07:14:22 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/03/26 07:14:06 | 000,422,437 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/03/24 18:55:05 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/24 16:22:16 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Spybot - Search & Destroy.lnk
[2010/03/24 16:06:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/24 15:58:06 | 000,001,834 | -HS- | C] () -- C:\Documents and Settings\home\Local Settings\Application Data\Mh3jm32txN
[2010/03/24 15:58:06 | 000,001,834 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/23 18:26:37 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\home\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/23 18:19:43 | 000,000,467 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Oxelon Media Converter.lnk
[2010/03/23 18:19:43 | 000,000,047 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Oxelon.com.url
[2010/03/22 06:37:14 | 000,001,850 | ---- | C] () -- C:\Documents and Settings\home\My Documents\ProfitUI Reborn Updater.lnk
[2010/03/22 06:37:05 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\home\My Documents\Readme.url
[2010/03/22 06:37:05 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\home\My Documents\Install ProfitUI Updater.url
[2010/03/22 06:18:46 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\home\Desktop\EQ2MAP Updater.lnk
[2010/03/22 06:08:11 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/03/22 06:08:10 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/21 19:12:10 | 000,876,742 | ---- | C] () -- C:\Documents and Settings\home\Desktop\ACT-Setup.exe
[2010/03/21 15:41:14 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/03/21 15:41:10 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/03/21 03:06:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/21 02:41:55 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Internet Explorer.lnk
[2010/03/21 02:27:32 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/21 02:25:27 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\home\Application Data\winscp.rnd
[2010/03/21 02:25:25 | 000,001,464 | ---- | C] () -- C:\Documents and Settings\home\Desktop\WinSCP.lnk
[2010/03/21 01:23:00 | 000,001,453 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EverQuest II.lnk
[2010/03/21 01:19:24 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/21 01:18:34 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/21 01:18:19 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/21 00:23:28 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100321-002328.backup
[2010/03/21 00:04:12 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\home\Desktop\CCleaner.lnk
[2010/03/20 23:58:54 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/03/20 23:58:47 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/03/20 23:58:46 | 058,110,411 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/20 23:58:46 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/03/20 23:58:46 | 000,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/03/20 23:58:46 | 000,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/03/20 23:55:49 | 000,171,967 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.hlp
[2010/03/20 23:55:49 | 000,007,348 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.cnt
[2010/03/20 23:52:21 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\home\ntuser.ini
[2010/03/20 23:52:20 | 010,747,904 | -H-- | C] () -- C:\Documents and Settings\home\NTUSER.DAT
[2010/03/20 23:50:38 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 23:49:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/20 23:49:48 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/03/20 23:49:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/03/20 23:49:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/03/20 23:49:27 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/03/20 23:49:17 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/03/20 23:49:16 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/03/20 23:49:12 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/03/20 23:49:11 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/03/20 23:49:05 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/03/20 23:48:58 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/03/20 23:48:54 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/03/20 23:48:41 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/03/20 23:48:35 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/03/20 23:48:35 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/03/20 23:48:35 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/03/20 23:48:33 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/03/20 23:48:33 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/03/20 23:48:33 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/03/20 23:48:33 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/03/20 23:48:33 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/03/20 23:48:33 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/03/20 23:48:33 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/03/20 23:48:32 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/03/20 23:48:32 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/03/20 23:48:32 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/03/20 23:48:32 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/20 23:48:31 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/03/20 23:48:31 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/03/20 23:48:10 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/20 23:48:10 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/20 23:48:10 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/03/20 23:48:03 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 23:48:03 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 23:48:02 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 23:47:26 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 23:47:26 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 23:47:19 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Windows Movie Maker.lnk
[2010/03/20 23:47:13 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/03/20 23:46:44 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/03/20 23:46:44 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/03/20 23:46:36 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/03/20 23:45:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 23:45:18 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/03/20 23:45:18 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/03/20 23:45:18 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/03/20 23:45:18 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/03/20 23:45:18 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/03/20 23:45:18 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/03/20 23:45:18 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/03/20 23:45:18 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/03/20 23:45:17 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/03/20 23:45:17 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/03/20 23:45:17 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/03/20 23:45:17 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/03/20 23:45:17 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/03/20 23:45:17 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/03/20 23:45:17 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/03/20 23:45:17 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/03/20 23:45:17 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/03/20 23:45:16 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/03/20 23:45:16 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/03/20 23:45:12 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/03/20 23:45:12 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/03/20 23:45:11 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/03/20 23:45:06 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/03/20 23:36:01 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/03/20 23:34:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/20 23:12:28 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/03/20 23:12:28 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/03/20 23:12:28 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/03/20 23:12:28 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/03/20 23:12:28 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/03/20 23:12:28 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/03/20 23:12:28 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/03/20 23:12:28 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/03/20 23:12:28 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/03/20 23:12:28 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/03/20 23:12:28 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/03/20 23:12:28 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/03/20 23:12:28 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/03/20 23:12:27 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/03/20 23:12:27 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/03/20 23:12:27 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/03/20 23:12:27 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/03/20 23:12:27 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/03/20 23:12:27 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/03/20 23:12:27 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/03/20 23:12:27 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/03/20 23:12:27 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/03/20 23:12:27 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/03/20 23:12:27 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/03/20 23:12:27 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/03/20 23:12:27 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/03/20 23:12:27 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/03/20 23:12:27 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/03/20 23:12:27 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/03/20 23:12:27 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/03/20 23:12:27 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/03/20 23:12:27 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/03/20 23:12:27 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/03/20 23:12:27 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/03/20 23:12:27 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/03/20 23:12:27 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/03/20 23:12:27 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/03/20 23:12:27 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/03/20 23:12:26 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/03/20 23:12:26 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/03/20 23:12:26 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/03/20 23:12:26 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/03/20 23:12:26 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/03/20 23:12:25 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/03/20 23:12:25 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/03/20 23:12:25 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/03/20 23:12:25 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/03/20 23:12:25 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/03/20 23:12:25 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/03/20 23:12:25 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/03/20 23:12:23 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/03/20 23:12:23 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/03/20 23:12:23 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/03/20 23:12:23 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/03/20 23:12:23 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/03/20 23:12:23 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/03/20 23:12:23 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/03/20 23:12:23 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/03/20 23:12:23 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/03/20 23:12:23 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/03/20 23:12:23 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/03/20 23:12:11 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/03/20 18:42:20 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/03/20 18:42:20 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/03/20 18:42:20 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/03/20 18:42:19 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/03/20 18:42:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/03/20 18:42:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/03/20 18:42:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/03/20 18:42:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/03/20 18:42:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/03/20 18:42:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/03/20 18:42:08 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/03/20 18:42:08 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/03/20 18:42:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/03/20 18:42:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/03/20 18:42:03 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/03/20 18:39:55 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/03/20 18:39:55 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/03/20 18:39:55 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/03/20 18:39:55 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/03/20 18:39:55 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/03/20 18:39:55 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/03/20 18:39:55 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/03/20 18:39:55 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/03/20 18:39:19 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/20 18:38:37 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/03/20 18:38:37 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/03/20 23:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/03/26 07:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/21 03:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2010/03/26 07:47:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/21 01:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/26 07:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\CheckPoint
[2010/03/24 16:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\D8585968FC18271731C4ED43D7D5AD4E
[2010/03/23 18:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\OxelonMC
[2010/03/22 06:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\ProfitUI Reborn Updater
[2010/03/26 08:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\QuickScan
[2010/03/20 23:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Windows Desktop Search
[2010/03/21 02:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Windows Search
[2010/03/26 07:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\WinPatrol
[2010/03/28 14:18:16 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2004/08/12 10:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/03/20 23:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/03/20 23:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2010/03/20 23:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/12 10:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/03/20 23:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/03/20 23:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010/03/20 23:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/12 09:55:51 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/12 09:57:17 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2004/06/29 12:17:16 | 000,477,952 | ---- | M] (Intel Corporation) MD5=D7731536E183B4397402CA6F9E1D52F7 -- C:\Program Files\Intel\Intel Application Accelerator\Driver\iaStor.sys
[2010/03/24 21:08:38 | 000,477,952 | ---- | M] (Intel Corporation) MD5=D7731536E183B4397402CA6F9E1D52F7 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2004/08/12 10:11:50 | 000,467,200 | ---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 -- C:\WINDOWS\dell\iastor\iastor.sys
[2004/08/12 10:11:50 | 000,467,200 | ---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 -- C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\78cf8552430e25a8f24bc1e4dfb1970e\sp2qfe\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\sp2qfe\netlogon.dll
[2004/08/12 10:02:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/12 10:04:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/03/20 18:38:37 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/03/20 18:38:37 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/03/20 18:38:37 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< End of report >

broni · 2010/03/28

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
O2 - BHO: (no name) - {25526b16-f633-481c-8891-b9f8903112a4} - No CLSID value found.
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab  (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab  (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1


:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[resethosts]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

gideon01 · 2010/03/28

here is the log i got at reboot, not sure if ya wanted that. the quick scan is running now

User: home
->Temp folder emptied: 1130334 bytes
->Temporary Internet Files folder emptied: 4782719 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 42997332 bytes
->Flash cache emptied: 1691 bytes

User: LocalService
->Temp folder emptied: 1060232 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 1982920 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1114322 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 808 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 51.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error: Unable to interpret <[Reboot][emptytemp]> in the current context!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.1.37.3 log created on 03282010_160828

Files\Folders moved on Reboot...
C:\Documents and Settings\home\Local Settings\Temp\~DFDDC9.tmp moved successfully.
C:\Documents and Settings\home\Local Settings\Temp\IswTmp\Logs\ISWSHEX.swl moved successfully.
File\Folder C:\WINDOWS\temp\ZLT01acd.TMP not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\p_100000474439173=1[2].txt not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\p_100000474439173=1[3].txt not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q100000079546788_3739[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q100000088618603_8157[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q100000098988905_6812[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q100000462279226_8500[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q100000471752650_1250[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1235603162_4332[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1253565115_6139[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1343483082_7908[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1376260699_1158[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1392263093_7365[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1474660307_3683[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1478705103_6862[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1635885209_5664[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q1836763008_6532[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q84676880419_2617[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\q_silhouette[1].gif not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\render_ads[1].js not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\rtv_300x80[1].jpg not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\scopePopupHandler[1].aspx not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\search[1] not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\search[1].php not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\search[2].php not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\search[3].php not found!
File\Folder C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\MAU6H4AH\search[4].php not found!
C:\Documents and Settings\LocalService\Local Settings\Temp\IswTmp\Logs\ISWSHEX.swl moved successfully.

