Solved svchost.exe error 0x7c91b21a

fix log

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95fe080-8f5d-11d2-a20b-00aa003c157b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95fe080-8f5d-11d2-a20b-00aa003c157b}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File oft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome\BH00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\AxMetaStream_Win folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
Unable to delete ADS C:\WINDOWS\System32\net1.exe:SummaryInformation .
Unable to delete ADS C:\WINDOWS\System32\dllhost.exe:SummaryInformation .
Unable to delete ADS C:\WINDOWS\System32\ati2evxx.exe:SummaryInformation .
Unable to delete ADS D:\My Documents\home.html:Q30lsldxJoudresxAaaqpcawXc .
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5F7539FF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMPDE29E40 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP2F2F703 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:B7177954 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5F64C164 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:B42C512A deleted successfully.
ADS C:\WINDOWS\system32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} deleted successfully.
ADS C:\WINDOWS\system32:{4B9A1497-0817-47C4-9612-D5A1C53ACF57} deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:F10A4358 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:3AC4C770 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 38766 bytes
->FireFox cache emptied: 26005175 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes

User: endicia
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 196608 bytes
->Java cache emptied: 0 bytes

User: Jason
->Temp folder emptied: 3197469 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: Jay
->Temp folder emptied: 352332 bytes
->Temporary Internet Files folder emptied: 1611520 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 316581354 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2422 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 65670 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: LogMeInRemoteUser.JAY-DELL
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: MAS

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 3494513 bytes
%systemroot%\System32 .tmp files removed: 1611489 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 16000 bytes
Windows Temp folder emptied: 255855 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 337.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: endicia

User: Jason

User: Jay
->Flash cache emptied: 0 bytes

User: LocalService

User: LogMeInRemoteUser

User: LogMeInRemoteUser.JAY-DELL

User: MAS

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.6.0 log created on 06212010_084614

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Jay\Local Settings\Temp\Perflib_Perfdata_1148.dat not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Temp\Perflib_Perfdata_84c.dat not found!
C:\Documents and Settings\Jay\Local Settings\Temp\~DFC342.tmp moved successfully.
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_bubble_close[9643].jpg not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_bubble_left[9645].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_bubble_right[9647].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_left_anchor_bubble_bot[9649].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_left_anchor_bubble_top[9650].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_no_anchor_bubble_bot[9652].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_no_anchor_bubble_top[9653].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_right_anchor_bubble_bot[9655].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\aim_right_anchor_bubble_top[9656].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\bidi_controls[9658].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\bubble_closebox[9664].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\eventheader_border[9668].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\labs_bar_icon[9716].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\muc_bubble_left[9673].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\muc_bubble_right[9674].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\muc_left_anchor_bubble_bot[9675].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\muc_left_anchor_bubble_top[9676].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\muc_no_anchor_bubble_bot[9747].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\muc_no_anchor_bubble_top[9749].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\muc_right_anchor_bubble_bot[9682].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\muc_right_anchor_bubble_top[9684].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\shadow-bottom-border[9693].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\shadow-bottom-left[9694].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\shadow-bottom-right[9696].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\shadow-left-side[9697].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\shadow-right-side[9698].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\shadow-top-left[9699].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\shadow-top-right[9702].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\stamp_authentication_key[9718].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\tb_xgroupchat[9606].png not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\toolbar3_bidi3[9706].gif not found!
File\Folder C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\Google Gears for Firefox\mail.google.com\https_443\WebCache-MAIN_IMAGES-jason@pioneerpsg.com-GoogleMail@p2494600848[13]#localserver\toolbar_call_bg[9612].png not found!
C:\WINDOWS\temp\vmware-SYSTEM-3891100306\vmware-usbarb-SYSTEM-5296.log moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_864.dat moved successfully.

Registry entries deleted on Reboot...

 

scan 2 part 1

OTL logfile created on: 6/21/2010 12:49:01 - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Jay\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 54.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 3069 3069 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49.75 Gb Total Space | 6.45 Gb Free Space | 12.96% Space Free | Partition Type: NTFS
Drive D: | 136.43 Gb Total Space | 4.13 Gb Free Space | 3.02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.64 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 17.59 Mb Total Space | 17.31 Mb Free Space | 98.37% Space Free | Partition Type: FAT

Computer Name: ME
Current User Name: Jay
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/20 17:21:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jay\Desktop\OTL.exe
PRC - [2010/05/29 17:57:57 | 003,220,912 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2010/05/27 05:08:36 | 000,436,267 | ---- | M] (http://www.ruby-lang.org/) -- C:\metasploit\ruby\bin\rubyw.exe
PRC - [2010/05/21 00:56:36 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
PRC - [2010/05/21 00:56:32 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2010/05/21 00:56:18 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
PRC - [2010/05/20 23:40:20 | 000,539,184 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2010/05/19 07:49:40 | 000,414,736 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessLasso.exe
PRC - [2010/05/19 07:49:40 | 000,252,944 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessGovernor.exe
PRC - [2010/04/25 13:23:58 | 001,284,600 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2010/04/19 20:03:32 | 000,405,672 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2010/04/19 20:03:32 | 000,337,064 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2010/04/19 20:03:32 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/04/17 17:56:06 | 000,073,960 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2010/03/24 16:38:23 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/03/24 16:38:19 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/03/24 16:38:19 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/03/18 15:07:02 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/03/02 22:33:24 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Jay\Local Settings\Application Data\MagicsilencePlugin\MagicsilencePlugin.exe
PRC - [2009/11/03 15:48:54 | 000,874,768 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/11/03 15:45:52 | 000,348,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2009/11/03 15:45:48 | 001,372,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2009/11/03 15:42:00 | 000,909,312 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009/11/03 15:35:14 | 001,202,448 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009/11/03 15:33:48 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/10/11 04:07:08 | 000,320,832 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/10/08 21:10:42 | 000,424,688 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2009/09/30 00:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/09/29 05:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) -- C:\metasploit\apache2\bin\httpd.exe
PRC - [2009/07/30 19:39:12 | 001,216,648 | ---- | M] (Ext2Fsd Group (www.ext2fsd.com)) -- C:\Program Files\Ext2Fsd\Ext2Mgr.exe
PRC - [2009/06/28 05:42:41 | 004,505,600 | ---- | M] (PostgreSQL Global Development Group) -- C:\metasploit\postgresql\bin\postgres.exe
PRC - [2009/06/28 05:42:41 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\metasploit\postgresql\bin\pg_ctl.exe
PRC - [2008/10/27 11:27:12 | 002,620,416 | ---- | M] (Desksware) -- C:\Program Files\Desksware\Power Favorites\Bookmark.exe
PRC - [2008/07/25 13:22:52 | 000,031,744 | ---- | M] (DiamondCS) -- C:\Program Files\ProcessGuard\DCSUserProt.exe
PRC - [2008/07/25 13:22:50 | 000,267,287 | ---- | M] (DiamondCS) -- C:\Program Files\ProcessGuard\procguard.exe
PRC - [2008/07/25 13:11:58 | 000,120,832 | ---- | M] (DiamondCS) -- C:\Program Files\ProcessGuard\pgaccount.exe
PRC - [2008/05/01 08:52:36 | 000,200,704 | ---- | M] (OptionNV) -- C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe
PRC - [2008/04/14 07:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 15:11:56 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/11/15 11:46:00 | 000,131,072 | ---- | M] (Brio) -- C:\Program Files\FolderSize\FolderSizeSvc.exe
PRC - [2007/05/11 16:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe
PRC - [2006/11/03 10:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2004/06/15 15:02:04 | 000,582,144 | ---- | M] (Basta Computing) -- C:\Program Files\Basta Computing\Horas\Horas.exe
PRC - [2003/07/25 02:40:06 | 000,335,872 | ---- | M] (Globe Software) -- C:\Program Files\Globe Software\StatBar\StatBar.exe
PRC - [2000/05/20 17:23:48 | 000,086,016 | ---- | M] () -- C:\WINDOWS\StartupMonitor.exe
PRC - [1999/05/15 10:48:00 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\Clipomatic\Clipomatic.exe


========== Modules (SafeList) ==========

MOD - [2010/06/20 17:21:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jay\Desktop\OTL.exe
MOD - [2008/04/14 07:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/01/29 15:05:22 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2007/03/27 01:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (TivoBeacon2)
SRV - [2010/06/15 23:38:10 | 001,585,152 | ---- | M] (NanJing Nagasoft Co, LTD.) [On_Demand | Stopped] -- C:\WINDOWS\system32\Nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2010/05/27 05:08:36 | 000,436,267 | ---- | M] (http://www.ruby-lang.org/) [Auto | Running] -- C:\metasploit\ruby\bin\rubyw.exe -- (metasploitThin)
SRV - [2010/05/27 05:08:36 | 000,436,267 | ---- | M] (http://www.ruby-lang.org/) [Auto | Running] -- C:\metasploit\ruby\bin\rubyw.exe -- (metasploitProSvc)
SRV - [2010/05/21 00:56:36 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010/05/21 00:56:32 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2010/05/21 00:56:18 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2010/05/20 23:40:20 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010/05/12 05:07:04 | 000,084,657 | ---- | M] (PostgreSQL Global Development Group) [On_Demand | Stopped] -- C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\pg_ctl.exe -- (nxpgsql)
SRV - [2010/04/27 16:42:04 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010/04/25 13:29:11 | 003,506,680 | ---- | M] (Tall Emu) [Auto | Stopped] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2010/04/25 13:23:58 | 001,284,600 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2010/04/19 20:03:32 | 000,405,672 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2010/04/19 20:03:32 | 000,337,064 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2010/04/19 20:03:32 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/04/17 17:56:06 | 000,073,960 | ---- | M] (tzuk) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010/04/12 09:24:12 | 000,010,240 | ---- | M] (Tenable Network Security, Inc) [On_Demand | Stopped] -- C:\Program Files\Tenable\Nessus\nessus-service.exe -- (Tenable Nessus)
SRV - [2010/03/24 16:38:23 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/01/27 09:09:02 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/11/03 15:48:54 | 000,874,768 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009/11/03 15:45:52 | 000,348,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2009/11/03 15:42:00 | 000,909,312 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2009/11/03 15:33:48 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2009/10/22 16:27:36 | 000,356,008 | ---- | M] (Elcomsoft Co. Ltd.) [On_Demand | Stopped] -- C:\Program Files\ElcomSoft\Distributed Password Recovery\esdprs.exe -- (ElcomSoftDistributedPasswordRecoveryServer)
SRV - [2009/09/30 00:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/09/29 05:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\metasploit\apache2\bin\httpd.exe -- (metasploitApache)
SRV - [2009/07/30 19:39:12 | 001,216,648 | ---- | M] (Ext2Fsd Group (www.ext2fsd.com)) [Auto | Running] -- C:\Program Files\Ext2Fsd\Ext2Mgr.exe -- (Ext2Mgr)
SRV - [2009/07/09 22:02:02 | 000,329,072 | ---- | M] (GFI Software Ltd.) [On_Demand | Stopped] -- C:\Program Files\GFI\LANguard 9.0\lnssatt.exe -- (gfi_lanss9_attservice)
SRV - [2009/06/28 05:42:41 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\metasploit\postgresql\bin\pg_ctl.exe -- (metasploitPostgreSQL-1)
SRV - [2009/06/28 05:42:41 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Disabled | Stopped] -- C:\metasploit\postgresql\bin\pg_ctl.exe -- (metasploitPostgreSQL)
SRV - [2008/12/19 01:47:08 | 009,158,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -- (MSSQL$MICROSOFTSMLBIZ)
SRV - [2008/11/02 20:48:48 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2008/09/12 01:58:40 | 000,258,048 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Franson\GpsGate 2.0\GpsGateService.exe -- (Franson GpsGate 2.0)
SRV - [2008/09/08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/09/05 05:09:02 | 000,111,896 | ---- | M] (PCTEL) [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe -- (ATTRcAppSvc)
SRV - [2008/08/01 05:41:46 | 000,015,872 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2008/07/25 13:22:52 | 000,031,744 | ---- | M] (DiamondCS) [Auto | Running] -- C:\Program Files\ProcessGuard\dcsuserprot.exe -- (DCSPGSRV)
SRV - [2008/05/01 08:52:36 | 000,200,704 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc)
SRV - [2008/02/29 05:31:50 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/11/15 11:46:00 | 000,131,072 | ---- | M] (Brio) [Auto | Running] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV - [2007/07/15 15:30:23 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/05/11 16:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2006/11/03 10:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/07/07 08:41:42 | 000,229,376 | ---- | M] (Apple Computer, Inc.) [On_Demand | Stopped] -- C:\Program Files\Gizmo Project\mDNSResponder.exe -- (Bonjour Service)
SRV - [2005/05/04 09:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - [2005/01/04 02:11:00 | 000,237,626 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Nfserver\nfsd.exe -- (Omni-NFS Server)
SRV - [2003/04/08 02:11:00 | 000,118,784 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Nfserver\Lpd.exe -- (XLink LPD)


========== Driver Services (SafeList) ==========

DRV - [2010/06/19 03:01:27 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2010/05/21 00:56:56 | 000,854,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2010/05/21 00:56:56 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2010/05/21 00:55:04 | 000,024,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2010/05/21 00:54:02 | 000,032,688 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2010/05/21 00:53:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2010/05/20 23:40:08 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2010/05/20 21:19:20 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmusb.sys -- (vmusb)
DRV - [2010/05/20 21:19:20 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010/05/06 17:10:20 | 000,068,168 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/27 16:41:40 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2010/04/25 13:25:50 | 000,029,560 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2010/04/25 13:25:46 | 000,024,440 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2010/04/25 13:25:41 | 000,225,936 | ---- | M] (Tall Emu) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2010/04/17 17:56:02 | 000,115,944 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/04/06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2010/03/24 16:38:23 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/03/24 16:38:23 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/11 19:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/01/27 09:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/12/30 12:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/12/08 22:06:09 | 000,104,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009/12/03 00:06:12 | 000,126,542 | ---- | M] (R-TT Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\R-Drive Image\R-ImageDisk.sys -- (R-ImageDisk)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/26 05:47:30 | 004,221,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2009/10/05 04:33:14 | 000,115,312 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2009/09/28 02:02:44 | 000,014,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/09/27 00:57:34 | 000,025,768 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009/07/26 16:22:34 | 000,651,264 | ---- | M] (www.ext2fsd.com) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ext2fsd.sys -- (Ext2Fsd)
DRV - [2009/06/26 14:21:34 | 000,323,328 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB)
DRV - [2009/06/11 15:22:26 | 000,107,776 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/07 19:45:24 | 000,012,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ekauio.sys -- (Ekauio)
DRV - [2009/03/15 17:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/02/26 05:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/01/30 14:43:59 | 000,099,776 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/11/21 11:59:02 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2008/11/02 20:48:39 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/11/02 20:48:39 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/11/01 22:46:48 | 000,094,608 | ---- | M] (R-TT Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\R-Drive Image\DrvSnSht.sys -- (DrvSnSht)
DRV - [2008/09/05 05:03:54 | 000,032,408 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/21 03:36:36 | 000,142,976 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumx80.sys -- (SWUMX80) Sierra Wireless USB MUX Driver (UMTS80)
DRV - [2008/08/21 03:35:40 | 000,168,192 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8u80.sys -- (SWNC8U80) Sierra Wireless MUX NDIS Driver (UMTS80)
DRV - [2008/08/14 07:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/08/01 05:42:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2008/07/25 13:33:06 | 000,026,688 | ---- | M] (DiamondCS) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\procguard.sys -- (procguard)
DRV - [2008/07/23 17:33:07 | 000,003,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\socketlock.sys -- (SocketLock)
DRV - [2008/06/26 06:26:36 | 000,335,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2008/06/20 06:38:34 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008/06/08 23:37:56 | 000,132,904 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys -- (imagesrv)
DRV - [2008/06/08 23:37:46 | 000,011,304 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\imagedrv.sys -- (imagedrv)
DRV - [2008/04/14 01:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/14 01:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/14 01:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/14 01:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/14 01:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/14 01:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 01:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 23:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/29 05:31:52 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/02/17 19:55:44 | 000,021,888 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hopperp.sys -- (HopperP) WiFi Hopper (XP)
DRV - [2008/02/17 09:15:06 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/02/17 09:15:04 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2008/02/17 09:15:00 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/02/17 09:15:00 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/17 09:14:58 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/02/17 09:14:56 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/02/17 09:14:52 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/02/09 02:00:22 | 000,059,648 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS)
DRV - [2008/01/21 08:36:56 | 000,035,840 | ---- | M] (Sax software company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SAXNDIS.sys -- (SaxNDIS) Ax3soft Packet Driver (SaxNDIS)
DRV - [2008/01/04 07:21:32 | 000,026,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2007/11/10 04:57:58 | 000,031,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FireLion Softwares\Anti Keyloggers\kguard.sys -- (kguard)
DRV - [2007/09/24 17:12:46 | 000,029,768 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\elrawdsk.sys -- (ElRawDisk)
DRV - [2007/06/27 12:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 12:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2007/06/19 02:15:44 | 000,025,773 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\regguard.sys -- (RegGuard)
DRV - [2007/06/17 12:43:50 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/06/12 11:08:44 | 000,052,944 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\evserial.sys -- (evserial) Virtual Serial Ports Driver (Eltima Softwate)
DRV - [2007/06/12 11:08:38 | 000,026,448 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\evsbc.sys -- (VSBC) Virtual Serial Bus Enumerator (Eltima Software)
DRV - [2007/05/29 11:38:10 | 000,014,848 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV - [2007/05/29 11:38:10 | 000,014,848 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SiUSBXp.sys -- (INFUNLTD)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/05/03 21:22:04 | 000,188,672 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2007/04/04 20:27:14 | 001,471,104 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC301b) Vimicro USB PC Camera (ZC0301PL)
DRV - [2007/03/31 02:38:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2007/02/26 23:45:39 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
DRV - [2007/02/07 15:46:52 | 000,017,280 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vsb.sys -- (vsbus)
DRV - [2007/01/15 11:00:06 | 000,045,056 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vserial.sys -- (vserial)
DRV - [2006/11/21 18:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/10/17 11:55:28 | 001,711,104 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Intel(R)
DRV - [2006/10/01 19:37:02 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0801.sys -- (tap0801)
DRV - [2006/09/08 17:01:20 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/07/25 00:00:00 | 000,498,464 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0230VID.sys -- (V0230VID)
DRV - [2006/04/27 04:13:04 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006/04/03 22:00:56 | 000,014,949 | ---- | M] (franson.biz) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bizVSerialNT.sys -- (bizVSerial)
DRV - [2006/03/27 01:51:14 | 000,030,820 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore.sys -- (hotcore)
DRV - [2006/03/24 00:00:00 | 000,006,272 | R--- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0230Vfx.sys -- (V0230Vfx)
DRV - [2006/03/08 12:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/03/07 22:36:20 | 000,013,351 | ---- | M] (ISecSoft Inc.) [Kernel | Auto | Running] -- C:\Program Files\Anti Keylogger Elite\AKEProtect.sys -- (AKEProtect)
DRV - [2006/01/10 12:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/12 08:36:00 | 000,009,760 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\softctrl.sys -- (softctrl)
DRV - [2005/11/01 18:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/09/23 13:38:54 | 000,068,260 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2005/09/20 06:23:02 | 000,238,080 | ---- | M] (TamoSoft, Inc.) [CommView] Intel(R) PRO/Wireless 7100 Adapter Driver [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\commipw.sys -- (CommIpw)
DRV - [2005/08/13 05:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/22 08:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 08:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 08:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/07/15 02:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005/01/13 10:06:48 | 000,035,107 | ---- | M] (Winternals) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VDiskBus.sys -- (vdiskbus)
DRV - [2004/10/15 18:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/09/21 00:44:48 | 000,005,652 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/08/04 10:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/10 21:54:26 | 000,024,576 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0801co.sys -- (tap0801co) TAP-Win32 Adapter V8 (coLinux)
DRV - [2004/04/02 03:13:36 | 000,091,392 | ---- | M] (TamoSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\commsym.sys -- (COMMSYM)
DRV - [2004/03/24 09:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5)
DRV - [2004/02/13 21:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/10/03 05:47:14 | 000,666,624 | ---- | M] (GlobespanVirata, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PRISMUSB.sys -- (PRISM_USB)
DRV - [2002/12/16 18:11:02 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2002/12/16 18:11:02 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (Sntnlusb)
DRV - [2001/08/18 04:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/18 02:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/18 02:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/18 02:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/18 02:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/18 02:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/18 01:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/18 01:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/18 01:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/18 01:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/18 01:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/18 01:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/18 01:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/18 01:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/18 01:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/18 01:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2000/09/19 11:16:56 | 000,003,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DLPORTIO.SYS -- (DLPortIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6061004
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6061004

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 13:55:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2007/06/27 21:35:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/10 00:03:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/17 01:29:11 | 000,000,000 | ---D | M]