Registry entries deleted on Reboot...

gideon01 · 2010/03/28

OTL logfile created on: 3/28/2010 4:13:19 PM - Run 4
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\home\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 125.37 Gb Free Space | 84.14% Space Free | Partition Type: NTFS
Drive D: | 6.32 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KLAHRE-61E8BF5D
Current User Name: home
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/28 14:19:55 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
PRC - [2010/03/26 07:49:31 | 000,818,256 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/03/26 07:49:30 | 001,263,728 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/03/24 16:31:53 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/21 08:37:43 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/21 08:37:42 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/03/21 08:37:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/21 08:37:11 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/03/21 08:37:10 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/21 08:37:09 | 001,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/11/22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009/11/22 15:42:50 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2009/10/14 09:30:06 | 000,730,480 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2009/10/10 17:07:08 | 000,320,832 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/05/26 23:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/06/30 14:33:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2004/06/29 12:23:32 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/06/29 12:22:56 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe

========== Modules (SafeList) ==========

MOD - [2010/03/28 14:19:55 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
MOD - [2009/10/14 09:30:36 | 000,628,080 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2007/03/26 14:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/26 07:49:30 | 001,263,728 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/03/21 08:37:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/21 08:37:11 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/11/22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2004/06/29 12:22:56 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.whtm.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.startup.homepage: "www.msn.com "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.13
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.53.4

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010/03/26 08:08:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/27 06:53:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/24 16:32:02 | 000,000,000 | ---D | M]

[2010/03/21 03:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Mozilla\Extensions
[2010/03/21 02:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/03/27 18:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions
[2010/03/21 14:09:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/26 17:18:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/03/21 14:09:38 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\searchplugins\bing-ff.xml
[2010/03/27 18:21:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/03/28 16:08:39 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {25526b16-f633-481c-8891-b9f8903112a4} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/20 23:48:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/06/11 22:27:33 | 000,000,140 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/28 16:07:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/28 14:19:54 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
[2010/03/28 04:30:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\Tansee
[2010/03/28 03:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop\New Folder
[2010/03/28 02:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Tansee iPhone Copy
[2010/03/27 21:05:38 | 000,278,016 | ---- | C] (SteelWerX) -- C:\WINDOWS\swreg.exe
[2010/03/27 20:40:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\Recent
[2010/03/26 19:40:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/26 07:50:00 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/03/26 07:49:48 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/26 07:47:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/26 07:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/26 07:47:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/03/26 07:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2010/03/26 07:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\addware malware tools
[2010/03/26 07:33:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\ccleaner logs
[2010/03/26 07:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\WinPatrol
[2010/03/26 07:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/03/26 07:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\ForceField Shared Files
[2010/03/26 07:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\CheckPoint
[2010/03/26 07:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010/03/26 07:14:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010/03/26 07:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010/03/26 07:13:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010/03/26 07:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/26 07:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/03/26 06:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\QuickScan
[2010/03/25 18:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/03/25 16:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop\iPhone Ringtones
[2010/03/24 18:54:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/24 18:54:49 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/24 18:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/24 17:40:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/24 16:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/03/24 16:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/03/24 16:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/03/24 15:58:28 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\.COMMgr
[2010/03/24 15:57:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\msapps
[2010/03/24 15:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\D8585968FC18271731C4ED43D7D5AD4E
[2010/03/23 18:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\DVDVideoSoft
[2010/03/23 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/03/23 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/03/23 18:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\OxelonMC
[2010/03/23 18:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\OxelonMedia
[2010/03/23 16:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/03/23 16:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\.SunDownloadManager
[2010/03/22 06:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\ProfitUI Reborn Updater
[2010/03/22 06:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010/03/22 06:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/03/21 21:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/03/21 19:00:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/03/21 18:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/21 15:41:06 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/21 15:38:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/21 14:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Malwarebytes
[2010/03/21 14:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/21 14:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/21 14:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\Downloads
[2010/03/21 08:37:42 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/21 03:19:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/03/21 03:05:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Mozilla
[2010/03/21 03:02:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2010/03/21 02:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/21 02:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2010/03/21 02:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Windows Search
[2010/03/21 02:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\LimeWire
[2010/03/21 02:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Mozilla
[2010/03/21 02:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\WinRAR
[2010/03/21 02:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/03/21 01:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/03/21 01:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2010/03/21 01:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Apple Computer
[2010/03/21 01:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/03/21 01:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/03/21 01:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/21 01:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/03/21 01:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/21 01:18:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/21 01:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Apple
[2010/03/21 01:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/03/21 01:18:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/03/21 01:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/21 01:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/03/21 01:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Apple Computer
[2010/03/21 00:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\ApplicationHistory
[2010/03/21 00:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Yahoo!
[2010/03/21 00:04:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/03/20 23:58:52 | 000,242,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/20 23:58:47 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/20 23:58:47 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/20 23:58:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/03/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/03/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/20 23:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/03/20 23:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/20 23:56:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/03/20 23:56:27 | 000,381,056 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\drivers\senfilt.sys
[2010/03/20 23:56:26 | 000,991,232 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\virtear.dll
[2010/03/20 23:56:26 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2010/03/20 23:56:26 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2010/03/20 23:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar
[2010/03/20 23:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2010/03/20 23:55:50 | 000,446,464 | R--- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\hhactivex.dll
[2010/03/20 23:55:49 | 000,328,480 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System32\ssa3d30.ocx
[2010/03/20 23:55:47 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/20 23:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/03/20 23:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/03/20 23:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/20 23:55:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/20 23:55:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/20 23:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Macromedia
[2010/03/20 23:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Adobe
[2010/03/20 23:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Identities
[2010/03/20 23:52:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/03/20 23:52:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents\My Music
[2010/03/20 23:52:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents\My Pictures
[2010/03/20 23:52:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\home\Application Data\Microsoft
[2010/03/20 23:52:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\SendTo
[2010/03/20 23:52:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\Application Data
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\Start Menu
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\Favorites
[2010/03/20 23:52:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\Cookies
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\Templates
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\PrintHood
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\NetHood
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\Local Settings
[2010/03/20 23:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Microsoft
[2010/03/20 23:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop
[2010/03/20 23:51:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/03/20 23:51:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/03/20 23:51:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\IECompatCache
[2010/03/20 23:50:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\PrivacIE
[2010/03/20 23:49:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\IETldCache
[2010/03/20 23:49:32 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/03/20 23:49:32 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/03/20 23:48:49 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/03/20 23:48:49 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/03/20 23:48:49 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/03/20 23:48:36 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/03/20 23:48:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/03/20 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/03/20 23:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/03/20 23:48:18 | 000,000,000 | ---D | C] -- C:\DELL
[2010/03/20 23:47:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/03/20 23:47:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/03/20 23:47:26 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/03/20 23:47:19 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/03/20 23:47:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/03/20 23:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/03/20 23:46:32 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/03/20 23:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/20 23:46:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/03/20 23:46:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/03/20 23:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/03/20 23:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/03/20 23:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/03/20 23:46:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/03/20 23:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/03/20 23:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/03/20 23:45:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/03/20 23:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/03/20 23:45:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/03/20 23:45:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/03/20 23:45:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/03/20 23:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/03/20 23:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/03/20 23:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/03/20 23:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/03/20 23:44:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/03/20 23:44:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/03/20 23:44:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/03/20 23:44:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/03/20 23:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/03/20 23:43:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/03/20 23:43:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/03/20 23:39:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/03/20 23:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/03/20 23:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/03/20 23:38:54 | 000,000,000 | ---D | C] -- C:\950cce00c90ed71ec89d5b7c4e7f
[2010/03/20 23:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Identities
[2010/03/20 23:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Windows Desktop Search
[2010/03/20 23:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010/03/20 23:35:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/03/20 23:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/03/20 23:34:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/03/20 23:34:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/03/20 23:33:46 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/03/20 23:33:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/03/20 23:33:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/03/20 23:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/20 23:27:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/03/20 23:21:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/03/20 23:20:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/03/20 23:19:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/03/20 23:19:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/03/20 23:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/03/20 23:04:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/03/20 23:04:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/03/20 23:04:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/03/20 23:03:49 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\UserData
[2010/03/20 23:00:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/03/20 22:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Sun
[2010/03/20 22:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/20 22:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/20 22:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2010/03/20 22:58:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/20 18:42:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/03/20 18:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/03/20 18:42:19 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/03/20 18:41:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/03/20 18:41:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/03/20 18:41:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/03/20 18:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/03/20 18:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/03/20 18:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/03/20 18:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/03/20 18:39:37 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/03/20 18:39:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/03/20 18:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/03/20 18:39:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/20 18:33:12 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/03/20 18:33:12 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/03/20 18:33:12 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/03/20 18:33:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

gideon01 · 2010/03/28

========== Files - Modified Within 14 Days ==========

[2010/03/28 16:13:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/28 16:11:31 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/28 16:10:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/28 16:10:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/28 16:09:24 | 010,747,904 | -H-- | M] () -- C:\Documents and Settings\home\NTUSER.DAT
[2010/03/28 16:08:39 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/03/28 15:47:01 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/28 15:08:10 | 002,139,654 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Ultimate (v1.4 os31)-samgo9861.ipa
[2010/03/28 14:19:55 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
[2010/03/28 09:55:28 | 058,110,411 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/28 04:45:16 | 000,013,132 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/28 03:21:43 | 000,013,104 | ---- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/28 03:18:48 | 002,139,654 | R--- | M] () -- C:\Documents and Settings\home\Desktop\Ultimate (v1.4 os31)-samgo9861.ipa.zip
[2010/03/28 02:59:38 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\home\Desktop\iPhone Copy.lnk
[2010/03/27 21:09:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\home\ntuser.ini
[2010/03/27 21:05:17 | 000,488,240 | ---- | M] () -- C:\Documents and Settings\home\Desktop\HelpAsst_mebroot_fix.exe
[2010/03/27 20:32:21 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/26 19:17:03 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/26 17:26:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/26 07:49:47 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/26 07:49:45 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/03/26 07:47:54 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/03/26 07:15:15 | 000,422,437 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/03/26 07:14:22 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/03/25 18:21:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/25 07:51:25 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\home\Application Data\winscp.rnd
[2010/03/25 06:19:43 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/24 16:22:16 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Spybot - Search & Destroy.lnk
[2010/03/24 15:58:44 | 000,001,834 | -HS- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\Mh3jm32txN
[2010/03/24 15:58:44 | 000,001,834 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/23 20:32:18 | 004,795,504 | -H-- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\IconCache.db
[2010/03/23 18:26:37 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\home\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/23 18:19:43 | 000,000,467 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oxelon Media Converter.lnk
[2010/03/23 18:19:43 | 000,000,047 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oxelon.com.url
[2010/03/22 06:53:36 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\home\Desktop\EQ2MAP Updater.lnk
[2010/03/22 06:35:28 | 000,001,850 | ---- | M] () -- C:\Documents and Settings\home\My Documents\ProfitUI Reborn Updater.lnk
[2010/03/22 06:08:12 | 000,000,262 | ---- | M] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/22 06:08:11 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/03/21 19:12:16 | 000,876,742 | ---- | M] () -- C:\Documents and Settings\home\Desktop\ACT-Setup.exe
[2010/03/21 15:41:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/21 08:37:44 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/21 08:37:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/21 08:37:42 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/21 08:37:10 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/21 03:06:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/03/21 02:41:55 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Internet Explorer.lnk
[2010/03/21 02:27:32 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/21 02:25:25 | 000,001,464 | ---- | M] () -- C:\Documents and Settings\home\Desktop\WinSCP.lnk
[2010/03/21 01:23:00 | 000,001,453 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EverQuest II.lnk
[2010/03/21 01:18:34 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/21 00:22:08 | 000,551,164 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/21 00:22:08 | 000,462,168 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/21 00:22:08 | 000,078,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/21 00:04:12 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\home\Desktop\CCleaner.lnk
[2010/03/20 23:58:54 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/03/20 23:58:47 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/03/20 23:58:46 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/03/20 23:58:46 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/03/20 23:58:46 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/03/20 23:50:38 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 23:49:56 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/20 23:48:10 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/20 23:48:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/20 23:48:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/20 23:47:58 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/20 23:47:26 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 23:47:26 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 23:47:19 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Windows Movie Maker.lnk
[2010/03/20 23:45:55 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 23:45:54 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/03/20 23:45:54 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/03/20 23:44:27 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/20 23:36:01 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/03/20 23:35:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 23:35:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 23:35:22 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/20 23:34:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/20 23:28:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/20 23:27:56 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 23:20:26 | 000,250,048 | RHS- | M] () -- C:\ntldr

========== Files Created - No Company Name ==========

[2010/03/28 15:08:01 | 002,139,654 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Ultimate (v1.4 os31)-samgo9861.ipa
[2010/03/28 04:45:16 | 000,013,132 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/28 03:18:48 | 002,139,654 | R--- | C] () -- C:\Documents and Settings\home\Desktop\Ultimate (v1.4 os31)-samgo9861.ipa.zip
[2010/03/28 02:59:38 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\home\Desktop\iPhone Copy.lnk
[2010/03/27 21:05:38 | 000,082,944 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/27 21:05:16 | 000,488,240 | ---- | C] () -- C:\Documents and Settings\home\Desktop\HelpAsst_mebroot_fix.exe
[2010/03/26 17:56:35 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/26 17:56:35 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/26 08:22:09 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/03/26 07:51:18 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/26 07:47:54 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/03/26 07:14:22 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/03/26 07:14:06 | 000,422,437 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/03/24 18:55:05 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/24 16:22:16 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Spybot - Search & Destroy.lnk
[2010/03/24 16:06:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/24 15:58:06 | 000,001,834 | -HS- | C] () -- C:\Documents and Settings\home\Local Settings\Application Data\Mh3jm32txN
[2010/03/24 15:58:06 | 000,001,834 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/23 18:26:37 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\home\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/23 18:19:43 | 000,000,467 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Oxelon Media Converter.lnk
[2010/03/23 18:19:43 | 000,000,047 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Oxelon.com.url
[2010/03/22 06:37:14 | 000,001,850 | ---- | C] () -- C:\Documents and Settings\home\My Documents\ProfitUI Reborn Updater.lnk
[2010/03/22 06:37:05 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\home\My Documents\Readme.url
[2010/03/22 06:37:05 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\home\My Documents\Install ProfitUI Updater.url
[2010/03/22 06:18:46 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\home\Desktop\EQ2MAP Updater.lnk
[2010/03/22 06:08:11 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/03/22 06:08:10 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/21 19:12:10 | 000,876,742 | ---- | C] () -- C:\Documents and Settings\home\Desktop\ACT-Setup.exe
[2010/03/21 15:41:14 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/03/21 15:41:10 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/03/21 03:06:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/21 02:41:55 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Internet Explorer.lnk
[2010/03/21 02:27:32 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/21 02:25:27 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\home\Application Data\winscp.rnd
[2010/03/21 02:25:25 | 000,001,464 | ---- | C] () -- C:\Documents and Settings\home\Desktop\WinSCP.lnk
[2010/03/21 01:23:00 | 000,001,453 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EverQuest II.lnk
[2010/03/21 01:19:24 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/21 01:18:34 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/21 01:18:19 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/21 00:23:28 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100321-002328.backup
[2010/03/21 00:04:12 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\home\Desktop\CCleaner.lnk
[2010/03/20 23:58:54 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/03/20 23:58:47 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/03/20 23:58:46 | 058,110,411 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/20 23:58:46 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/03/20 23:58:46 | 000,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/03/20 23:58:46 | 000,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/03/20 23:55:49 | 000,171,967 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.hlp
[2010/03/20 23:55:49 | 000,007,348 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.cnt
[2010/03/20 23:52:21 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\home\ntuser.ini
[2010/03/20 23:52:20 | 010,747,904 | -H-- | C] () -- C:\Documents and Settings\home\NTUSER.DAT
[2010/03/20 23:50:38 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 23:49:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/20 23:49:48 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/03/20 23:49:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/03/20 23:49:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/03/20 23:49:27 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/03/20 23:49:17 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/03/20 23:49:16 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/03/20 23:49:12 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/03/20 23:49:11 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/03/20 23:49:05 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/03/20 23:48:58 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/03/20 23:48:54 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/03/20 23:48:41 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/03/20 23:48:35 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/03/20 23:48:35 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/03/20 23:48:35 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/03/20 23:48:33 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/03/20 23:48:33 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/03/20 23:48:33 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/03/20 23:48:33 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/03/20 23:48:33 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/03/20 23:48:33 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/03/20 23:48:33 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/03/20 23:48:32 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/03/20 23:48:32 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/03/20 23:48:32 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/03/20 23:48:32 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/20 23:48:31 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/03/20 23:48:31 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/03/20 23:48:10 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/20 23:48:10 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/20 23:48:10 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/03/20 23:48:03 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 23:48:03 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 23:48:02 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 23:47:26 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 23:47:26 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 23:47:19 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Windows Movie Maker.lnk
[2010/03/20 23:47:13 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/03/20 23:46:44 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/03/20 23:46:44 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/03/20 23:46:36 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/03/20 23:45:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 23:45:18 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/03/20 23:45:18 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/03/20 23:45:18 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/03/20 23:45:18 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/03/20 23:45:18 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/03/20 23:45:18 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/03/20 23:45:18 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/03/20 23:45:18 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/03/20 23:45:17 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/03/20 23:45:17 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/03/20 23:45:17 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/03/20 23:45:17 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/03/20 23:45:17 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/03/20 23:45:17 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/03/20 23:45:17 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/03/20 23:45:17 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/03/20 23:45:17 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/03/20 23:45:16 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/03/20 23:45:16 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/03/20 23:45:12 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/03/20 23:45:12 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/03/20 23:45:11 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/03/20 23:45:06 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/03/20 23:36:01 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/03/20 23:34:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/20 23:12:28 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/03/20 23:12:28 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/03/20 23:12:28 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/03/20 23:12:28 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/03/20 23:12:28 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/03/20 23:12:28 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/03/20 23:12:28 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/03/20 23:12:28 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/03/20 23:12:28 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/03/20 23:12:28 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/03/20 23:12:28 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/03/20 23:12:28 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/03/20 23:12:28 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/03/20 23:12:27 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/03/20 23:12:27 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/03/20 23:12:27 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/03/20 23:12:27 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/03/20 23:12:27 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/03/20 23:12:27 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/03/20 23:12:27 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/03/20 23:12:27 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/03/20 23:12:27 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/03/20 23:12:27 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/03/20 23:12:27 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/03/20 23:12:27 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/03/20 23:12:27 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/03/20 23:12:27 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/03/20 23:12:27 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/03/20 23:12:27 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/03/20 23:12:27 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/03/20 23:12:27 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/03/20 23:12:27 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/03/20 23:12:27 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/03/20 23:12:27 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/03/20 23:12:27 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/03/20 23:12:27 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/03/20 23:12:27 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/03/20 23:12:27 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/03/20 23:12:26 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/03/20 23:12:26 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/03/20 23:12:26 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/03/20 23:12:26 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/03/20 23:12:26 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/03/20 23:12:25 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/03/20 23:12:25 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/03/20 23:12:25 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/03/20 23:12:25 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/03/20 23:12:25 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/03/20 23:12:25 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/03/20 23:12:25 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/03/20 23:12:23 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/03/20 23:12:23 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/03/20 23:12:23 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/03/20 23:12:23 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/03/20 23:12:23 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/03/20 23:12:23 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/03/20 23:12:23 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/03/20 23:12:23 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/03/20 23:12:23 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/03/20 23:12:23 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/03/20 23:12:23 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/03/20 23:12:11 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/03/20 18:42:20 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/03/20 18:42:20 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/03/20 18:42:20 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/03/20 18:42:19 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/03/20 18:42:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/03/20 18:42:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/03/20 18:42:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/03/20 18:42:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/03/20 18:42:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/03/20 18:42:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/03/20 18:42:08 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/03/20 18:42:08 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/03/20 18:42:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/03/20 18:42:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/03/20 18:42:03 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/03/20 18:39:55 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/03/20 18:39:55 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/03/20 18:39:55 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/03/20 18:39:55 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/03/20 18:39:55 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/03/20 18:39:55 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/03/20 18:39:55 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/03/20 18:39:55 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/03/20 18:39:19 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/20 18:38:37 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/03/20 18:38:37 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/03/20 23:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/03/26 07:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/21 03:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2010/03/26 07:47:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/21 01:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/26 07:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\CheckPoint
[2010/03/24 16:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\D8585968FC18271731C4ED43D7D5AD4E
[2010/03/23 18:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\OxelonMC
[2010/03/22 06:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\ProfitUI Reborn Updater
[2010/03/26 08:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\QuickScan
[2010/03/20 23:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Windows Desktop Search
[2010/03/21 02:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Windows Search
[2010/03/26 07:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\WinPatrol
[2010/03/28 16:13:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