[2008/07/01 15:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Extensions
[2008/10/06 15:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\3b24fhi1.New profile\extensions
[2010/06/20 11:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions
[2010/01/17 11:38:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/05/18 20:15:18 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/04/29 02:44:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/26 06:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2010/06/02 17:27:10 | 000,000,000 | ---D | M] (Leet Key) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{3335F91D-2AEF-4097-B831-C96C60349822}
[2010/03/17 11:56:44 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010/05/12 16:22:52 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010/06/12 14:57:07 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/05/01 04:38:36 | 000,000,000 | ---D | M] (PlainOldFavorites) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}
[2010/06/04 06:18:45 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/05/29 11:26:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}
[2010/04/30 19:09:38 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/18 04:59:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2009/11/22 06:02:33 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/08/01 03:15:46 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010/05/27 00:02:15 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2010/04/29 02:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\amznUWL@amazon.com
[2010/05/19 20:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\bettergmail2@ginatrapani.org
[2009/01/07 10:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\bkmrksync@nokia.com
[2010/06/10 12:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\canitbecheaper@trafficbroker.co.uk
[2010/02/12 13:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\change@c-est-simple.com
[2010/06/04 06:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\firefox-tagger@yapta.com
[2010/05/28 15:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\izer@camelcamelcamel.com
[2009/02/24 11:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\LogMeInClient@logmein.com
[2010/03/13 02:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\master@desksware.com
[2010/05/12 15:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\ShortenURL@loucypher
[2009/07/13 18:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\TabSidebar@blueprintit.co.uk
[2010/03/16 18:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\ruv5qlwc.original\extensions\tinyurl.addon@fast-chat.co.uk
[2010/06/20 11:58:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/06/05 00:48:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/01/15 14:06:43 | 000,000,000 | ---D | M] (TextAloud Firefox Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{99a0337c-6303-4879-b72e-500fd9aaca8c}
[2010/04/29 15:42:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/12/16 08:41:23 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
[2008/06/18 13:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/05/02 23:37:48 | 000,061,440 | ---- | M] (Joost Technologies B.V. ) -- C:\Program Files\Mozilla Firefox\plugins\npJoostPlugin.dll
[2006/01/19 02:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

 