< End of report >

broni · 2010/03/28

It looks like you missed a "colon" in front of OTL:
:OTL
When copying my script.

Please, re-do. Make sure you copy everything what is listed in OTL code box.

gideon01 · 2010/03/28

OTL logfile created on: 3/28/2010 4:34:05 PM - Run 5
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\home\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 125.34 Gb Free Space | 84.12% Space Free | Partition Type: NTFS
Drive D: | 6.32 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KLAHRE-61E8BF5D
Current User Name: home
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/28 14:19:55 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
PRC - [2010/03/26 07:49:31 | 000,818,256 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/03/26 07:49:30 | 001,263,728 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/03/24 16:31:53 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/21 08:37:43 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/21 08:37:42 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/03/21 08:37:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/21 08:37:11 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/03/21 08:37:10 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/21 08:37:09 | 001,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/11/22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009/11/22 15:42:50 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2009/10/14 09:30:06 | 000,730,480 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2009/10/10 17:07:08 | 000,320,832 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/05/26 23:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/06/30 14:33:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2004/06/29 12:23:32 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/06/29 12:22:56 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe

========== Modules (SafeList) ==========

MOD - [2010/03/28 14:19:55 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
MOD - [2009/10/14 09:30:36 | 000,628,080 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2007/03/26 14:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/26 07:49:30 | 001,263,728 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/03/21 08:37:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/21 08:37:11 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/11/22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2004/06/29 12:22:56 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.whtm.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.startup.homepage: "www.msn.com "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.13
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.53.4

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010/03/26 08:08:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/27 06:53:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/24 16:32:02 | 000,000,000 | ---D | M]

[2010/03/21 03:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Mozilla\Extensions
[2010/03/21 02:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/03/27 18:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions
[2010/03/21 14:09:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/26 17:18:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/03/21 14:09:38 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\searchplugins\bing-ff.xml
[2010/03/27 18:21:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/03/28 16:25:11 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {25526b16-f633-481c-8891-b9f8903112a4} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/20 23:48:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/06/11 22:27:33 | 000,000,140 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/28 16:07:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/28 14:19:54 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
[2010/03/28 04:30:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\Tansee
[2010/03/28 03:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop\New Folder
[2010/03/28 02:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Tansee iPhone Copy
[2010/03/27 21:05:38 | 000,278,016 | ---- | C] (SteelWerX) -- C:\WINDOWS\swreg.exe
[2010/03/27 20:40:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\Recent
[2010/03/26 19:40:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/26 07:50:00 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/03/26 07:49:48 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/26 07:47:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/26 07:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/26 07:47:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/03/26 07:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2010/03/26 07:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\addware malware tools
[2010/03/26 07:33:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\ccleaner logs
[2010/03/26 07:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\WinPatrol
[2010/03/26 07:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/03/26 07:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\ForceField Shared Files
[2010/03/26 07:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\CheckPoint
[2010/03/26 07:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010/03/26 07:14:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010/03/26 07:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010/03/26 07:13:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010/03/26 07:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/26 07:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/03/26 06:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\QuickScan
[2010/03/25 18:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/03/25 16:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop\iPhone Ringtones
[2010/03/24 18:54:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/24 18:54:49 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/24 18:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/24 17:40:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/24 16:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/03/24 16:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/03/24 16:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/03/24 15:58:28 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\.COMMgr
[2010/03/24 15:57:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\msapps
[2010/03/24 15:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\D8585968FC18271731C4ED43D7D5AD4E
[2010/03/23 18:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\DVDVideoSoft
[2010/03/23 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/03/23 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/03/23 18:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\OxelonMC
[2010/03/23 18:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\OxelonMedia
[2010/03/23 16:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/03/23 16:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\.SunDownloadManager
[2010/03/22 06:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\ProfitUI Reborn Updater
[2010/03/22 06:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010/03/22 06:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/03/21 21:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/03/21 19:00:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/03/21 18:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/21 15:41:06 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/21 15:38:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/21 14:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Malwarebytes
[2010/03/21 14:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/21 14:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/21 14:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\Downloads
[2010/03/21 08:37:42 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/21 03:19:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/03/21 03:05:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Mozilla
[2010/03/21 03:02:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2010/03/21 02:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/21 02:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2010/03/21 02:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Windows Search
[2010/03/21 02:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\My Documents\LimeWire
[2010/03/21 02:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Mozilla
[2010/03/21 02:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\WinRAR
[2010/03/21 02:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/03/21 01:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/03/21 01:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2010/03/21 01:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Apple Computer
[2010/03/21 01:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/03/21 01:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/03/21 01:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/21 01:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/03/21 01:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/21 01:18:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/21 01:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Apple
[2010/03/21 01:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/03/21 01:18:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/03/21 01:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/21 01:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/03/21 01:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Apple Computer
[2010/03/21 00:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\ApplicationHistory
[2010/03/21 00:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Yahoo!
[2010/03/21 00:04:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/03/20 23:58:52 | 000,242,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/20 23:58:47 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/20 23:58:47 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/20 23:58:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/03/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/03/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/20 23:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/03/20 23:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/20 23:56:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/03/20 23:56:27 | 000,381,056 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\drivers\senfilt.sys
[2010/03/20 23:56:26 | 000,991,232 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\virtear.dll
[2010/03/20 23:56:26 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2010/03/20 23:56:26 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2010/03/20 23:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar
[2010/03/20 23:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2010/03/20 23:55:50 | 000,446,464 | R--- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\hhactivex.dll
[2010/03/20 23:55:49 | 000,328,480 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System32\ssa3d30.ocx
[2010/03/20 23:55:47 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/20 23:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/03/20 23:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/03/20 23:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/20 23:55:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/20 23:55:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/20 23:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Macromedia
[2010/03/20 23:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Adobe
[2010/03/20 23:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Identities
[2010/03/20 23:52:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/03/20 23:52:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents\My Music
[2010/03/20 23:52:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents\My Pictures
[2010/03/20 23:52:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\home\Application Data\Microsoft
[2010/03/20 23:52:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\SendTo
[2010/03/20 23:52:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\home\Application Data
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\Start Menu
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\My Documents
[2010/03/20 23:52:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\home\Favorites
[2010/03/20 23:52:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\Cookies
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\Templates
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\PrintHood
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\NetHood
[2010/03/20 23:52:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\home\Local Settings
[2010/03/20 23:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Microsoft
[2010/03/20 23:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Desktop
[2010/03/20 23:51:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/03/20 23:51:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/03/20 23:51:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\IECompatCache
[2010/03/20 23:50:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\PrivacIE
[2010/03/20 23:49:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\IETldCache
[2010/03/20 23:49:32 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/03/20 23:49:32 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/03/20 23:48:49 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/03/20 23:48:49 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/03/20 23:48:49 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/03/20 23:48:36 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/03/20 23:48:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/03/20 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/03/20 23:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/03/20 23:48:18 | 000,000,000 | ---D | C] -- C:\DELL
[2010/03/20 23:47:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/03/20 23:47:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/03/20 23:47:26 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/03/20 23:47:19 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/03/20 23:47:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/03/20 23:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/03/20 23:46:32 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/03/20 23:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/20 23:46:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/03/20 23:46:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/03/20 23:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/03/20 23:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/03/20 23:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/03/20 23:46:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/03/20 23:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/03/20 23:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/03/20 23:45:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/03/20 23:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/03/20 23:45:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/03/20 23:45:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/03/20 23:45:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/03/20 23:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/03/20 23:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/03/20 23:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/03/20 23:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/03/20 23:44:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/03/20 23:44:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/03/20 23:44:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/03/20 23:44:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/03/20 23:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/03/20 23:43:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/03/20 23:43:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/03/20 23:39:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/03/20 23:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/03/20 23:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/03/20 23:38:54 | 000,000,000 | ---D | C] -- C:\950cce00c90ed71ec89d5b7c4e7f
[2010/03/20 23:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\Identities
[2010/03/20 23:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Windows Desktop Search
[2010/03/20 23:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010/03/20 23:35:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/03/20 23:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/03/20 23:34:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/03/20 23:34:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/03/20 23:33:46 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/03/20 23:33:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/03/20 23:33:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/03/20 23:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/20 23:27:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/03/20 23:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/03/20 23:21:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/03/20 23:20:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/03/20 23:19:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/03/20 23:19:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/03/20 23:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/03/20 23:04:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/03/20 23:04:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/03/20 23:04:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/03/20 23:03:49 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\home\UserData
[2010/03/20 23:00:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/03/20 22:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Application Data\Sun
[2010/03/20 22:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/20 22:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/20 22:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\home\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2010/03/20 22:58:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/20 18:42:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/03/20 18:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/03/20 18:42:19 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/03/20 18:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/03/20 18:41:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/03/20 18:41:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/03/20 18:41:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/03/20 18:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/03/20 18:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/03/20 18:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/03/20 18:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/03/20 18:39:37 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/03/20 18:39:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/03/20 18:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/03/20 18:39:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/20 18:33:12 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/03/20 18:33:12 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/03/20 18:33:12 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/03/20 18:33:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/03/20 18:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

gideon01 · 2010/03/28

========== Files - Modified Within 14 Days ==========

[2010/03/28 16:29:47 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/28 16:27:53 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/28 16:26:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/28 16:26:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/28 16:25:46 | 010,747,904 | -H-- | M] () -- C:\Documents and Settings\home\NTUSER.DAT
[2010/03/28 16:25:11 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/03/28 15:47:01 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/28 14:19:55 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\home\Desktop\OTL.exe
[2010/03/28 09:55:28 | 058,110,411 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/28 04:45:16 | 000,013,132 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/28 03:21:43 | 000,013,104 | ---- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/28 02:59:38 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\home\Desktop\iPhone Copy.lnk
[2010/03/27 21:09:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\home\ntuser.ini
[2010/03/27 21:05:17 | 000,488,240 | ---- | M] () -- C:\Documents and Settings\home\Desktop\HelpAsst_mebroot_fix.exe
[2010/03/27 20:32:21 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/26 19:17:03 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/26 17:26:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/26 07:49:47 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/26 07:49:45 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/03/26 07:47:54 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/03/26 07:15:15 | 000,422,437 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/03/26 07:14:22 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/03/25 18:21:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/25 07:51:25 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\home\Application Data\winscp.rnd
[2010/03/25 06:19:43 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/24 16:22:16 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Spybot - Search & Destroy.lnk
[2010/03/24 15:58:44 | 000,001,834 | -HS- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\Mh3jm32txN
[2010/03/24 15:58:44 | 000,001,834 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/23 20:32:18 | 004,795,504 | -H-- | M] () -- C:\Documents and Settings\home\Local Settings\Application Data\IconCache.db
[2010/03/23 18:26:37 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\home\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/23 18:19:43 | 000,000,467 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oxelon Media Converter.lnk
[2010/03/23 18:19:43 | 000,000,047 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oxelon.com.url
[2010/03/22 06:53:36 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\home\Desktop\EQ2MAP Updater.lnk
[2010/03/22 06:35:28 | 000,001,850 | ---- | M] () -- C:\Documents and Settings\home\My Documents\ProfitUI Reborn Updater.lnk
[2010/03/22 06:08:12 | 000,000,262 | ---- | M] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/22 06:08:11 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/03/21 19:12:16 | 000,876,742 | ---- | M] () -- C:\Documents and Settings\home\Desktop\ACT-Setup.exe
[2010/03/21 15:41:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/21 08:37:44 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/21 08:37:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/21 08:37:42 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/21 08:37:10 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/21 03:06:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/03/21 02:41:55 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Internet Explorer.lnk
[2010/03/21 02:27:32 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/21 02:25:25 | 000,001,464 | ---- | M] () -- C:\Documents and Settings\home\Desktop\WinSCP.lnk
[2010/03/21 01:23:00 | 000,001,453 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EverQuest II.lnk
[2010/03/21 01:18:34 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/21 00:22:08 | 000,551,164 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/21 00:22:08 | 000,462,168 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/21 00:22:08 | 000,078,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/21 00:04:12 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\home\Desktop\CCleaner.lnk
[2010/03/20 23:58:54 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/03/20 23:58:47 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/03/20 23:58:46 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/03/20 23:58:46 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/03/20 23:58:46 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/03/20 23:50:38 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 23:49:56 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/20 23:48:10 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/20 23:48:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/20 23:48:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/20 23:47:58 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/20 23:47:26 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 23:47:26 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 23:47:19 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\home\Desktop\Windows Movie Maker.lnk
[2010/03/20 23:45:55 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 23:45:54 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/03/20 23:45:54 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/03/20 23:44:27 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/20 23:36:01 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/03/20 23:35:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 23:35:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 23:35:22 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/20 23:34:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/20 23:28:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/20 23:27:56 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 23:20:26 | 000,250,048 | RHS- | M] () -- C:\ntldr