part 2

O1 HOSTS File: ([2010/06/21 12:26:47 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Powermarks IEC) - {6172E460-FAE3-11D2-B494-004005A47AAA} - C:\Program Files\Powermarks 3.5\iec.dll (Kaylon Technologies Inc.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Spb Wallet) - {2913D3DD-9363-4C21-B205-C19A584A0674} - C:\Program Files\Spb Wallet\SpbWalletToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Powermarks) - {E166B4A2-83E7-11D3-B4FD-004005A47AAA} - C:\Program Files\Powermarks 3.5\iec.dll (Kaylon Technologies Inc.)
O3 - HKLM\..\Toolbar: (TextAloud) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files\TextAloud\TAForIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-F7ED0776FB27} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [!1_pgaccount] C:\Program Files\ProcessGuard\pgaccount.exe (DiamondCS)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
O4 - HKLM..\Run: [ProcessLassoManagementConsole] C:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
O4 - HKCU..\Run: [!1_ProcessGuard_Startup] C:\Program Files\ProcessGuard\procguard.exe (DiamondCS)
O4 - HKCU..\Run: [Antivirus System Tray Tool] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [cdloader] C:\DOCUMENTS AND SETTINGS\Jay\APPLICATION DATA\mjusbsp\CDLOADER2.EXE (magicJack L.P.)
O4 - HKCU..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\KeyScrambler.exe (QFX Software Corporation)
O4 - HKCU..\Run: [pgaccount] C:\Program Files\ProcessGuard\pgaccount.exe (DiamondCS)
O4 - HKCU..\Run: [StartupMonitor] C:\WINDOWS\StartupMonitor.exe ()
O4 - HKCU..\Run: [WinPatrol PLUS] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\Jay\Start Menu\Programs\Startup\MagicsilencePlugin.lnk = C:\Documents and Settings\Jay\Local Settings\Application Data\MagicsilencePlugin\MagicsilencePlugin.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Add to Power Favorites - C:\Program Files\Desksware\Power Favorites\copyurl.htm ()
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download FLV videos with IDM from 10 last requested - C:\Program Files\Internet Download Manager\IEGetVL2.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll (VisualWare)
O9 - Extra 'Tools' menuitem : VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll (VisualWare)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O15 - HKCU\..Trusted Domains: advanta.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bankofamerica.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: commerceonline.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: forexdirectory.net ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([mail] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ingdirect.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: macromedia.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O15 - HKCU\..Trusted Domains: nv.gov ([www.nevadatax] https in Trusted sites)
O15 - HKCU\..Trusted Domains: scbeasy.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: schickquattro.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: vaporwarez.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: vaporwarez.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: wamu.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (C:\WINDOWS\SYSTEM32\RtlGina\RtlGina.DLL) - C:\WINDOWS\system32\RtlGina\RtlGina.dll (Realtek)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\KeyScrambler: DllName - KeyScramblerLogon.dll - C:\WINDOWS\System32\KeyScramblerLogon.dll (QFX Software Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jay\Application Data\FastStone\FSIV\FSViewerWallPaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jay\Application Data\FastStone\FSIV\FSViewerWallPaper.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files\Qualcomm\Eudora\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 16:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/02/29 20:13:53 | 000,575,080 | R--- | M] (magicJack L.P.) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/02/29 20:13:53 | 000,016,158 | R--- | M] () - F:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2008/02/29 20:13:53 | 000,000,308 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008/01/04 18:17:30 | 000,000,270 | ---- | M] () - I:\autorun.inf -- [ FAT ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/21 08:46:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/20 17:21:58 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jay\Desktop\OTL.exe
[2010/06/20 17:19:14 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/06/20 02:10:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/06/19 12:32:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/19 12:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\HostsXpert
[2010/06/19 05:08:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jay\Recent
[2010/06/19 02:35:25 | 000,000,000 | ---D | C] -- C:\metasploit
[2010/06/19 02:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Local Settings\Application Data\MagicRingForever
[2010/06/19 02:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Local Settings\Application Data\MagicsilencePlugin
[2010/06/18 04:29:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\Dell
[2010/06/18 04:16:28 | 000,000,000 | ---D | C] -- C:\iolo
[2010/06/18 04:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\iolo
[2010/06/18 04:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo
[2010/06/18 03:32:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2010/06/18 01:46:05 | 000,000,000 | ---D | C] -- C:\Program Files\VirusTotalUploader2
[2010/06/17 13:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\RegCure download from 7sky.at.ua
[2010/06/13 01:39:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\BlueSoleil 6.4.314.3
[2010/06/12 23:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\BlueSol.ver6.4.249.0.KEYMAKER.maxiumaaaaa
[2010/06/11 11:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\magicBlock
[2010/06/11 00:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Xirrus
[2010/06/10 23:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Ekahau Site Survey
[2010/06/10 23:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\Ekahau
[2010/06/09 22:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2010/06/08 17:42:07 | 000,000,000 | ---D | C] -- D:\My Documents\GpsGate
[2010/06/08 17:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Franson
[2010/06/08 11:48:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Local Settings\Application Data\MetaGeek,_LLC
[2010/06/08 11:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2010/06/07 17:08:48 | 000,000,000 | ---D | C] -- C:\pioneerpsg
[2010/06/07 16:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\PioneerPSG
[2010/06/03 16:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Config
[2010/06/03 16:00:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Inet
[2010/06/02 22:12:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\Traders Pro Elite
[2010/05/30 05:08:45 | 000,000,000 | ---D | C] -- D:\My Documents\My Virtual Machines
[2010/05/30 03:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Local Settings\Application Data\VMware
[2010/05/30 03:22:06 | 000,334,384 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\vmnetdhcp.exe
[2010/05/30 03:22:04 | 000,399,920 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\vmnat.exe
[2010/05/30 03:22:01 | 000,026,288 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmnetuserif.sys
[2010/05/30 03:21:53 | 000,760,368 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\vnetlib.dll
[2010/05/30 03:21:33 | 000,024,624 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\VMkbd.sys
[2010/05/30 03:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2010/05/30 02:30:30 | 000,000,000 | ---D | C] -- C:\TopoGrafix Image Files
[2010/05/27 04:50:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/05/27 04:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2010/05/27 02:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\Malwarebytes
[2010/05/27 02:09:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/27 02:09:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/27 02:09:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/27 02:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/26 00:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010/05/23 22:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\X-NetStat
[2010/05/23 22:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\X-NetStat Professional
[2010/05/22 23:53:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\SAK
[2010/05/22 19:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\.gem
[2010/05/21 23:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\backup-date250109
[2010/05/21 23:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\CORE Security Technologies
[2010/05/21 23:10:23 | 000,090,112 | ---- | C] (E-Tech.CA) -- C:\Documents and Settings\Jay\Desktop\dc2000.exe
[2010/05/21 19:55:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\ProcessLasso
[2010/05/21 19:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Process Lasso
[2010/05/21 04:58:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\Security Tools
[2010/05/21 04:57:14 | 000,000,000 | ---D | C] -- C:\Program Files\GFI
[2010/05/21 04:34:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\GLNSS9020090709
[2010/05/21 04:00:04 | 000,000,000 | ---D | C] -- C:\Snort
[2010/05/21 00:56:56 | 000,854,064 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmx86.sys
[2010/05/21 00:56:56 | 000,070,704 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmci.sys
[2010/05/21 00:54:02 | 000,051,248 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\vmnetbridge.dll
[2010/05/21 00:54:02 | 000,032,688 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmnetbridge.sys
[2010/05/20 23:40:08 | 000,032,304 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\hcmon.sys
[2010/05/20 23:13:38 | 000,252,464 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\vmnc.dll
[2010/05/20 21:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\Rob
[2010/05/20 21:19:20 | 000,059,952 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\vnetinst.dll
[2010/05/20 21:19:20 | 000,031,280 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmusb.sys
[2010/05/20 21:19:20 | 000,018,736 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmnet.sys
[2010/05/20 21:19:20 | 000,016,560 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmnetadapter.sys
[2010/05/20 20:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010/05/20 20:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/05/20 20:12:35 | 000,000,000 | ---D | C] -- C:\PhotoshopPortable
[2010/05/20 16:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Cain
[2010/05/20 02:45:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\5350-8641-2429-7641-5705
[2010/05/19 18:55:00 | 000,000,000 | ---D | C] -- D:\My Documents\Pioneer Protective Services Group
[2010/05/15 15:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Local Settings\Application Data\VS Revo Group
[2010/05/15 15:14:39 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2010/05/15 04:29:25 | 000,038,976 | ---- | C] (microOLAP Technologies LTD) -- C:\WINDOWS\System32\drivers\pssdk42.sys
[2010/05/15 03:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\rapid7
[2010/05/14 16:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\.zenmap
[2010/05/14 16:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Nmap
[2010/05/14 16:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\Metasploit
[2010/05/14 04:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2010/05/14 04:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/05/14 04:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\SystemRequirementsLab
[2010/05/12 18:34:18 | 000,000,000 | ---D | C] -- C:\Program Files\Tadawulfx Trader 4
[2010/05/11 08:49:01 | 000,000,000 | ---D | C] -- C:\Hashfile
[2010/05/11 07:58:01 | 000,000,000 | ---D | C] -- D:\My Documents\vaporstore payments
[2010/05/09 16:49:14 | 000,000,000 | ---D | C] -- D:\My Documents\Avatars
[2010/05/06 17:52:31 | 000,000,000 | ---D | C] -- C:\Device
[2010/05/05 20:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\Typograf
[2010/05/03 15:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\New Folder
[2010/05/01 01:30:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\Serif
[2010/04/30 23:30:28 | 000,044,544 | ---- | C] (DiamondCS) -- C:\WINDOWS\System32\procguard.dll
[2010/04/30 23:30:28 | 000,026,688 | ---- | C] (DiamondCS) -- C:\WINDOWS\System32\drivers\procguard.sys
[2010/04/30 22:59:07 | 000,000,000 | R--D | C] -- C:\Sandbox
[2010/04/30 22:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2010/04/30 18:56:46 | 000,000,000 | ---D | C] -- D:\My Documents\Web Easy
[2010/04/30 18:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest
[2010/04/30 18:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\site pics
[2010/04/29 20:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\FileZilla
[2010/04/29 20:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2010/04/27 16:42:46 | 000,064,960 | ---- | C] (StorageCraft Technology Corporation) -- C:\WINDOWS\System32\drivers\stcp2v30.sys
[2010/04/27 14:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010/04/25 19:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\Coins
[2010/04/22 23:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\MetaTrader - FXOpen
[2010/04/19 23:38:52 | 000,000,000 | ---D | C] -- C:\Program Files\CMS MetaTrader 4 Client Terminal
[2010/04/17 11:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\FX Zapper V1.2 Package
[2010/04/16 17:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Desktop\soons phone vids
[2010/04/15 00:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\Candleworks
[2010/04/14 23:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\FXCM MT4 powered by BT
[2010/04/13 20:40:44 | 004,199,784 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf400.dll
[2010/04/13 20:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Quicken
[2010/04/11 03:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Password Remover
[2010/04/08 00:59:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\mkvtoolnix
[2010/04/08 00:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\MKVtoolnix
[2010/04/05 18:40:49 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010/04/05 18:40:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2010/04/04 12:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\Transmission Remote
[2010/04/03 15:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2010/04/03 11:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Application Data\Canneverbe Limited
[2010/04/03 11:23:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010/04/03 11:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2010/03/29 19:26:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Local Settings\Application Data\wizdXP
[2010/03/29 19:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\wizdxp
[2010/03/28 12:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/28 12:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/28 12:28:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Local Settings\Application Data\Apple
[2010/03/28 12:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/03/28 12:28:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/03/28 12:27:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jay\Local Settings\Application Data\Apple Computer
[2010/03/27 22:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/03/27 21:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/03/24 11:40:30 | 000,651,264 | ---- | C] (www.ext2fsd.com) -- C:\WINDOWS\System32\drivers\ext2fsd.sys
[2010/03/24 11:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ext2Fsd
[1 C:\Documents and Settings\Jay\*.tmp files -> C:\Documents and Settings\Jay\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/21 12:47:37 | 000,005,551 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/21 12:46:03 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/21 12:44:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/21 12:44:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/21 12:41:30 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/06/21 12:41:27 | 024,903,680 | ---- | M] () -- C:\Documents and Settings\Jay\ntuser.dat
[2010/06/21 12:41:27 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Jay\ntuser.ini
[2010/06/21 12:26:47 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/06/21 12:21:41 | 000,326,964 | ---- | M] () -- C:\WINDOWS\System32\pguard.dat
[2010/06/21 12:21:40 | 000,549,316 | ---- | M] () -- C:\WINDOWS\System32\pghash.dat