========== Files Created - No Company Name ==========

[2010/03/28 04:45:16 | 000,013,132 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/28 02:59:38 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\home\Desktop\iPhone Copy.lnk
[2010/03/27 21:05:38 | 000,082,944 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/27 21:05:16 | 000,488,240 | ---- | C] () -- C:\Documents and Settings\home\Desktop\HelpAsst_mebroot_fix.exe
[2010/03/26 17:56:35 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/26 17:56:35 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/26 08:22:09 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/03/26 07:51:18 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/26 07:47:54 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/03/26 07:14:22 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/03/26 07:14:06 | 000,422,437 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/03/24 18:55:05 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/24 16:22:16 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Spybot - Search & Destroy.lnk
[2010/03/24 16:06:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/24 15:58:06 | 000,001,834 | -HS- | C] () -- C:\Documents and Settings\home\Local Settings\Application Data\Mh3jm32txN
[2010/03/24 15:58:06 | 000,001,834 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/23 18:26:37 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\home\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/23 18:19:43 | 000,000,467 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Oxelon Media Converter.lnk
[2010/03/23 18:19:43 | 000,000,047 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Oxelon.com.url
[2010/03/22 06:37:14 | 000,001,850 | ---- | C] () -- C:\Documents and Settings\home\My Documents\ProfitUI Reborn Updater.lnk
[2010/03/22 06:37:05 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\home\My Documents\Readme.url
[2010/03/22 06:37:05 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\home\My Documents\Install ProfitUI Updater.url
[2010/03/22 06:18:46 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\home\Desktop\EQ2MAP Updater.lnk
[2010/03/22 06:08:11 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/03/22 06:08:10 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/21 19:12:10 | 000,876,742 | ---- | C] () -- C:\Documents and Settings\home\Desktop\ACT-Setup.exe
[2010/03/21 15:41:14 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/03/21 15:41:10 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/03/21 03:06:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/21 02:41:55 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Internet Explorer.lnk
[2010/03/21 02:27:32 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/21 02:25:27 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\home\Application Data\winscp.rnd
[2010/03/21 02:25:25 | 000,001,464 | ---- | C] () -- C:\Documents and Settings\home\Desktop\WinSCP.lnk
[2010/03/21 01:23:00 | 000,001,453 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EverQuest II.lnk
[2010/03/21 01:19:24 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/21 01:18:34 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/21 01:18:19 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/21 00:23:28 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100321-002328.backup
[2010/03/21 00:04:12 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\home\Desktop\CCleaner.lnk
[2010/03/20 23:58:54 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/03/20 23:58:47 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/03/20 23:58:46 | 058,110,411 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/20 23:58:46 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/03/20 23:58:46 | 000,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/03/20 23:58:46 | 000,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/03/20 23:55:49 | 000,171,967 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.hlp
[2010/03/20 23:55:49 | 000,007,348 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.cnt
[2010/03/20 23:52:21 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\home\ntuser.ini
[2010/03/20 23:52:20 | 010,747,904 | -H-- | C] () -- C:\Documents and Settings\home\NTUSER.DAT
[2010/03/20 23:50:38 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 23:49:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/20 23:49:48 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/03/20 23:49:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/03/20 23:49:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/03/20 23:49:27 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/03/20 23:49:17 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/03/20 23:49:16 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/03/20 23:49:12 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/03/20 23:49:11 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/03/20 23:49:05 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/03/20 23:48:58 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/03/20 23:48:54 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/03/20 23:48:41 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/03/20 23:48:35 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/03/20 23:48:35 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/03/20 23:48:35 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/03/20 23:48:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/03/20 23:48:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/03/20 23:48:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/03/20 23:48:33 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/03/20 23:48:33 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/03/20 23:48:33 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/03/20 23:48:33 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/03/20 23:48:33 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/03/20 23:48:33 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/03/20 23:48:33 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/03/20 23:48:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/03/20 23:48:32 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/03/20 23:48:32 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/03/20 23:48:32 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/03/20 23:48:32 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/20 23:48:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/20 23:48:31 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/03/20 23:48:31 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/03/20 23:48:10 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/20 23:48:10 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/20 23:48:10 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/03/20 23:48:10 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/03/20 23:48:03 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 23:48:03 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 23:48:02 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 23:47:26 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 23:47:26 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 23:47:22 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 23:47:19 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\home\Desktop\Windows Movie Maker.lnk
[2010/03/20 23:47:13 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/03/20 23:46:44 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/03/20 23:46:44 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/03/20 23:46:36 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/03/20 23:45:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 23:45:18 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/03/20 23:45:18 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/03/20 23:45:18 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/03/20 23:45:18 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/03/20 23:45:18 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/03/20 23:45:18 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/03/20 23:45:18 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/03/20 23:45:18 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/03/20 23:45:17 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/03/20 23:45:17 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/03/20 23:45:17 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/03/20 23:45:17 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/03/20 23:45:17 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/03/20 23:45:17 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/03/20 23:45:17 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/03/20 23:45:17 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/03/20 23:45:17 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/03/20 23:45:16 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/03/20 23:45:16 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/03/20 23:45:12 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/03/20 23:45:12 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/03/20 23:45:11 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/03/20 23:45:06 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/03/20 23:36:01 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2010/03/20 23:34:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/20 23:12:28 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/03/20 23:12:28 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/03/20 23:12:28 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/03/20 23:12:28 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/03/20 23:12:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/03/20 23:12:28 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/03/20 23:12:28 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/03/20 23:12:28 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/03/20 23:12:28 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/03/20 23:12:28 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/03/20 23:12:28 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/03/20 23:12:28 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/03/20 23:12:28 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/03/20 23:12:28 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/03/20 23:12:27 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/03/20 23:12:27 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/03/20 23:12:27 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/03/20 23:12:27 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/03/20 23:12:27 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/03/20 23:12:27 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/03/20 23:12:27 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/03/20 23:12:27 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/03/20 23:12:27 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/03/20 23:12:27 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/03/20 23:12:27 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/03/20 23:12:27 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/03/20 23:12:27 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/03/20 23:12:27 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/03/20 23:12:27 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/03/20 23:12:27 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/03/20 23:12:27 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/03/20 23:12:27 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/03/20 23:12:27 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/03/20 23:12:27 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/03/20 23:12:27 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/03/20 23:12:27 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/03/20 23:12:27 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/03/20 23:12:27 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/03/20 23:12:27 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/03/20 23:12:26 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/03/20 23:12:26 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/03/20 23:12:26 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/03/20 23:12:26 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/03/20 23:12:26 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/03/20 23:12:25 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/03/20 23:12:25 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/03/20 23:12:25 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/03/20 23:12:25 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/03/20 23:12:25 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/03/20 23:12:25 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/03/20 23:12:25 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/03/20 23:12:23 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/03/20 23:12:23 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/03/20 23:12:23 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/03/20 23:12:23 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/03/20 23:12:23 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/03/20 23:12:23 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/03/20 23:12:23 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/03/20 23:12:23 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/03/20 23:12:23 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/03/20 23:12:23 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/03/20 23:12:23 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/03/20 23:12:11 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/03/20 18:42:20 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/03/20 18:42:20 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/03/20 18:42:20 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/03/20 18:42:19 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/03/20 18:42:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/03/20 18:42:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/03/20 18:42:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/03/20 18:42:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/03/20 18:42:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/03/20 18:42:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/03/20 18:42:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/03/20 18:42:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/03/20 18:42:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/03/20 18:42:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/03/20 18:42:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/03/20 18:42:08 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/03/20 18:42:08 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/03/20 18:42:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/03/20 18:42:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/03/20 18:42:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/03/20 18:42:03 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/03/20 18:39:55 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/03/20 18:39:55 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/03/20 18:39:55 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/03/20 18:39:55 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/03/20 18:39:55 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/03/20 18:39:55 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/03/20 18:39:55 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/03/20 18:39:55 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/03/20 18:39:19 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/20 18:38:37 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/03/20 18:38:37 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/03/20 23:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/03/26 07:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/21 03:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2010/03/26 07:47:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/21 01:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/26 07:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\CheckPoint
[2010/03/24 16:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\D8585968FC18271731C4ED43D7D5AD4E
[2010/03/23 18:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\OxelonMC
[2010/03/22 06:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\ProfitUI Reborn Updater
[2010/03/26 08:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\QuickScan
[2010/03/20 23:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Windows Desktop Search
[2010/03/21 02:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\Windows Search
[2010/03/26 07:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\home\Application Data\WinPatrol
[2010/03/28 16:29:47 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

< End of report >

gideon01 · 2010/03/28

for a second before im redirected i can see the words searchclick put in the address bar

broni · 2010/03/28

In IE go Tools>Internet options>Advanced tab, click on "Reset" button.
Restart computer and see how it goes.

gideon01 · 2010/03/28

should i do that for firefox also?

broni · 2010/03/28

No. Firefox doesn't have that option.
Let's check IE first.

gideon01 · 2010/03/28

still getting redirected . i searched google for food and tried to open the top result in a new tab the new tab was redirected to here http://searchclick7.com/gosearch.php?q=food. google had the top result as a foodnetwork.com link
also after the redirect when i try to hit the back button to go back to google it just reloads the page i was redirected to

broni · 2010/03/28

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

"%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v

If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
When it is done, a log file should be created on your C: drive called TDSSKiller.txt please copy and paste the contents of that file here.

gideon01 · 2010/03/28

17:19:45:203 3004 TDSS rootkit removing tool 2.2.8.1 Mar 22 2010 10:43:04
17:19:45:203 3004 ================================================================================
17:19:45:203 3004 SystemInfo:

17:19:45:203 3004 OS Version: 5.1.2600 ServicePack: 3.0
17:19:45:203 3004 Product type: Workstation
17:19:45:203 3004 ComputerName: KLAHRE-61E8BF5D
17:19:45:203 3004 UserName: home
17:19:45:203 3004 Windows directory: C:\WINDOWS
17:19:45:203 3004 Processor architecture: Intel x86
17:19:45:203 3004 Number of processors: 1
17:19:45:203 3004 Page size: 0x1000
17:19:45:218 3004 Boot type: Normal boot
17:19:45:218 3004 ================================================================================
17:19:45:218 3004 UnloadDriverW: NtUnloadDriver error 2
17:19:45:218 3004 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
17:19:45:265 3004 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system
17:19:45:265 3004 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
17:19:45:265 3004 wfopen_ex: Trying to KLMD file open
17:19:45:265 3004 wfopen_ex: File opened ok (Flags 2)
17:19:45:265 3004 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software
17:19:45:265 3004 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
17:19:45:265 3004 wfopen_ex: Trying to KLMD file open
17:19:45:265 3004 wfopen_ex: File opened ok (Flags 2)
17:19:45:265 3004 Initialize success
17:19:45:265 3004
17:19:45:265 3004 Scanning Services ...
17:19:45:375 3004 Raw services enum returned 318 services
17:19:45:375 3004
17:19:45:375 3004 Scanning Kernel memory ...
17:19:45:375 3004 Devices to scan: 2
17:19:45:375 3004
17:19:45:375 3004 Driver Name: Disk
17:19:45:375 3004 IRP_MJ_CREATE : F763DBB0
17:19:45:375 3004 IRP_MJ_CREATE_NAMED_PIPE : 804FA88E
17:19:45:375 3004 IRP_MJ_CLOSE : F763DBB0
17:19:45:375 3004 IRP_MJ_READ : F7637D1F
17:19:45:375 3004 IRP_MJ_WRITE : F7637D1F
17:19:45:375 3004 IRP_MJ_QUERY_INFORMATION : 804FA88E
17:19:45:375 3004 IRP_MJ_SET_INFORMATION : 804FA88E
17:19:45:375 3004 IRP_MJ_QUERY_EA : 804FA88E
17:19:45:375 3004 IRP_MJ_SET_EA : 804FA88E
17:19:45:375 3004 IRP_MJ_FLUSH_BUFFERS : F76382E2
17:19:45:375 3004 IRP_MJ_QUERY_VOLUME_INFORMATION : 804FA88E
17:19:45:375 3004 IRP_MJ_SET_VOLUME_INFORMATION : 804FA88E
17:19:45:375 3004 IRP_MJ_DIRECTORY_CONTROL : 804FA88E
17:19:45:375 3004 IRP_MJ_FILE_SYSTEM_CONTROL : 804FA88E
17:19:45:375 3004 IRP_MJ_DEVICE_CONTROL : F76383BB
17:19:45:375 3004 IRP_MJ_INTERNAL_DEVICE_CONTROL : F763BF28
17:19:45:375 3004 IRP_MJ_SHUTDOWN : F76382E2
17:19:45:375 3004 IRP_MJ_LOCK_CONTROL : 804FA88E
17:19:45:375 3004 IRP_MJ_CLEANUP : 804FA88E
17:19:45:375 3004 IRP_MJ_CREATE_MAILSLOT : 804FA88E
17:19:45:375 3004 IRP_MJ_QUERY_SECURITY : 804FA88E
17:19:45:375 3004 IRP_MJ_SET_SECURITY : 804FA88E
17:19:45:375 3004 IRP_MJ_POWER : F7639C82
17:19:45:375 3004 IRP_MJ_SYSTEM_CONTROL : F763E99E
17:19:45:375 3004 IRP_MJ_DEVICE_CHANGE : 804FA88E
17:19:45:375 3004 IRP_MJ_QUERY_QUOTA : 804FA88E
17:19:45:375 3004 IRP_MJ_SET_QUOTA : 804FA88E
17:19:45:437 3004 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: 1
17:19:45:437 3004
17:19:45:437 3004 Driver Name: iastor
17:19:45:437 3004 IRP_MJ_CREATE : F745A094
17:19:45:437 3004 IRP_MJ_CREATE_NAMED_PIPE : 804FA88E
17:19:45:437 3004 IRP_MJ_CLOSE : F745A094
17:19:45:437 3004 IRP_MJ_READ : 804FA88E
17:19:45:437 3004 IRP_MJ_WRITE : 804FA88E
17:19:45:437 3004 IRP_MJ_QUERY_INFORMATION : 804FA88E
17:19:45:437 3004 IRP_MJ_SET_INFORMATION : 804FA88E
17:19:45:437 3004 IRP_MJ_QUERY_EA : 804FA88E
17:19:45:437 3004 IRP_MJ_SET_EA : 804FA88E
17:19:45:437 3004 IRP_MJ_FLUSH_BUFFERS : 804FA88E
17:19:45:437 3004 IRP_MJ_QUERY_VOLUME_INFORMATION : 804FA88E
17:19:45:437 3004 IRP_MJ_SET_VOLUME_INFORMATION : 804FA88E
17:19:45:437 3004 IRP_MJ_DIRECTORY_CONTROL : 804FA88E
17:19:45:437 3004 IRP_MJ_FILE_SYSTEM_CONTROL : 804FA88E
17:19:45:437 3004 IRP_MJ_DEVICE_CONTROL : F745D7E8
17:19:45:437 3004 IRP_MJ_INTERNAL_DEVICE_CONTROL : F745DAA8
17:19:45:437 3004 IRP_MJ_SHUTDOWN : 804FA88E
17:19:45:437 3004 IRP_MJ_LOCK_CONTROL : 804FA88E
17:19:45:437 3004 IRP_MJ_CLEANUP : 804FA88E
17:19:45:437 3004 IRP_MJ_CREATE_MAILSLOT : 804FA88E
17:19:45:437 3004 IRP_MJ_QUERY_SECURITY : 804FA88E
17:19:45:437 3004 IRP_MJ_SET_SECURITY : 804FA88E
17:19:45:437 3004 IRP_MJ_POWER : F7462118
17:19:45:437 3004 IRP_MJ_SYSTEM_CONTROL : F74621A4
17:19:45:437 3004 IRP_MJ_DEVICE_CHANGE : 804FA88E
17:19:45:437 3004 IRP_MJ_QUERY_QUOTA : 804FA88E
17:19:45:437 3004 IRP_MJ_SET_QUOTA : 804FA88E
17:19:45:453 3004 C:\WINDOWS\system32\DRIVERS\iaStor.sys - Verdict: 1
17:19:45:453 3004
17:19:45:453 3004 Completed
17:19:45:453 3004
17:19:45:453 3004 Results:
17:19:45:453 3004 Memory objects infected / cured / cured on reboot: 0 / 0 / 0
17:19:45:453 3004 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
17:19:45:453 3004 File objects infected / cured / cured on reboot: 0 / 0 / 0
17:19:45:453 3004
17:19:45:453 3004 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system
17:19:45:453 3004 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software
17:19:45:468 3004 KLMD(ARK) unloaded successfully

broni · 2010/03/28

Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

gideon01 · 2010/03/28

ComboFix 10-03-28.01 - home 03/28/2010 17:38:42.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1444 [GMT -4:00]
Running from: c:\documents and settings\home\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Toolbar4
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\basis.xml
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\bg.bmp
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\bing_logo.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\celebrity.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\drop_images.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\drop_maps.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\drop_news.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\drop_videos.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\drop_web.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\facebook.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\favicon.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\games.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\hotmail.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\icon.ico
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\images.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\include.xml
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\info.txt
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\lifestyle.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\maps.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\messenger.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\msn.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\news.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\twitter.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\uninstall.exe
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\update.exe
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\version.txt
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\video.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\videos.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\weather.png
c:\documents and settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\web.png

.
((((((((((((((((((((((((( Files Created from 2010-02-28 to 2010-03-28 )))))))))))))))))))))))))))))))
.