[2010/06/21 12:15:49 | 000,000,982 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\magicJack.lnk
[2010/06/21 12:12:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3030420016-499448262-1378471451-1006UA.job
[2010/06/21 12:12:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/20 21:17:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/06/20 19:05:20 | 001,151,011 | ---- | M] () -- D:\My Documents\jason pm file.xbel
[2010/06/20 17:21:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jay\Desktop\OTL.exe
[2010/06/20 15:12:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3030420016-499448262-1378471451-1006Core.job
[2010/06/20 01:59:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/20 01:46:44 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Xirrus Wi-Fi Inspector.lnk
[2010/06/20 01:28:45 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/20 00:57:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/19 12:55:07 | 000,463,390 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/19 12:55:07 | 000,081,458 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/19 12:55:06 | 000,554,596 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/19 05:22:04 | 000,008,330 | ---- | M] () -- D:\My Documents\cc_20100619_052157.reg
[2010/06/19 03:03:42 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/06/19 03:01:27 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) -- C:\WINDOWS\System32\drivers\pssdk42.sys
[2010/06/19 02:41:46 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\Jay\.rnd
[2010/06/19 02:11:45 | 000,001,209 | ---- | M] () -- C:\Documents and Settings\Jay\Start Menu\Programs\Startup\MagicsilencePlugin.lnk
[2010/06/18 14:29:17 | 000,000,829 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\Advanced JPEG Compressor.lnk
[2010/06/18 04:29:45 | 000,002,630 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\Dell Driver Download Manager.lnk
[2010/06/18 04:01:15 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dll
[2010/06/18 03:32:14 | 000,001,910 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
[2010/06/18 00:36:53 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\c66wtg28.exe
[2010/06/17 23:59:05 | 000,115,398 | ---- | M] () -- D:\My Documents\cc_20100617_235848.reg
[2010/06/17 16:56:00 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2010/06/17 14:08:32 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\dds.EXE
[2010/06/15 22:51:03 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2010/06/13 10:21:21 | 000,000,032 | ---- | M] () -- C:\WINDOWS\0
[2010/06/11 13:53:07 | 011,137,024 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\gmapsupp.img
[2010/06/10 12:09:46 | 000,403,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/08 17:46:53 | 000,089,210 | ---- | M] () -- D:\My Documents\50012_1.8WSolarManual.pdf
[2010/06/07 17:37:55 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\Jay\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/07 16:49:07 | 000,002,577 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\logo.png
[2010/06/07 12:06:31 | 000,098,204 | ---- | M] () -- D:\My Documents\Welcome to SCB Easy Net headset redacted.pdf
[2010/06/07 12:05:56 | 000,096,887 | ---- | M] () -- D:\My Documents\Welcome to SCB Easy Net headset.pdf
[2010/06/07 11:35:52 | 001,569,290 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\Welcome to SCB Easy Net.psd
[2010/06/07 11:16:32 | 000,111,889 | ---- | M] () -- D:\My Documents\Welcome to SCB Easy Net 1500 528 .pdf
[2010/06/07 10:49:13 | 000,005,278 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2010/06/04 14:54:47 | 004,280,249 | ---- | M] () -- D:\My Documents\joomla_15_quickstart.pdf
[2010/06/03 16:04:40 | 000,000,165 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2010/06/01 14:24:56 | 002,615,349 | ---- | M] () -- D:\My Documents\41910.pdf
[2010/06/01 09:57:43 | 000,429,832 | ---- | M] () -- D:\My Documents\alfa-awus036h-awus050nh-installing-drivers.pdf
[2010/05/31 11:40:26 | 000,358,803 | ---- | M] () -- D:\My Documents\GoldWars.pdf
[2010/05/27 05:59:48 | 000,132,622 | ---- | M] () -- D:\My Documents\Statement_May 2010.pdf
[2010/05/26 20:53:47 | 001,400,639 | ---- | M] () -- D:\My Documents\PPSG_Logo_2.pdf
[2010/05/26 01:31:39 | 001,018,694 | ---- | M] () -- D:\My Documents\PPSG_Logo.pdf
[2010/05/25 23:53:16 | 000,001,471 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2010/05/25 15:47:58 | 000,817,550 | ---- | M] () -- D:\My Documents\Cannot start magicJack.pdf
[2010/05/24 02:25:45 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\StopAutoShares.reg
[2010/05/22 15:52:52 | 000,060,270 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\Welcome to SCB Easy Net new.pdf
[2010/05/21 23:15:59 | 000,000,612 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/05/21 00:56:56 | 000,854,064 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmx86.sys
[2010/05/21 00:56:56 | 000,070,704 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmci.sys
[2010/05/21 00:56:36 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\vmnetdhcp.exe
[2010/05/21 00:56:18 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\vmnat.exe
[2010/05/21 00:55:24 | 000,760,368 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\vnetlib.dll
[2010/05/21 00:55:04 | 000,024,624 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\VMkbd.sys
[2010/05/21 00:54:02 | 000,051,248 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\vmnetbridge.dll
[2010/05/21 00:54:02 | 000,032,688 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmnetbridge.sys
[2010/05/21 00:53:58 | 000,026,288 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmnetuserif.sys
[2010/05/20 23:40:08 | 000,032,304 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\hcmon.sys
[2010/05/20 23:13:38 | 000,252,464 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\vmnc.dll
[2010/05/20 21:19:20 | 000,059,952 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\vnetinst.dll
[2010/05/20 21:19:20 | 000,031,280 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmusb.sys
[2010/05/20 21:19:20 | 000,018,736 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmnet.sys
[2010/05/20 21:19:20 | 000,016,560 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmnetadapter.sys
[2010/05/20 19:30:52 | 000,044,059 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\Welcome to SCB Easy Net.pdf
[2010/05/20 01:43:15 | 000,428,501 | ---- | M] () -- D:\My Documents\browser-uniqueness.pdf
[2010/05/19 23:14:34 | 000,246,971 | ---- | M] () -- D:\My Documents\051810_virtual_townhall.pdf
[2010/05/18 01:20:00 | 000,040,597 | ---- | M] () -- D:\My Documents\LNB+V-H.pdf
[2010/05/18 01:18:57 | 000,053,552 | ---- | M] () -- D:\My Documents\DiseqPositioner.pdf
[2010/05/18 01:18:29 | 000,021,109 | ---- | M] () -- D:\My Documents\LNB-4.pdf
[2010/05/18 01:18:10 | 000,010,785 | ---- | M] () -- D:\My Documents\LNB-2.pdf
[2010/05/18 01:17:40 | 000,063,572 | ---- | M] () -- D:\My Documents\mixTV.pdf
[2010/05/18 01:17:08 | 000,145,220 | ---- | M] () -- D:\My Documents\compass.pdf
[2010/05/18 01:16:34 | 000,085,500 | ---- | M] () -- D:\My Documents\4x4Great.pdf
[2010/05/18 01:15:02 | 000,087,432 | ---- | M] () -- D:\My Documents\4x4LNBMazz.pdf
[2010/05/18 01:13:31 | 000,103,714 | ---- | M] () -- D:\My Documents\Mz830-C-Ku.pdf
[2010/05/18 01:12:59 | 000,059,542 | ---- | M] () -- D:\My Documents\C-Ku-2.pdf
[2010/05/16 09:13:33 | 000,278,356 | ---- | M] () -- D:\My Documents\Cracking_Passwords_Guide.pdf
[2010/05/16 07:38:02 | 001,732,286 | ---- | M] () -- D:\My Documents\OASettings100516.OA
[2010/05/15 15:14:40 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2010/05/15 11:47:14 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Jay\.recently-used.xbel
[2010/05/15 04:21:05 | 000,209,898 | ---- | M] () -- D:\My Documents\Nessus_Activation_Code_Installation.pdf
[2010/05/15 03:02:28 | 000,308,210 | ---- | M] () -- D:\My Documents\NeXpose_Extended_API_v1.2_Guide.pdf
[2010/05/15 03:00:36 | 000,206,869 | ---- | M] () -- D:\My Documents\NeXposeQuickInstall.pdf
[2010/05/14 05:06:13 | 000,005,033 | ---- | M] () -- C:\WirelessDiagLog.csv
[2010/05/14 04:40:46 | 000,021,963 | ---- | M] () -- D:\My Documents\wordlist_tools.sh
[2010/05/14 03:43:08 | 000,377,271 | ---- | M] () -- D:\My Documents\Silky_report.pdf
[2010/05/12 22:28:31 | 000,274,247 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\post-a75824-cambodia-inter3.jpg.html
[2010/05/12 19:06:57 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\FXDD - MetaTrader.lnk
[2010/05/12 18:34:27 | 000,001,586 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Tadawulfx trader 4.lnk
[2010/05/10 05:45:40 | 000,346,624 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\epen.jpg
[2010/05/10 03:30:21 | 000,002,472 | ---- | M] () -- D:\My Documents\QOS.w54
[2010/05/09 03:31:30 | 001,022,470 | ---- | M] () -- D:\My Documents\Backtrack_4_How_To_Nessus_4_2_Persistent_Changes.pdf
[2010/05/09 03:30:42 | 000,999,251 | ---- | M] () -- D:\My Documents\Backtrack_4_USB_Full_Disk_Encryption.pdf
[2010/05/04 04:39:10 | 000,988,342 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\wpa-01.cap
[2010/05/04 02:40:44 | 017,350,974 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\Hack.wmv
[2010/05/03 01:55:17 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\windirstat.exe.lnk
[2010/05/03 01:33:20 | 000,041,451 | ---- | M] () -- D:\My Documents\margin_change.pdf
[2010/05/02 18:01:25 | 000,002,803 | ---- | M] () -- C:\settings.cfg
[2010/05/01 01:34:51 | 000,119,224 | ---- | M] () -- C:\Documents and Settings\Jay\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 03:08:57 | 000,665,088 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\Webpage PPSG.pub
[2010/04/29 03:02:48 | 000,029,027 | ---- | M] () -- D:\My Documents\2010_4_15_18_0_1_2.pdf
[2010/04/27 16:42:46 | 000,064,960 | ---- | M] (StorageCraft Technology Corporation) -- C:\WINDOWS\System32\drivers\stcp2v30.sys
[2010/04/27 14:11:55 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\SopCast.lnk
[2010/04/25 13:25:50 | 000,029,560 | ---- | M] (Tall Emu Pty Ltd) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2010/04/25 13:25:46 | 000,024,440 | ---- | M] (Tall Emu) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2010/04/25 13:25:41 | 000,225,936 | ---- | M] (Tall Emu) -- C:\WINDOWS\System32\drivers\OADriver.sys
[2010/04/25 06:31:58 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\keygen.exe
[2010/04/24 23:33:52 | 000,019,374 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\Bhumbol_and_Sirikit.jpg
[2010/04/22 23:55:10 | 000,001,593 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MetaTrader - FXOpen.lnk
[2010/04/22 21:16:01 | 000,064,384 | ---- | M] () -- D:\My Documents\UGN-3050_Personal-Tracker.pdf
[2010/04/22 18:34:18 | 000,845,132 | ---- | M] () -- D:\My Documents\bluediving-0.9.gz
[2010/04/22 18:30:10 | 000,820,137 | ---- | M] () -- D:\My Documents\bluediving-0.8.gz
[2010/04/22 18:19:06 | 000,043,748 | ---- | M] () -- D:\My Documents\Blooover.jar
[2010/04/22 18:08:38 | 000,362,135 | ---- | M] () -- D:\My Documents\21c3_Bluetooth_Hacking.pdf
[2010/04/22 17:45:41 | 000,188,361 | ---- | M] () -- D:\My Documents\FANTOMDRIVES22-207-017Apr16Apr3010ls41.pdf
[2010/04/22 17:04:26 | 001,273,638 | ---- | M] () -- D:\My Documents\DEE-iN_GPS_TRACKING.pdf
[2010/04/22 16:52:36 | 000,337,176 | ---- | M] () -- D:\My Documents\ACCESSORIESGPS.pdf
[2010/04/22 16:44:03 | 000,909,936 | ---- | M] () -- D:\My Documents\fulltext.pdf
[2010/04/21 12:38:44 | 000,000,103 | ---- | M] () -- C:\Documents and Settings\Jay\Application Data\default.pls
[2010/04/20 19:03:15 | 000,293,909 | ---- | M] () -- D:\My Documents\en_US-customer_agreement-fxddmalta.pdf
[2010/04/20 09:31:16 | 000,894,503 | ---- | M] () -- D:\My Documents\FXS Express Monthly - April 10.pdf
[2010/04/19 23:38:57 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CMS MetaTrader 4 Client Terminal.lnk
[2010/04/19 22:58:41 | 000,029,027 | ---- | M] () -- D:\My Documents\2010_4_15_18_0_1.pdf
[2010/04/19 22:47:03 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VTTrader 2.lnk
[2010/04/19 13:20:51 | 000,134,389 | ---- | M] () -- D:\My Documents\2e.tuckwellLBMAConf2003.pdf
[2010/04/19 13:15:17 | 000,020,464 | ---- | M] () -- D:\My Documents\cometa.pdf
[2010/04/19 13:14:23 | 002,053,006 | ---- | M] () -- D:\My Documents\COMETA_part2.pdf
[2010/04/19 13:11:25 | 000,773,433 | ---- | M] () -- D:\My Documents\COMETA_part1.pdf
[2010/04/19 10:03:46 | 000,045,928 | ---- | M] () -- D:\My Documents\obama-briefing-intro-letter.pdf
[2010/04/16 10:59:00 | 000,008,790 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\n781974571_4410.jpg
[2010/04/16 10:58:18 | 000,009,664 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\5453_1177520566373_1478899103_448840_7975285_n.jpg
[2010/04/16 10:47:12 | 000,046,800 | ---- | M] () -- C:\Documents and Settings\Jay\Desktop\23968_102493123125729_100000951257443_15513_5303731_n.jpg
[2010/04/15 00:31:25 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FXCM Trading Station.lnk
[2010/04/14 23:50:06 | 000,001,618 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FXCM MT4 powered by BT.lnk
[2010/04/14 09:46:52 | 000,328,857 | ---- | M] () -- D:\My Documents\CCTV.pdf
[2010/04/13 20:35:26 | 000,030,461 | ---- | M] () -- D:\My Documents\securepay.fxcm.co.u...pdf
[2010/04/13 08:56:39 | 000,035,526 | ---- | M] () -- D:\My Documents\ESign Nevada.pdf
[2010/04/13 06:03:19 | 000,694,736 | ---- | M] () -- D:\My Documents\2009 Lieberman J Form 1040 Individual Tax Return.tax2009
[2010/04/13 04:01:12 | 000,907,607 | ---- | M] () -- D:\My Documents\Passport_SSN_CADL.pdf
[2010/04/13 03:53:48 | 000,019,545 | ---- | M] () -- C:\WINDOWS\hpoins01.dat
[2010/04/12 12:16:32 | 000,059,829 | ---- | M] () -- D:\My Documents\Online trading application fxcm ...pdf
[2010/04/12 12:13:11 | 000,010,504 | ---- | M] () -- D:\My Documents\Online trading application ...pdf
[2010/04/11 22:02:32 | 000,522,781 | ---- | M] () -- D:\My Documents\user guide for connecttalk softphone.pdf
[2010/04/11 03:08:40 | 000,059,289 | ---- | M] () -- D:\My Documents\loat_signed.pdf
[2010/04/11 03:07:47 | 000,644,687 | ---- | M] () -- D:\My Documents\loat.1.pdf
[2010/04/11 02:48:31 | 000,648,745 | ---- | M] () -- D:\My Documents\LOAT_2.pdf
[2010/04/08 01:40:05 | 000,000,873 | ---- | M] () -- C:\WINDOWS\graphedt.INI
[2010/04/08 00:58:57 | 000,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\mkvmerge GUI.lnk
[2010/04/07 22:58:45 | 000,292,650 | ---- | M] () -- D:\My Documents\file_4.pdf
[2010/04/06 18:33:10 | 000,025,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2010/04/06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\drivers\IvtBtBus.sys
[2010/04/06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) -- C:\WINDOWS\System32\drivers\BtHidBus.sys
[2010/04/06 02:44:50 | 000,386,462 | ---- | M] () -- D:\My Documents\SF4000_Account_Transfer_Form.pdf
[2010/04/06 02:28:15 | 000,156,985 | ---- | M] () -- D:\My Documents\file_3.pdf
[2010/04/05 22:08:02 | 000,317,024 | ---- | M] () -- D:\My Documents\[OPEN_SOURCE_GUIDE]BN68-02223A_3.pdf
[2010/04/05 22:07:02 | 000,317,024 | ---- | M] () -- D:\My Documents\[OPEN_SOURCE_GUIDE]BN68-02223A_2.pdf
[2010/04/05 22:05:38 | 000,317,024 | ---- | M] () -- D:\My Documents\[OPEN_SOURCE_GUIDE]BN68-02223A.pdf
[2010/04/05 22:04:45 | 000,265,074 | ---- | M] () -- D:\My Documents\TV_Software_Upgrade_Guide_2.pdf
[2010/04/05 22:00:08 | 000,420,296 | ---- | M] () -- D:\My Documents\swupgrade_Guide_-_Eng.pdf
[2010/04/05 21:57:44 | 000,265,074 | ---- | M] () -- D:\My Documents\TV_Software_Upgrade_Guide.pdf
[2010/04/05 20:00:16 | 003,432,834 | ---- | M] () -- D:\My Documents\BN68-01983A-00Eng-0317.pdf
[2010/04/04 12:39:00 | 500,236,323 | ---- | M] () -- C:\Exploited teen asia Filipino bar teen anal.wmv
[2010/04/04 04:39:51 | 001,272,114 | ---- | M] () -- D:\My Documents\OASettings100404.OA
[2010/04/01 22:28:18 | 000,111,513 | ---- | M] () -- C:\WINDOWS\System32\3x4KT-HE.exe
[2010/04/01 01:59:17 | 000,006,742 | ---- | M] () -- D:\My Documents\Iron Man 2 [2010] English DVDRip.XviD-ALLiANCE.nfo
[2010/03/30 15:57:14 | 000,029,194 | ---- | M] () -- D:\My Documents\060327m.pdf
[2010/03/27 23:31:37 | 000,042,671 | ---- | M] () -- D:\My Documents\ref 103 Taking Erythromycin.pdf
[2010/03/27 22:32:08 | 000,665,728 | ---- | M] () -- D:\My Documents\2006.pdf
[2010/03/27 22:30:29 | 000,053,826 | ---- | M] () -- D:\My Documents\treat1.pdf
[2010/03/24 16:38:23 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/03/24 16:38:23 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[1 C:\Documents and Settings\Jay\*.tmp files -> C:\Documents and Settings\Jay\*.tmp -> ]

 

part 3

========== Files Created - No Company Name ==========

[2010/06/19 05:22:01 | 000,008,330 | ---- | C] () -- D:\My Documents\cc_20100619_052157.reg
[2010/06/19 04:29:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2010/06/19 02:11:45 | 000,001,209 | ---- | C] () -- C:\Documents and Settings\Jay\Start Menu\Programs\Startup\MagicsilencePlugin.lnk
[2010/06/18 19:24:43 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\c66wtg28.exe
[2010/06/18 14:29:17 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Advanced JPEG Compressor.lnk
[2010/06/18 04:29:45 | 000,002,630 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Dell Driver Download Manager.lnk
[2010/06/18 04:01:15 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/06/18 03:32:14 | 000,001,910 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
[2010/06/17 23:58:55 | 000,115,398 | ---- | C] () -- D:\My Documents\cc_20100617_235848.reg
[2010/06/17 23:19:43 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\dds.EXE
[2010/06/17 16:56:00 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2010/06/15 22:51:03 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2010/06/11 13:52:42 | 011,137,024 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\gmapsupp.img
[2010/06/11 00:07:32 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Xirrus Wi-Fi Inspector.lnk
[2010/06/08 17:46:52 | 000,089,210 | ---- | C] () -- D:\My Documents\50012_1.8WSolarManual.pdf
[2010/06/07 16:49:05 | 000,002,577 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\logo.png
[2010/06/07 12:06:30 | 000,098,204 | ---- | C] () -- D:\My Documents\Welcome to SCB Easy Net headset redacted.pdf
[2010/06/07 12:05:56 | 000,096,887 | ---- | C] () -- D:\My Documents\Welcome to SCB Easy Net headset.pdf
[2010/06/07 11:16:32 | 000,111,889 | ---- | C] () -- D:\My Documents\Welcome to SCB Easy Net 1500 528 .pdf
[2010/06/04 14:54:21 | 004,280,249 | ---- | C] () -- D:\My Documents\joomla_15_quickstart.pdf
[2010/06/01 14:24:50 | 002,615,349 | ---- | C] () -- D:\My Documents\41910.pdf
[2010/06/01 09:57:42 | 000,429,832 | ---- | C] () -- D:\My Documents\alfa-awus036h-awus050nh-installing-drivers.pdf
[2010/05/31 11:40:25 | 000,358,803 | ---- | C] () -- D:\My Documents\GoldWars.pdf
[2010/05/27 05:59:47 | 000,132,622 | ---- | C] () -- D:\My Documents\Statement_May 2010.pdf
[2010/05/26 20:53:37 | 001,400,639 | ---- | C] () -- D:\My Documents\PPSG_Logo_2.pdf
[2010/05/26 01:30:56 | 001,018,694 | ---- | C] () -- D:\My Documents\PPSG_Logo.pdf
[2010/05/25 15:47:55 | 000,817,550 | ---- | C] () -- D:\My Documents\Cannot start magicJack.pdf
[2010/05/25 00:59:06 | 000,388,823 | ---- | C] () -- C:\hping.exe
[2010/05/24 02:25:43 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\StopAutoShares.reg
[2010/05/23 23:03:59 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\keygen.exe
[2010/05/22 15:52:52 | 000,060,270 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Welcome to SCB Easy Net new.pdf
[2010/05/20 21:30:17 | 001,569,290 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Welcome to SCB Easy Net.psd
[2010/05/20 19:30:52 | 000,044,059 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Welcome to SCB Easy Net.pdf
[2010/05/20 01:43:13 | 000,428,501 | ---- | C] () -- D:\My Documents\browser-uniqueness.pdf
[2010/05/19 23:14:34 | 000,246,971 | ---- | C] () -- D:\My Documents\051810_virtual_townhall.pdf
[2010/05/18 01:19:59 | 000,040,597 | ---- | C] () -- D:\My Documents\LNB+V-H.pdf
[2010/05/18 01:18:56 | 000,053,552 | ---- | C] () -- D:\My Documents\DiseqPositioner.pdf
[2010/05/18 01:18:29 | 000,021,109 | ---- | C] () -- D:\My Documents\LNB-4.pdf
[2010/05/18 01:18:10 | 000,010,785 | ---- | C] () -- D:\My Documents\LNB-2.pdf
[2010/05/18 01:17:39 | 000,063,572 | ---- | C] () -- D:\My Documents\mixTV.pdf
[2010/05/18 01:17:07 | 000,145,220 | ---- | C] () -- D:\My Documents\compass.pdf
[2010/05/18 01:16:33 | 000,085,500 | ---- | C] () -- D:\My Documents\4x4Great.pdf
[2010/05/18 01:15:01 | 000,087,432 | ---- | C] () -- D:\My Documents\4x4LNBMazz.pdf
[2010/05/18 01:13:29 | 000,103,714 | ---- | C] () -- D:\My Documents\Mz830-C-Ku.pdf
[2010/05/18 01:12:59 | 000,059,542 | ---- | C] () -- D:\My Documents\C-Ku-2.pdf
[2010/05/16 09:13:32 | 000,278,356 | ---- | C] () -- D:\My Documents\Cracking_Passwords_Guide.pdf
[2010/05/16 07:37:55 | 001,732,286 | ---- | C] () -- D:\My Documents\OASettings100516.OA
[2010/05/15 15:14:40 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2010/05/15 11:47:14 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Jay\.recently-used.xbel
[2010/05/15 04:21:04 | 000,209,898 | ---- | C] () -- D:\My Documents\Nessus_Activation_Code_Installation.pdf
[2010/05/15 03:02:27 | 000,308,210 | ---- | C] () -- D:\My Documents\NeXpose_Extended_API_v1.2_Guide.pdf
[2010/05/15 03:00:35 | 000,206,869 | ---- | C] () -- D:\My Documents\NeXposeQuickInstall.pdf
[2010/05/14 04:40:46 | 000,021,963 | ---- | C] () -- D:\My Documents\wordlist_tools.sh
[2010/05/14 03:43:07 | 000,377,271 | ---- | C] () -- D:\My Documents\Silky_report.pdf
[2010/05/12 22:28:30 | 000,274,247 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\post-a75824-cambodia-inter3.jpg.html
[2010/05/12 19:06:57 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\FXDD - MetaTrader.lnk
[2010/05/12 18:34:27 | 000,001,586 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Tadawulfx trader 4.lnk
[2010/05/10 06:05:07 | 000,346,624 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\epen.jpg
[2010/05/10 02:49:02 | 000,002,472 | ---- | C] () -- D:\My Documents\QOS.w54
[2010/05/09 03:31:28 | 001,022,470 | ---- | C] () -- D:\My Documents\Backtrack_4_How_To_Nessus_4_2_Persistent_Changes.pdf
[2010/05/09 03:30:39 | 000,999,251 | ---- | C] () -- D:\My Documents\Backtrack_4_USB_Full_Disk_Encryption.pdf
[2010/05/04 04:46:01 | 000,988,342 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\wpa-01.cap
[2010/05/04 02:22:33 | 017,350,974 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Hack.wmv
[2010/05/03 01:55:17 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\windirstat.exe.lnk
[2010/05/03 01:33:20 | 000,041,451 | ---- | C] () -- D:\My Documents\margin_change.pdf
[2010/05/02 18:38:18 | 000,002,803 | ---- | C] () -- C:\settings.cfg
[2010/04/30 22:58:26 | 000,005,278 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010/04/29 03:08:56 | 000,665,088 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Webpage PPSG.pub
[2010/04/29 03:02:48 | 000,029,027 | ---- | C] () -- D:\My Documents\2010_4_15_18_0_1_2.pdf
[2010/04/27 14:11:55 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\SopCast.lnk
[2010/04/24 23:33:51 | 000,019,374 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Bhumbol_and_Sirikit.jpg
[2010/04/22 23:55:10 | 000,001,593 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MetaTrader - FXOpen.lnk
[2010/04/22 21:16:01 | 000,064,384 | ---- | C] () -- D:\My Documents\UGN-3050_Personal-Tracker.pdf
[2010/04/22 18:33:38 | 000,845,132 | ---- | C] () -- D:\My Documents\bluediving-0.9.gz
[2010/04/22 18:28:13 | 000,820,137 | ---- | C] () -- D:\My Documents\bluediving-0.8.gz
[2010/04/22 18:19:06 | 000,043,748 | ---- | C] () -- D:\My Documents\Blooover.jar
[2010/04/22 18:08:38 | 000,362,135 | ---- | C] () -- D:\My Documents\21c3_Bluetooth_Hacking.pdf
[2010/04/22 17:45:40 | 000,188,361 | ---- | C] () -- D:\My Documents\FANTOMDRIVES22-207-017Apr16Apr3010ls41.pdf
[2010/04/22 17:04:06 | 001,273,638 | ---- | C] () -- D:\My Documents\DEE-iN_GPS_TRACKING.pdf
[2010/04/22 16:51:01 | 000,337,176 | ---- | C] () -- D:\My Documents\ACCESSORIESGPS.pdf
[2010/04/22 16:43:49 | 000,909,936 | ---- | C] () -- D:\My Documents\fulltext.pdf
[2010/04/20 19:03:15 | 000,293,909 | ---- | C] () -- D:\My Documents\en_US-customer_agreement-fxddmalta.pdf
[2010/04/20 09:31:16 | 000,894,503 | ---- | C] () -- D:\My Documents\FXS Express Monthly - April 10.pdf
[2010/04/19 23:38:57 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CMS MetaTrader 4 Client Terminal.lnk
[2010/04/19 22:58:41 | 000,029,027 | ---- | C] () -- D:\My Documents\2010_4_15_18_0_1.pdf
[2010/04/19 22:47:03 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VTTrader 2.lnk
[2010/04/19 13:20:51 | 000,134,389 | ---- | C] () -- D:\My Documents\2e.tuckwellLBMAConf2003.pdf
[2010/04/19 13:15:17 | 000,020,464 | ---- | C] () -- D:\My Documents\cometa.pdf
[2010/04/19 13:12:16 | 002,053,006 | ---- | C] () -- D:\My Documents\COMETA_part2.pdf
[2010/04/19 13:11:19 | 000,773,433 | ---- | C] () -- D:\My Documents\COMETA_part1.pdf
[2010/04/19 10:03:46 | 000,045,928 | ---- | C] () -- D:\My Documents\obama-briefing-intro-letter.pdf
[2010/04/16 10:58:12 | 000,008,790 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\n781974571_4410.jpg
[2010/04/16 10:57:37 | 000,009,664 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\5453_1177520566373_1478899103_448840_7975285_n.jpg
[2010/04/16 10:46:38 | 000,046,800 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\23968_102493123125729_100000951257443_15513_5303731_n.jpg
[2010/04/15 00:31:25 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FXCM Trading Station.lnk
[2010/04/14 23:50:06 | 000,001,618 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FXCM MT4 powered by BT.lnk
[2010/04/14 09:46:52 | 000,328,857 | ---- | C] () -- D:\My Documents\CCTV.pdf
[2010/04/13 20:39:52 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2010/04/13 20:35:26 | 000,030,461 | ---- | C] () -- D:\My Documents\securepay.fxcm.co.u...pdf
[2010/04/13 08:56:38 | 000,035,526 | ---- | C] () -- D:\My Documents\ESign Nevada.pdf
[2010/04/13 03:56:49 | 000,907,607 | ---- | C] () -- D:\My Documents\Passport_SSN_CADL.pdf
[2010/04/13 03:48:48 | 000,019,545 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2010/04/13 03:48:48 | 000,016,606 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2010/04/12 12:16:32 | 000,059,829 | ---- | C] () -- D:\My Documents\Online trading application fxcm ...pdf
[2010/04/12 12:13:11 | 000,010,504 | ---- | C] () -- D:\My Documents\Online trading application ...pdf
[2010/04/11 22:02:31 | 000,522,781 | ---- | C] () -- D:\My Documents\user guide for connecttalk softphone.pdf
[2010/04/11 03:08:40 | 000,059,289 | ---- | C] () -- D:\My Documents\loat_signed.pdf
[2010/04/11 03:07:47 | 000,644,687 | ---- | C] () -- D:\My Documents\loat.1.pdf
[2010/04/09 20:16:08 | 000,161,196 | ---- | C] () -- C:\Documents and Settings\Jay\Desktop\Buzz.mp3
[2010/04/08 00:58:57 | 000,001,563 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\mkvmerge GUI.lnk
[2010/04/07 22:58:39 | 000,292,650 | ---- | C] () -- D:\My Documents\file_4.pdf
[2010/04/07 01:27:37 | 000,648,745 | ---- | C] () -- D:\My Documents\LOAT_2.pdf
[2010/04/06 02:44:50 | 000,386,462 | ---- | C] () -- D:\My Documents\SF4000_Account_Transfer_Form.pdf
[2010/04/06 02:28:14 | 000,156,985 | ---- | C] () -- D:\My Documents\file_3.pdf
[2010/04/05 22:08:01 | 000,317,024 | ---- | C] () -- D:\My Documents\[OPEN_SOURCE_GUIDE]BN68-02223A_3.pdf
[2010/04/05 22:07:02 | 000,317,024 | ---- | C] () -- D:\My Documents\[OPEN_SOURCE_GUIDE]BN68-02223A_2.pdf
[2010/04/05 22:05:38 | 000,317,024 | ---- | C] () -- D:\My Documents\[OPEN_SOURCE_GUIDE]BN68-02223A.pdf
[2010/04/05 22:04:44 | 000,265,074 | ---- | C] () -- D:\My Documents\TV_Software_Upgrade_Guide_2.pdf
[2010/04/05 22:00:08 | 000,420,296 | ---- | C] () -- D:\My Documents\swupgrade_Guide_-_Eng.pdf
[2010/04/05 21:57:43 | 000,265,074 | ---- | C] () -- D:\My Documents\TV_Software_Upgrade_Guide.pdf
[2010/04/05 19:59:50 | 003,432,834 | ---- | C] () -- D:\My Documents\BN68-01983A-00Eng-0317.pdf
[2010/04/05 02:37:26 | 500,236,323 | ---- | C] () -- C:\Exploited teen asia Filipino bar teen anal.wmv
[2010/04/04 04:39:33 | 001,272,114 | ---- | C] () -- D:\My Documents\OASettings100404.OA
[2010/04/03 11:21:51 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/04/01 22:28:18 | 000,111,513 | ---- | C] () -- C:\WINDOWS\System32\3x4KT-HE.exe
[2010/04/01 01:59:17 | 000,006,742 | ---- | C] () -- D:\My Documents\Iron Man 2 [2010] English DVDRip.XviD-ALLiANCE.nfo
[2010/03/31 20:21:30 | 000,005,033 | ---- | C] () -- C:\WirelessDiagLog.csv
[2010/03/30 15:57:13 | 000,029,194 | ---- | C] () -- D:\My Documents\060327m.pdf
[2010/03/27 23:31:36 | 000,042,671 | ---- | C] () -- D:\My Documents\ref 103 Taking Erythromycin.pdf
[2010/03/27 22:32:06 | 000,665,728 | ---- | C] () -- D:\My Documents\2006.pdf
[2010/03/27 22:30:29 | 000,053,826 | ---- | C] () -- D:\My Documents\treat1.pdf
[2010/01/27 09:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/09/30 05:45:46 | 000,020,849 | ---- | C] () -- C:\WINDOWS\hplj1010.ini
[2009/06/30 16:08:08 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/06/28 07:21:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2009/06/08 08:58:17 | 000,026,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2008/12/07 12:44:54 | 000,025,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2008/11/14 12:45:54 | 000,000,165 | ---- | C] () -- C:\WINDOWS\startUp manager.INI
[2008/11/03 12:28:30 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\Bmp2Jpeg.dll
[2008/10/15 18:48:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008/10/07 14:32:29 | 000,000,099 | ---- | C] () -- C:\WINDOWS\(null)toolkit.ini
[2008/09/29 08:52:51 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2008/09/29 08:52:51 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2008/09/29 08:52:51 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008/09/29 08:52:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2008/09/12 01:58:50 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\GpsGateComClient.dll
[2008/09/12 01:56:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\GateApiXP.dll
[2008/08/04 03:45:47 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Dreambox Uploader.ini
[2008/07/23 17:33:07 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\socketlock.sys
[2008/06/02 09:27:23 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/06/02 09:27:23 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/05/27 08:52:49 | 000,000,000 | R--- | C] () -- C:\WINDOWS\System32\svconfig.ini
[2008/05/27 07:13:38 | 000,000,873 | ---- | C] () -- C:\WINDOWS\graphedt.INI
[2008/05/23 05:22:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/05/23 05:19:46 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/05/16 14:50:56 | 000,000,160 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2008/05/16 14:47:54 | 000,000,064 | -H-- | C] () -- C:\WINDOWS\system.sys
[2008/03/12 03:47:24 | 000,884,736 | ---- | C] () -- C:\WINDOWS\System32\HDX4MediaConverter.dll
[2008/02/29 05:30:08 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2008/02/06 02:31:50 | 001,511,424 | ---- | C] () -- C:\WINDOWS\System32\HDX4MediaReveal.dll
[2008/02/05 08:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/01/29 15:05:48 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/01/13 21:07:09 | 000,000,022 | ---- | C] () -- C:\WINDOWS\ShellIcon32.dll
[2007/10/29 04:24:08 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\pwlang.dll
[2007/10/10 20:00:36 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\chckshll.dll
[2007/09/24 15:06:06 | 000,034,128 | ---- | C] () -- C:\WINDOWS\OEM_FLASHDRV.dll
[2007/08/24 04:07:20 | 000,000,239 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007/08/21 05:46:07 | 000,544,256 | ---- | C] () -- C:\WINDOWS\System32\janGraphics.dll
[2007/08/20 01:50:48 | 000,000,918 | ---- | C] () -- C:\WINDOWS\BOC425.INI
[2007/07/27 03:24:57 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2007/07/27 03:24:17 | 000,585,791 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2007/07/25 02:10:55 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\OmniEOM.dll
[2007/07/25 02:10:55 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\nfsshare.dll
[2007/06/21 17:32:49 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2007/06/18 22:09:25 | 000,000,123 | ---- | C] () -- C:\WINDOWS\rootkitno.ini
[2007/06/18 20:58:41 | 000,000,133 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2007/06/08 20:46:39 | 000,000,077 | ---- | C] () -- C:\WINDOWS\lsoon.ini
[2007/05/22 10:13:11 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/05/22 10:10:26 | 000,000,084 | ---- | C] () -- C:\WINDOWS\EPSPRX580.ini
[2007/05/18 19:51:54 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/05/02 16:39:48 | 001,216,512 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/05/02 16:39:48 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/04/21 03:29:02 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\RTClientSDK70.dll
[2007/03/30 14:00:40 | 000,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2007/03/21 17:18:47 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dvdSanta.INI
[2007/03/17 07:45:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/07 08:54:55 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/03/06 09:29:11 | 000,000,459 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/03/06 09:29:11 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/03/06 09:28:26 | 000,000,887 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007/03/06 09:28:26 | 000,000,153 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007/03/06 09:27:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007/02/27 02:59:14 | 000,000,026 | ---- | C] () -- C:\WINDOWS\FPKPMSV.INI
[2007/02/26 23:45:39 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[2007/02/21 03:53:08 | 004,239,360 | ---- | C] () -- C:\WINDOWS\System32\qtp-mt334.dll
[2007/02/12 00:49:20 | 000,000,201 | ---- | C] () -- C:\WINDOWS\AspellPlugin.INI
[2006/12/29 21:08:34 | 000,000,317 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/12/07 21:59:00 | 000,400,896 | ---- | C] () -- C:\WINDOWS\stb_user.dll
[2006/12/07 21:59:00 | 000,146,432 | ---- | C] () -- C:\WINDOWS\stb_struct.dll
[2006/12/07 21:58:55 | 003,693,568 | ---- | C] () -- C:\WINDOWS\stb_prog.dll
[2006/12/07 21:58:53 | 001,199,616 | ---- | C] () -- C:\WINDOWS\stb_import.dll
[2006/12/07 21:58:53 | 000,279,040 | ---- | C] () -- C:\WINDOWS\stb_dwobj.dll
[2006/12/07 21:58:53 | 000,161,280 | ---- | C] () -- C:\WINDOWS\stb_func.dll
[2006/12/07 21:58:52 | 000,688,640 | ---- | C] () -- C:\WINDOWS\stb_comm.dll
[2006/12/07 21:58:51 | 000,376,832 | ---- | C] () -- C:\WINDOWS\Jpeg2Raw.dll
[2006/12/07 21:58:51 | 000,282,624 | ---- | C] () -- C:\WINDOWS\MPEG_ENC_DLL.dll
[2006/12/07 21:58:51 | 000,077,824 | ---- | C] () -- C:\WINDOWS\stb_Serial32.dll
[2006/12/07 21:58:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\stb_EzInternet.dll
[2006/12/07 21:58:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\stb_Compress.dll
[2006/12/07 21:58:39 | 000,392,192 | ---- | C] () -- C:\WINDOWS\Libjcc.dll
[2006/12/07 21:58:39 | 000,035,328 | ---- | C] () -- C:\WINDOWS\libjsybheap.dll
[2006/10/13 06:08:43 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/10/12 08:06:08 | 000,005,652 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2006/10/05 11:01:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/05 10:54:09 | 000,000,612 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/05 10:44:36 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/10/05 10:42:22 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/05 10:07:52 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/10/05 10:06:42 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/09/19 05:48:00 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\RTClientSDK55.dll
[2006/08/15 23:43:02 | 000,001,147 | ---- | C] () -- C:\WINDOWS\System32\IPCamera.ini
[2006/03/07 15:22:04 | 004,014,080 | ---- | C] () -- C:\WINDOWS\System32\qt-mt335.dll
[2006/03/07 15:22:04 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\boost_thread-vc71-mt-1_32.dll
[2006/01/26 19:51:57 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2006/01/26 19:51:56 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\nlame.dll
[2005/09/21 14:05:30 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\GpsToolsXP.dll
[2005/09/21 14:05:30 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\GpsViewXP.dll
[2005/09/21 14:05:30 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\MapLibXP.dll
[2005/09/21 14:05:28 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\GpsShapeXP.dll
[2005/09/01 01:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/08/16 16:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/06 02:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/26 03:06:26 | 000,119,296 | ---- | C] () -- C:\WINDOWS\System32\WnASPI32.dll
[2005/02/17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2003/08/29 16:23:49 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/03/09 21:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2003/01/07 22:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/07/07 18:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/09/19 11:16:56 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\DLPORTIO.SYS
[2000/07/28 16:15:00 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\uuddc32.dll

========== LOP Check ==========

[2007/05/20 07:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1.0.0.0
[2008/05/31 14:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2009/02/16 05:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2007/03/08 07:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Amazon
[2009/11/24 17:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2006/10/17 06:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Basta Computing
[2007/08/20 01:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOC425
[2010/04/03 11:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2007/08/21 05:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DreamboxManagerSuite
[2010/02/28 18:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2006/10/16 10:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.2 Setup
[2007/03/17 05:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2009/03/31 02:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/09/20 14:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2008/10/28 16:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Geek Squad
[2008/08/28 16:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoodSync
[2009/11/10 01:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010/03/02 23:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/06/18 04:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/08/23 17:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/02/20 13:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MagneticOne Store Manager for osCommerce
[2008/01/01 12:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/01/26 07:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mixesoft
[2007/03/19 18:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2007/12/08 01:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/11/20 17:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2006/10/13 05:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2007/12/08 01:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/05/20 20:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2008/07/15 00:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/05/27 06:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2007/03/17 05:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2009/01/14 16:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SuperEasy Software
[2008/05/27 08:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\T-Mobile
[2009/03/09 10:59:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TelTel
[2010/05/27 04:14:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/07/26 03:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/12/08 15:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VisualZone
[2008/07/03 07:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2007/12/25 02:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VTSystems
[2007/11/25 06:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zfone
[2008/12/27 09:19:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[2009/03/22 19:52:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}
[2009/06/18 11:03:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{299AD074-3B8B-4811-BF5C-E2EDBC6DEB23}
[2009/06/18 11:03:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{907A85CA-E023-4161-8F5C-E72C340031D2}
[2008/02/06 04:38:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
[2009/03/22 19:40:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D994735B-8DC6-4AEE-B720-704A4EC0402E}
[2006/10/16 11:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\.gaim
[2008/10/30 14:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\.purple
[2007/01/31 18:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\ACD Systems
[2009/06/08 08:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\AT&T
[2006/10/17 06:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Basta Computing
[2009/01/01 13:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\BinaryMark
[2010/06/07 17:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\BPFTP
[2009/06/08 15:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Bytemobile
[2010/04/03 11:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Canneverbe Limited
[2009/11/08 15:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\CheckPoint
[2008/10/22 03:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\ChemTable Software
[2008/10/30 15:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\com.albelli.demo.XEditor.9662B72A69EC54AD83412D07E7CBBBB8B024DBAB.1
[2007/05/18 19:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\CVS
[2008/08/18 15:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\d
[2009/06/08 08:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\DBUpdater
[2010/06/19 12:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\DMCache
[2007/02/27 02:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Downloaded Installations
[2009/12/16 08:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\E-centives
[2007/10/30 21:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Ectaco
[2008/06/09 12:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Endicia
[2007/05/22 12:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\EPSON
[2007/06/28 21:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Fanix
[2010/05/20 14:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\FileZilla
[2009/03/29 14:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\GARMIN
[2007/11/18 02:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\GetRightToGo
[2007/05/21 19:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\GlarySoft
[2010/05/12 22:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\GoodSync
[2010/05/15 11:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\gtk-2.0
[2010/05/29 17:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\IDM
[2007/05/13 09:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\ieSpell
[2008/09/28 11:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\ImgBurn
[2006/10/16 11:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\InternetCalls
[2010/06/18 04:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\iolo
[2009/01/17 14:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\KeePass
[2006/10/16 11:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Kerio
[2007/02/27 02:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Kinko's
[2007/05/22 10:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Leadertech
[2008/07/04 06:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\magicJackOutlookAddIn
[2007/07/14 01:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\mirkes.de
[2010/06/21 12:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\mjusbsp
[2010/04/08 00:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\mkvtoolnix
[2010/04/13 02:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\MxBoost
[2009/06/29 21:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Nokia
[2008/10/15 19:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\OfficeUpdate12
[2009/11/20 18:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\OnlineArmor
[2009/03/19 16:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\ooVoo Details
[2006/10/13 05:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Otto
[2009/06/29 20:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\PC Suite
[2007/03/06 09:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\PC-FAX TX
[2006/10/16 11:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\pe explorer
[2008/01/21 18:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Powermarks
[2010/05/21 19:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\ProcessLasso
[2006/10/16 11:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Regrun
[2010/02/03 04:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\RipIt4Me
[2007/03/08 04:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\ScanSoft
[2008/09/02 03:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Scooter Software
[2010/05/01 01:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Serif
[2008/08/18 15:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\ShareTV
[2008/12/06 17:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Sharp World Clock
[2009/06/08 08:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Sierra Wireless
[2007/11/12 01:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\SimpLogs
[2007/04/21 06:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\SlySoft
[2007/05/31 04:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Snapfish
[2007/09/19 15:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Sprite Software
[2007/07/23 03:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Spycar
[2007/06/06 11:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Stamps.com Internet Postage
[2009/01/09 15:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\SuperEasy
[2009/01/14 16:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\SuperEasy Software
[2006/10/16 11:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Sync App Settings
[2010/05/14 04:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\SystemRequirementsLab
[2008/11/14 12:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Systweak
[2007/05/26 18:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\T-Mobile
[2008/07/01 13:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\TelTel
[2008/02/15 21:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\TextPad
[2008/09/28 11:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Thinstall
[2009/12/22 15:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Trillian
[2008/02/06 04:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\TrueCrypt
[2008/10/30 14:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\TuneUp Software
[2008/10/04 16:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Uniblue
[2007/12/14 00:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\URSoft
[2010/05/15 15:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\uTorrent
[2007/06/05 01:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Viewpoint
[2007/12/31 09:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\VisualZone
[2009/03/29 15:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\VoiceEditor
[2009/01/10 14:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Vso
[2009/11/24 16:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\WinPatrol
[2009/08/06 23:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\Wireshark
[2008/01/26 06:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\WNR
[2010/05/23 23:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\X-NetStat
[2008/07/16 14:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jay\Application Data\zweitgeist
[2010/06/21 12:41:32 | 000,032,554 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\net1.exe:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\dllhost.exe:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\ati2evxx.exe:SummaryInformation
@Alternate Data Stream - 4752 bytes -> D:\My Documents\home.html:Q30lsldxJoudresxAaaqpcawXc
< End of report >

 

Just wanted to add that I no longer get the svchost error originally posted but I still get a BSOD every now and then when I try and shutdown. Doesn't happen every time and I'm not quite sure what sets it off. It's a Bad Pool Caller and I think it's a driver issue. Not 100% sure yet.

 

So.. seems like my issue has been fixed. No more errors or BSOD. All virus scans and malware scans pass.

Maybe I should start another topic but there is one other thing that is bothering me. My computer always restarts when I shutdown/hibernate/standby. It completes the process without issue but laptop just doesn't poweroff. I have turned off the feature to restart on error but doesn't help. I don't have the roxio software installed which is known to cause such issues.

I should add that this problem started several months ago when I switched out the motherboard on my laptop. I thought maybe it was a hardware issue up until I started this post during my recent woes. For some reason, the problem seemed to have gone away when I started having the svchost issue. But now that everything is fixed the poweroff issue is back. Now I know it can be fixed since I saw for several days it was working correctly.

Any help would be greatly appreciated.

And also let me add, thanks so much for helping me resolve the errors I was getting.