2010-03-28 20:07 . 2010-03-28 20:07 -------- d-----w- C:\_OTL
2010-03-28 08:45 . 2010-03-28 08:45 13132 ---ha-w- c:\windows\system32\mlfcache.dat
2010-03-28 06:59 . 2010-03-28 07:03 -------- d-----w- c:\program files\Tansee iPhone Copy
2010-03-26 21:18 . 2010-03-26 18:33 668648 ----a-w- c:\documents and settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-03-26 21:18 . 2010-03-26 18:33 830864 ----a-w- c:\documents and settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-03-26 12:22 . 2010-03-26 11:49 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-03-26 11:50 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-03-26 11:47 . 2010-03-26 11:47 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-03-26 11:47 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-03-26 11:47 . 2010-03-26 11:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-03-26 11:47 . 2010-03-26 11:48 -------- d-----w- c:\program files\Lavasoft
2010-03-26 11:43 . 2010-03-28 19:31 -------- d-----w- c:\program files\SpywareGuard
2010-03-26 11:30 . 2010-03-26 11:30 -------- d-----w- c:\documents and settings\home\Application Data\WinPatrol
2010-03-26 11:30 . 2010-03-21 03:48 0 ----a-w- c:\documents and settings\home\Application Data\WinPatrol\Config.sys
2010-03-26 11:30 . 2010-03-21 03:48 0 ----a-w- c:\documents and settings\home\Application Data\WinPatrol\Autoexec.bat
2010-03-26 11:30 . 2010-03-26 11:30 -------- d-----w- c:\program files\BillP Studios
2010-03-26 11:13 . 2010-03-28 21:34 -------- d-----w- c:\windows\Internet Logs
2010-03-26 11:10 . 2010-03-26 11:10 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP
2010-03-26 11:10 . 2005-08-25 23:18 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-03-26 11:10 . 2010-03-26 11:12 -------- d-----w- c:\program files\SpywareBlaster
2010-03-26 10:59 . 2010-03-26 12:00 -------- d-----w- c:\documents and settings\home\Application Data\QuickScan
2010-03-25 22:21 . 2010-03-25 22:21 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-03-24 22:54 . 2010-01-07 20:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-24 22:54 . 2010-01-07 20:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-24 20:06 . 2010-03-26 21:26 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-24 20:05 . 2010-03-24 20:05 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-03-24 19:58 . 2010-03-26 12:22 -------- d-sh--w- c:\documents and settings\home\.COMMgr
2010-03-24 19:57 . 2010-03-26 12:04 -------- d-----w- c:\windows\system32\msapps
2010-03-24 19:57 . 2010-03-24 20:26 -------- d-----w- c:\documents and settings\home\Application Data\D8585968FC18271731C4ED43D7D5AD4E
2010-03-23 22:26 . 2010-03-23 22:26 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-03-23 22:26 . 2010-03-23 22:26 -------- d-----w- c:\program files\DVDVideoSoft
2010-03-23 22:19 . 2010-03-23 22:19 -------- d-----w- c:\documents and settings\home\Application Data\OxelonMC
2010-03-23 22:19 . 2010-03-23 22:20 -------- d-----w- c:\program files\OxelonMedia
2010-03-23 20:03 . 2010-03-23 20:03 -------- d-----w- c:\program files\Sun
2010-03-23 20:00 . 2010-03-23 20:01 -------- d-----w- c:\documents and settings\home\.SunDownloadManager
2010-03-22 10:35 . 2010-03-22 10:36 -------- d-----w- c:\documents and settings\home\Application Data\ProfitUI Reborn Updater
2010-03-22 10:08 . 2010-03-22 10:08 -------- d-----w- c:\program files\Ventrilo
2010-03-22 10:08 . 2010-03-22 10:08 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-22 01:26 . 2010-03-22 01:26 -------- d-----w- c:\program files\Trend Micro
2010-03-21 23:00 . 2010-03-21 23:00 -------- d-----w- c:\windows\Sun
2010-03-21 22:09 . 2010-03-21 22:09 348160 ----a-w- c:\documents and settings\home\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4bdbf744-n\msvcr71.dll
2010-03-21 22:09 . 2010-03-21 22:09 61440 ----a-w- c:\documents and settings\home\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-63ad000f-n\decora-sse.dll
2010-03-21 22:09 . 2010-03-21 22:09 503808 ----a-w- c:\documents and settings\home\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4bdbf744-n\msvcp71.dll
2010-03-21 22:09 . 2010-03-21 22:09 499712 ----a-w- c:\documents and settings\home\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4bdbf744-n\jmc.dll
2010-03-21 22:09 . 2010-03-21 22:09 12800 ----a-w- c:\documents and settings\home\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-63ad000f-n\decora-d3d.dll
2010-03-21 18:41 . 2010-03-21 18:41 -------- d-----w- c:\documents and settings\home\Application Data\Malwarebytes
2010-03-21 18:41 . 2010-03-21 18:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-03-21 18:41 . 2010-03-25 10:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-21 12:37 . 2010-03-21 12:37 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-21 07:06 . 2010-03-21 07:06 0 ----a-w- c:\windows\nsreg.dat
2010-03-21 07:05 . 2010-03-21 07:05 -------- d-----w- c:\documents and settings\home\Local Settings\Application Data\Mozilla
2010-03-21 06:38 . 2008-04-13 17:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-03-21 06:38 . 2008-04-13 17:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-03-21 06:38 . 2001-08-18 02:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-03-21 06:38 . 2008-04-13 23:12 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-03-21 06:25 . 2010-03-21 06:25 -------- d-----w- c:\program files\WinSCP
2010-03-21 06:21 . 2010-03-21 06:21 -------- d-----w- c:\documents and settings\home\Application Data\Windows Search
2010-03-21 06:16 . 2009-12-17 21:14 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-21 05:22 . 2010-03-21 05:22 -------- d-----w- c:\program files\Sony
2010-03-21 05:22 . 2010-03-21 05:22 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-03-21 05:20 . 2010-03-28 07:21 13104 ----a-w- c:\documents and settings\home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-21 05:19 . 2010-03-28 07:57 -------- d-----w- c:\documents and settings\home\Application Data\Apple Computer
2010-03-21 05:19 . 2009-05-18 18:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-03-21 05:19 . 2008-04-17 17:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-03-21 05:17 . 2010-03-28 08:46 -------- d-----w- c:\documents and settings\home\Local Settings\Application Data\Apple Computer
2010-03-21 04:09 . 2010-03-22 09:46 -------- d-----w- c:\documents and settings\home\Local Settings\Application Data\ApplicationHistory
2010-03-21 04:04 . 2010-03-21 04:04 -------- d-----w- c:\documents and settings\home\Application Data\Yahoo!
2010-03-21 04:04 . 2010-03-21 04:04 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-28 21:02 . 2010-03-26 11:40 9795271 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-03-28 00:41 . 2010-03-21 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-03-28 00:05 . 2010-03-21 03:35 -------- d-----w- c:\program files\Windows Media Connect 2
2010-03-26 11:14 . 2010-03-26 11:14 -------- d-----w- c:\documents and settings\home\Application Data\CheckPoint
2010-03-26 11:14 . 2010-03-26 11:14 -------- d-----w- c:\program files\CheckPoint
2010-03-26 11:14 . 2010-03-26 11:14 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-03-26 11:14 . 2010-03-26 11:14 -------- d-----w- c:\program files\Zone Labs
2010-03-25 01:08 . 2004-08-12 14:11 477952 ----a-w- c:\windows\system32\drivers\iaStor.sys
2010-03-24 20:30 . 2010-03-21 03:55 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-23 20:03 . 2010-03-21 02:59 -------- d-----w- c:\program files\Java
2010-03-21 22:09 . 2010-03-21 02:59 -------- d-----w- c:\program files\Common Files\Java
2010-03-21 12:37 . 2010-03-21 03:58 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-21 12:37 . 2010-03-21 03:58 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-21 12:37 . 2010-03-21 03:58 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-21 06:38 . 2010-03-21 05:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-03-21 05:22 . 2010-03-21 03:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-21 05:19 . 2010-03-21 05:19 -------- d-----w- c:\program files\iTunes
2010-03-21 05:19 . 2010-03-21 05:19 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-03-21 05:19 . 2010-03-21 05:19 -------- d-----w- c:\program files\iPod
2010-03-21 05:19 . 2010-03-21 05:17 -------- d-----w- c:\program files\Common Files\Apple
2010-03-21 05:19 . 2010-03-21 05:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-03-21 05:18 . 2010-03-21 05:18 -------- d-----w- c:\program files\Bonjour
2010-03-21 05:18 . 2010-03-21 05:18 -------- d-----w- c:\program files\QuickTime
2010-03-21 05:18 . 2010-03-21 05:18 -------- d-----w- c:\program files\Apple Software Update
2010-03-21 04:20 . 2010-03-21 03:35 -------- d-----w- c:\program files\Windows Desktop Search
2010-03-21 03:58 . 2010-03-21 03:58 -------- d-----w- c:\program files\AVG
2010-03-21 03:58 . 2010-03-21 03:58 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-03-21 03:58 . 2010-03-21 03:58 -------- d-----w- c:\program files\Broadcom
2010-03-21 03:58 . 2010-03-21 03:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-21 03:57 . 2010-03-21 03:57 -------- d-----w- c:\program files\Intel
2010-03-21 03:56 . 2010-03-21 03:56 -------- d-----w- c:\program files\Analog Devices
2010-03-21 03:48 . 2010-03-21 03:48 -------- d-----w- c:\program files\microsoft frontpage
2010-03-21 03:46 . 2010-03-21 03:46 -------- d-----w- c:\program files\NVIDIA Corporation
2010-03-21 03:46 . 2010-03-21 03:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-03-21 03:45 . 2010-03-21 03:45 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-03-21 03:39 . 2010-03-21 03:39 -------- d-----w- c:\program files\MSBuild
2010-03-21 03:39 . 2010-03-21 03:39 -------- d-----w- c:\program files\Reference Assemblies
2010-03-21 03:36 . 2010-03-21 03:36 -------- d-----w- c:\documents and settings\home\Application Data\Windows Desktop Search
2010-03-21 03:23 . 2010-03-21 03:47 77423 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-15 22:41 . 2010-02-15 22:41 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-01-12 17:03 . 2010-03-21 03:12 10276768 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-01-12 17:03 . 2010-01-12 17:03 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-01-12 17:03 . 2010-01-12 17:03 4104192 ----a-w- c:\windows\system32\nvcuda.dll
2010-01-12 17:03 . 2010-01-12 17:03 4077672 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-01-12 17:03 . 2010-01-12 17:03 2283526 ----a-w- c:\windows\system32\nvdata.bin
2010-01-12 17:03 . 2010-01-12 17:03 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2010-01-12 17:03 . 2010-01-12 17:03 182888 ----a-w- c:\windows\system32\nvcodins.dll
2010-01-12 17:03 . 2010-01-12 17:03 182888 ----a-w- c:\windows\system32\nvcod.dll
2010-01-12 17:03 . 2010-01-12 17:03 14458880 ----a-w- c:\windows\system32\nvoglnt.dll
2010-01-12 17:03 . 2010-01-12 17:03 11632640 ----a-w- c:\windows\system32\nvcompiler.dll
2010-01-12 17:03 . 2010-01-12 17:03 1081344 ----a-w- c:\windows\system32\nvapi.dll
2010-01-12 17:03 . 2008-04-14 00:12 6359168 ----a-w- c:\windows\system32\nv4_disp.dll
2010-01-12 03:17 . 2010-01-12 03:17 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-01-12 03:17 . 2010-01-12 03:17 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-01-12 03:17 . 2010-01-12 03:17 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-01-12 03:17 . 2010-01-12 03:17 13666408 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-12 03:17 . 2010-01-12 03:17 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-12 03:17 . 2010-01-12 03:17 81920 ----a-w- c:\windows\system32\nvwddi.dll
2009-12-31 16:50 . 2004-08-12 14:06 353792 ----a-w- c:\windows\system32\drivers\srv.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer "= "c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP "= "c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-06-30 1388544]
"IAAnotif "= "c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"QuickTime Task "= "c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2010-01-12 13666408]
"ZoneAlarm Client "= "c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"ISW "= "c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-14 730480]
"WinPatrol "= "c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-10-10 320832]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-21 12:37 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@= "Service "

[HKLM\~\startupfolder\C:^Documents and Settings^home^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\home\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-01-07 20:07 429392 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications "= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe "=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe "=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"c:\\Program Files\\Sony\\Station\\Launchpad\\LaunchPad.exe "=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe "=
"c:\\Program Files\\Sony\\EverQuest II\\EQ2VoiceService.exe "=
"c:\\WINDOWS\\system32\\spoolsv.exe "=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [3/26/2010 7:50 AM 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/20/2010 11:58 PM 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/20/2010 11:58 PM 242696]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [3/21/2010 8:37 AM 916760]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3/21/2010 8:37 AM 308064]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [10/14/2009 9:30 AM 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [10/14/2009 9:30 AM 476528]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/4/2010 11:52 AM 1263728]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - KLMD21
*Deregistered* - klmd21
.
Contents of the 'Scheduled Tasks' folder

2010-03-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 11:49]

2010-03-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.whtm.com
uInternet Settings,ProxyOverride = *.local
TCP: {7076810B-EFD8-4D07-9781-31A5C01D8A1A} = 217.23.14.75,4.2.2.1,192.168.2.1
FF - ProfilePath - c:\documents and settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - www.msn.com
FF - component: c:\documents and settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\documents and settings\home\Application Data\Mozilla\Firefox\Profiles\lkk0n11m.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "html5.enable ", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);
.
- - - - ORPHANS REMOVED - - - -

BHO-{25526b16-f633-481c-8891-b9f8903112a4} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-28 17:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(664)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'lsass.exe'(720)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Completion time: 2010-03-28 17:45:33
ComboFix-quarantined-files.txt 2010-03-28 21:45

Pre-Run: 134,549,602,304 bytes free
Post-Run: 134,520,590,336 bytes free

- - End Of File - - 8CC13D691CA87579922BB6C138070188

gideon01 · 2010/03/28

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:48:05 PM, on 3/28/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.whtm.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: Ã¿Ã¾127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {25526b16-f633-481c-8891-b9f8903112a4} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon= "hidden "
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7076810B-EFD8-4D07-9781-31A5C01D8A1A}: NameServer = 217.23.14.75,4.2.2.1,192.168.2.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6645 bytes

broni · 2010/03/28

...and redirections?

Log in or Sign up

Solved redirect/ fake virus scanner problem..

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved redirect/ fake virus scanner problem..

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

gideon01 Inactive Thread Starter

gideon01 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches