Please check this log.
-
Please check this log.
Hi,
My computers been acting up lately. Sometimes it will run seamlessly at first then after a few seconds when using Internet it will stop functioning properly. It will stop accessing the internet, it will freeze my explorer, taskbar, and I can't restart or shutdown. Also when logging on windows prompted me that DEP Data Execution Program will be closed.
Here are the log files
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Database version: 4545
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
9/5/2010 8:52:30 AM
mbam-log-2010-09-05 (08-52-30).txt
Scan type: Quick scan
Objects scanned: 126690
Time elapsed: 5 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 55
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Not selected for removal.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\Temp\sig4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\apezt[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\bsku[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\czcyvhve[1].jpg (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\emsnl[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\ggnig[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\irazz[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\jucc[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\jucc[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\ntmiihq[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\qhwil[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\syctcghh[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\ueepznw[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\vbouyu[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\ynjup[1].gif (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ISU0MD5\ztcl[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\amel[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\cultk[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\dhtguur[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\fxxq[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\ggnig[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\ltywwsp[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\nbqw[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\tonavrk[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\ubzuwaz[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\ubzuwaz[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\vhizxvfw[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\496JOTY7\zwoqs[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\amel[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\amel[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\buvaq[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\cpwenv[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\fuxfnla[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\jdjoee[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\jucc[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\jxpjawcm[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\opkir[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\pcaxip[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\qutfts[1].bmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\sbwos[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\ubzuwaz[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I3STQJNM\ulesuy[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\amel[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\cultk[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\cvpqblo[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\ffmvc[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\ffmvc[2].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\ggnig[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\jyvqv[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\kmspkc[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\rtvo[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\tonavrk[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\tonavrk[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\xvbehe[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KDEJ0DMR\yxhvurhe[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
----------
GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover
Rootkit scan 2010-09-05 10:03:09
Windows 5.1.2600 Service Pack 2
Running: jpw9htfj.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ugdoapog.sys
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x72 0xA8 0x37 0xEA ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA8 0x74 0x7E 0xF9 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x9A 0x7C 0x48 0x4C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@hdf12 0x36 0xDB 0x41 0xDF ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA8 0x74 0x7E 0xF9 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x9A 0x7C 0x48 0x4C ...
---- EOF - GMER 1.0.15 ----
MBRCheck
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 2 (build 2600)
Logical Drives Mask: 0x000007fc
Kernel Drivers (total 123):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E2000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB7EB4000 spdk.sys
0xB85AA000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xB7E9C000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xB7E6E000 ACPI.sys
0xB7E5D000 pci.sys
0xB80A8000 isapnp.sys
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80B8000 MountMgr.sys
0xB7E3E000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7E18000 dmio.sys
0xB8330000 PartMgr.sys
0xB80C8000 VolSnap.sys
0xB7E00000 atapi.sys
0xB80D8000 disk.sys
0xB80E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7DE1000 fltMgr.sys
0xB7DCF000 sr.sys
0xB7DB8000 KSecDD.sys
0xB7D2B000 Ntfs.sys
0xB7CFE000 NDIS.sys
0xB7CE3000 Mup.sys
0xB8138000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB7250000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB723C000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB7217000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8390000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB71F4000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB8398000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB71CC000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xB83A0000 \SystemRoot\system32\DRIVERS\fdc.sys
0xB71B8000 \SystemRoot\system32\DRIVERS\parport.sys
0xB8148000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB83A8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8158000 \SystemRoot\system32\DRIVERS\serial.sys
0xB8560000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB8168000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8178000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB8188000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB7195000 \SystemRoot\system32\DRIVERS\ks.sys
0xB715C000 \SystemRoot\System32\Drivers\asbeqtys.SYS
0xB87ED000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB8198000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB8574000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB7145000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB81A8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB81B8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB8410000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB710C000 \SystemRoot\system32\DRIVERS\psched.sys
0xB81C8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB8418000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8420000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB6ACE000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB81D8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB8428000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB85BA000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB6A9A000 \SystemRoot\system32\DRIVERS\update.sys
0xB8594000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB81E8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB485F000 \SystemRoot\system32\drivers\sthda.sys
0xB483D000 \SystemRoot\system32\drivers\portcls.sys
0xB8218000 \SystemRoot\system32\drivers\drmk.sys
0xB8248000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB85C0000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB85C2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB8775000 \SystemRoot\System32\Drivers\Null.SYS
0xB85C4000 \SystemRoot\System32\Drivers\Beep.SYS
0xB8448000 \SystemRoot\System32\drivers\vga.sys
0xB85C6000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB85C8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB8450000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB8458000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB855C000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB4742000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB46EA000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB8268000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xB46C9000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB4679000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB8278000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB4657000 \SystemRoot\System32\drivers\afd.sys
0xB8288000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB462B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB45BC000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB8298000 \SystemRoot\System32\Drivers\Fips.SYS
0xB455C000 \SystemRoot\System32\Drivers\usbVM303.sys
0xB82A8000 \SystemRoot\System32\Drivers\STREAM.SYS
0xB3F29000 \SystemRoot\System32\Drivers\aswSP.SYS
0xB8470000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xB7135000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB82B8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB8478000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB8488000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB7121000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB82D8000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB3F06000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xB3EEE000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB85CA000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB8498000 \SystemRoot\System32\watchdog.sys
0xB6A8E000 \SystemRoot\System32\drivers\Dxapi.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB87AB000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xB3ECA000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xB3BD6000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB39B7000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xB37EA000 \SystemRoot\system32\drivers\wdmaud.sys
0xB396F000 \SystemRoot\system32\drivers\sysaudio.sys
0xB3510000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB8662000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB3589000 \??\C:\WINDOWS\system32\drivers\cpuz134_x32.sys
0xB346D000 \SystemRoot\system32\DRIVERS\srv.sys
0xB3314000 \SystemRoot\System32\Drivers\HTTP.sys
0xB84A0000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xB3005000 \??\C:\DOCUME~1\David\LOCALS~1\Temp\ugdoapog.sys
0xB2FDB000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll
Processes (total 24):
0 System Idle Process
4 System
648 C:\WINDOWS\system32\smss.exe
704 csrss.exe
728 C:\WINDOWS\system32\winlogon.exe
772 C:\WINDOWS\system32\services.exe
784 C:\WINDOWS\system32\lsass.exe
956 C:\WINDOWS\system32\nvsvc32.exe
988 C:\WINDOWS\system32\svchost.exe
1076 svchost.exe
1176 C:\WINDOWS\system32\svchost.exe
1308 svchost.exe
1356 svchost.exe
1460 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1972 C:\WINDOWS\explorer.exe
136 C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
184 C:\WINDOWS\VM303_STI.EXE
168 C:\WINDOWS\system32\rundll32.exe
472 C:\WINDOWS\system32\svchost.exe
696 C:\Program Files\DAEMON Tools Lite\DTLite.exe
924 alg.exe
2628 D:\Program Files\Mozilla Firefox2\firefox.exe
3584 E:\My Documents\Downloads\MBRCheck.exe
4052 C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000007`52c65e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000001f`bcabf600 (NTFS)
\\.\F: --> \\.\PhysicalDrive1 at offset 0x00000000`007e0000 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000009`5af22800 (NTFS)
\\.\H: --> \\.\PhysicalDrive1 at offset 0x00000012`a2478200 (NTFS)
PhysicalDrive0 Model Number: ST3250310AS, Rev: 3.AAC
PhysicalDrive1 Model Number: WDCWD1200BEVS-22LAT0, Rev: 01.06M01
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
111 GB \\.\PhysicalDrive1 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
Done!
Thanks,
David
-
continuation...
TL 1st log
OTL logfile created on: 9/5/2010 9:24:39 AM - Run 3
OTL by OldTimer - Version 3.2.11.0 Folder = E:\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
8.00 Gb Paging File | 8.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.29 Gb Total Space | 22.76 Gb Free Space | 77.68% Space Free | Partition Type: NTFS
Drive D: | 97.65 Gb Total Space | 94.57 Gb Free Space | 96.84% Space Free | Partition Type: NTFS
Drive E: | 105.93 Gb Total Space | 34.25 Gb Free Space | 32.33% Space Free | Partition Type: NTFS
Drive F: | 37.41 Gb Total Space | 4.78 Gb Free Space | 12.78% Space Free | Partition Type: NTFS
Drive G: | 37.11 Gb Total Space | 5.41 Gb Free Space | 14.56% Space Free | Partition Type: NTFS
Drive H: | 37.25 Gb Total Space | 0.25 Gb Free Space | 0.68% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive K: | 1.83 Gb Total Space | 0.35 Gb Free Space | 19.41% Space Free | Partition Type: FAT32
Computer Name: DRICK-PC
Current User Name: David
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/09/05 09:00:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\My Documents\Downloads\OTL.exe
PRC - [2010/07/23 10:06:53 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox2\firefox.exe
PRC - [2010/06/29 04:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/29 04:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/04/01 17:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2005/10/25 12
00 | 000,061,440 | ---- | M] (Vimicro) -- C:\WINDOWS\VM303_STI.EXE
PRC - [2004/08/04 20:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/09/05 09:00:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\My Documents\Downloads\OTL.exe
MOD - [2004/08/04 20:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/04 20:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/06/29 04:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/29 04:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/29 04:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2006/07/27 14:23:34 | 000,086,016 | ---- | M] (SigmaTel, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\Games\Garena\plugins\UI\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\David\LOCALS~1\Temp\NLV6D.tmp -- (GarenaPEngine)
DRV - [2010/09/01 13:51:08 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/07/20 14:27:24 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/07/09 13:18:54 | 000,020,328 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz134_x32.sys -- (cpuz134)
DRV - [2010/06/29 04:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/29 04:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/29 04:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/29 04:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/06/29 04:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/29 04:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006/07/27 14:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/07/21 14:12:16 | 001,095,968 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006/07/05 15:35:54 | 000,024,064 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2005/12/02 17:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005/10/27 14:34:06 | 000,390,849 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303)
DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = DAEMON-Search.com :: STARTPAGE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {a6fd85ed-e919-4a43-a5af-8da18bda539f}:1.0.7
FF - prefs.js..extensions.enabledItems: {636fd8b0-ce2b-4e00-b812-2afbe77ee899}:1.4.5
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.6
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox2\components [2010/09/01 13:41:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox2\plugins [2010/09/01 16:05:40 | 000,000,000 | ---D | M]
[2010/09/01 13:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Mozilla\Extensions
[2010/09/04 22:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\0n7emsyx.default\ext ensions
[2010/09/01 18:43:47 | 000,000,000 | ---D | M] (XPather) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\0n7emsyx.default\ext ensions\{636fd8b0-ce2b-4e00-b812-2afbe77ee899}
[2010/09/02 17:11:59 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\0n7emsyx.default\ext ensions\{64161300-e22b-11db-8314-0800200c9a66}
[2010/09/02 16:25:14 | 000,000,000 | ---D | M] (Selenium IDE) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\0n7emsyx.default\ext ensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}
O1 HOSTS File: ([2004/08/04 20:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE (Vimicro)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010/09/01 12:58:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/09 22:14:11 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/08/09 22:14:11 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/11/16 21:00:10 | 000,258,048 | ---- | M] () - F:\AutoClick.exe -- [ NTFS ]
O32 - AutoRun File - [2009/09/13 00:18:30 | 000,000,000 | R--D | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 21
26 | 000,000,000 | R--D | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/02/22 01:03:57 | 000,000,000 | R--D | M] - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/02/28 12:57:24 | 000,000,000 | -HSD | M] - K:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
-
continuation...CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 90 Days ==========
[2010/09/05 08:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Malwarebytes
[2010/09/05 08:45:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/05 08:45:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/05 08:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/05 08:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/03 21:22:45 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010/09/03 19:45:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\2K Sports
[2010/09/03 18:18:27 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/09/03 18:18:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/09/03 18:18:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/09/03 18:00:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/09/03 17:58:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/09/03 17:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/09/03 17:52:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/09/03 17:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Vtune
[2010/09/03 00:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\runic games
[2010/09/03 00:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\Runic Games
[2010/09/02 10:32:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\vlc
[2010/09/02 09:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Temp
[2010/09/02 09:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Google
[2010/09/02 09:06:14 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/09/02 08:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Yahoo!
[2010/09/02 08:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Yahoo
[2010/09/02 08:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/09/02 08:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/09/01 23:34:26 | 000,020,328 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz134_x32.sys
[2010/09/01 23:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010/09/01 22:45:34 | 000,000,000 | ---D | C] -- E:\My Documents\bak
[2010/09/01 22:19:31 | 000,032,768 | ---- | C] (Vimicro) -- C:\WINDOWS\VMZoom.exe
[2010/09/01 22:19:30 | 000,390,849 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\drivers\usbVM303.sys
[2010/09/01 22:19:30 | 000,270,421 | ---- | C] (Vimicro) -- C:\WINDOWS\System32\VM303Prp.Ax
[2010/09/01 22:19:30 | 000,102,400 | ---- | C] (www.zsmc.com.cn) -- C:\WINDOWS\VM303Cap.exe
[2010/09/01 22:19:30 | 000,081,920 | ---- | C] (VM) -- C:\WINDOWS\System32\VM303STI.dll
[2010/09/01 22:19:30 | 000,061,440 | ---- | C] (Vimicro) -- C:\WINDOWS\VM303_STI.EXE
[2010/09/01 22:19:30 | 000,053,248 | ---- | C] (VM) -- C:\WINDOWS\Sti303.exe
[2010/09/01 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Vimicro
[2010/09/01 22:19:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\EffectResources
[2010/09/01 22:19:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\CatRoot
[2010/09/01 20:49:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/09/01 20:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/09/01 20:49:12 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/09/01 20:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/09/01 20:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/09/01 20:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/09/01 20:48:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/09/01 20:48:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/09/01 20:48:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/09/01 20:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/09/01 20:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/09/01 20:48:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/09/01 20:48:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/09/01 20:48:25 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/09/01 20:48:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/09/01 20:48:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/09/01 20:48:04 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/09/01 20:39:54 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/09/01 20:39:54 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/09/01 20:39:54 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/09/01 20:39:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/09/01 16:34:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/09/01 16:07:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\GUI Design Studio
[2010/09/01 16:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/09/01 15:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/09/01 15:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/09/01 15:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/09/01 15:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Macromedia
[2010/09/01 15:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Adobe
[2010/09/01 15:52:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Adobe
[2010/09/01 15:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\WinRAR
[2010/09/01 15:49:47 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/01 15:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Desktop\Drick
[2010/09/01 15:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/09/01 15:48:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\skypePM
[2010/09/01 15:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Skype
[2010/09/01 15:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/09/01 15:47:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/09/01 15:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/09/01 15:46:54 | 000,000,000 | R--D | C] -- E:\My Documents\Copy of My Music
[2010/09/01 15:46:54 | 000,000,000 | ---D | C] -- E:\My Documents\Copy of Downloads2
[2010/09/01 15:27:08 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/01 15:27:08 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/01 15:27:07 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/01 15:27:06 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/01 15:27:05 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/01 15:27:05 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/01 15:27:05 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/09/01 15:26:57 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/01 15:26:57 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/09/01 15:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/09/01 15:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/01 14:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Desktop\pictures
[2010/09/01 13:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/09/01 13:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/09/01 13:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/09/01 13:57:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/09/01 13:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/09/01 13:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/09/01 13:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\DAEMON Tools Lite
[2010/09/01 13:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/09/01 13:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Mozilla
[2010/09/01 13:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Mozilla
[2010/09/01 13:23:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\David\UserData
[2010/09/01 13:16:12 | 000,041,728 | ---- | C] (Sonic Focus, Inc) -- C:\WINDOWS\System32\drivers\sfng32.sys
[2010/09/01 13:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/09/01 13:16:03 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/09/01 13:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/09/01 13:13:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/09/01 13:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010/09/01 13:09:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/09/01 13:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/09/01 13:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/09/01 13:06:56 | 000,000,000 | ---D | C] -- C:\TempEI4
[2010/09/01 13:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Identities
[2010/09/01 13:03:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/09/01 13:03:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\David\Application Data\Microsoft
[2010/09/01 13:03:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\David\Cookies
[2010/09/01 13:03:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\David\SendTo
[2010/09/01 13:03:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\David\Recent
[2010/09/01 13:03:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\David\Application Data
[2010/09/01 13:03:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\David\Start Menu
[2010/09/01 13:03:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\David\Favorites
[2010/09/01 13:03:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\David\Templates
[2010/09/01 13:03:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\David\PrintHood
[2010/09/01 13:03:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\David\NetHood
[2010/09/01 13:03:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\David\Local Settings
[2010/09/01 13:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\My Documents
[2010/09/01 13:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Microsoft
[2010/09/01 13:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Desktop
[2010/09/01 13:02:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/09/01 13:02:38 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/09/01 13:02:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/01 13:02:37 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/09/01 13:02:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/09/01 13:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/09/01 13:01:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/09/01 13:00:00 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/09/01 13:00:00 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/09/01 13:00:00 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/09/01 12:59:10 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/09/01 12:58:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/09/01 12:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/09/01 12:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/09/01 12:57:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/09/01 12:57:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/09/01 12:57:43 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/09/01 12:57:35 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/09/01 12:57:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/09/01 1250 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/09/01 1248 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/09/01 1247 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/09/01 1244 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/09/01 1243 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/09/01 1235 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/09/01 1228 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/09/01 1225 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/09/01 1223 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/09/01 1218 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/09/01 1216 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/09/01 1216 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/09/01 12:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/09/01 12:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/09/01 12:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/09/01 12:55:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/09/01 12:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/09/01 12:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/09/01 12:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/09/01 12:54:59 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/09/01 12:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/09/01 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/09/01 12:54:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/09/01 12:54:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/09/01 12:54:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/08/19 10:25:33 | 000,000,000 | ---D | C] -- E:\My Documents\NBA LIVE 08
[2010/08/07 19:04:24 | 000,000,000 | ---D | C] -- E:\My Documents\gegl-0.0
[2010/08/07 00:07:46 | 000,000,000 | ---D | C] -- E:\My Documents\My Games
[2010/08/06 20:24:28 | 000,000,000 | R--D | C] -- E:\My Documents\My Videos
[2010/08/05 10:05:07 | 000,000,000 | ---D | C] -- E:\My Documents\Downloads
[2010/08/05 09:45:46 | 000,000,000 | R--D | C] -- E:\My Documents\My Pictures
[2010/08/05 09:45:46 | 000,000,000 | R--D | C] -- E:\My Documents\My Music
[2010/08/05 09:45:46 | 000,000,000 | ---D | C] -- E:\My Documents\My eBooks
[2010/07/20 14:27:24 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
========== Files - Modified Within 90 Days ==========
[2010/09/05 09:18:35 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/05 09:18:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/05 09:17:45 | 001,835,008 | -H-- | M] () -- C:\Documents and Settings\David\NTUSER.DAT
[2010/09/05 09:17:22 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\David\ntuser.ini
[2010/09/05 09:07:23 | 000,093,261 | ---- | M] () -- C:\Documents and Settings\David\Desktop\GMER error.JPG
[2010/09/05 08:45:55 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/05 05:17:45 | 004,272,230 | -H-- | M] () -- C:\Documents and Settings\David\Local Settings\Application Data\IconCache.db
[2010/09/05 05:13:51 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003UA.job
[2010/09/05 03:37:40 | 000,000,396 | ---- | M] () -- E:\My Documents\nba2k10.CT
[2010/09/04 11:33:26 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/09/03 21:22:46 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Cheat Engine.lnk
[2010/09/03 19:41:32 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\NBA 2K10.lnk
[2010/09/03 18:43:23 | 000,000,751 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/03 18:43:23 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/03 18:43:23 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/09/03 1843 | 000,469,370 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/03 1843 | 000,401,394 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/03 1843 | 000,062,548 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/03 17:58:45 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/09/03 17:58:45 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/03 17:58:43 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/09/03 17:58:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/09/03 09:11:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003Core.job
[2010/09/02 1926 | 000,001,186 | -H-- | M] () -- E:\My Documents\Default.rdp
[2010/09/02 1024 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/09/02 10:02:59 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to wvs.lnk
[2010/09/02 09:10:27 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Google Talk.lnk
[2010/09/02 08:31:04 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/09/02 08:31:04 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/09/01 23:34:27 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2010/09/01 22:47:40 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Garena.lnk
[2010/09/01 22:19:30 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HAmcap.lnk
[2010/09/01 22:19:30 | 000,000,355 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zoom.lnk
[2010/09/01 16:38:45 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZenLar.lnk
[2010/09/01 16:31:21 | 000,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/01 16:07:44 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\GUI Design Viewer.lnk
[2010/09/01 16:05:40 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/09/01 15:48:30 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/09/01 15:27:08 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/09/01 15:27:05 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/01 15:19:13 | 000,020,368 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/01 13:58:06 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/09/01 13:51:08 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/09/01 13:41:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/09/01 13:41:38 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/01 13:41:38 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/09/01 13:23:12 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\bayandsl.lnk
[2010/09/01 13:16:31 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/01 13:03:37 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/01 13:03:37 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/01 13:03:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/01 13:01:32 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/01 13:00:24 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/01 12:58:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/09/01 12:58:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/01 12:58:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/09/01 12:58:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/09/01 12:58:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/09/01 12:58:31 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/01 12:58:31 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/01 12:58:31 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/01 12:58:22 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/09/01 12:57:43 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/01 12:57:43 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/01 12:55:59 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/01 12:55:49 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/09/01 12:55:49 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/08/13 10:24:39 | 000,000,099 | ---- | M] () -- E:\My Documents\DungeonSiege2.CT
[2010/07/20 14:27:24 | 002,195,030 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010/07/20 14:27:24 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/07/20 14:27:24 | 000,007,959 | R--- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/07/09 13:18:54 | 000,020,328 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz134_x32.sys
[2010/06/29 04:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/06/29 04:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/29 04:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/29 04:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/29 04:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/29 04:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/29 04:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/29 04:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/29 04:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
========== Files Created - No Company Name ==========
[2010/09/05 09:07:23 | 000,093,261 | ---- | C] () -- C:\Documents and Settings\David\Desktop\GMER error.JPG
[2010/09/05 08:45:55 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/03 22:32:44 | 000,000,396 | ---- | C] () -- E:\My Documents\nba2k10.CT
[2010/09/03 21:22:46 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Cheat Engine.lnk
[2010/09/03 21:22:45 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/09/03 19:41:32 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\NBA 2K10.lnk
[2010/09/03 17:58:45 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/09/03 17:58:43 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/09/03 17:58:43 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/03 17:58:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/09/03 17:58:37 | 000,007,959 | R--- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/09/02 1024 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/09/02 10:02:59 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to wvs.lnk
[2010/09/02 09:10:27 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Google Talk.lnk
[2010/09/02 09:06:51 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003UA.job
[2010/09/02 09:06:50 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003Core.job
[2010/09/02 08:31:04 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/09/02 08:31:04 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/09/01 23:34:27 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2010/09/01 22:47:40 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Garena.lnk
[2010/09/01 22:19:30 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll
[2010/09/01 22:19:30 | 000,003,930 | ---- | C] () -- C:\WINDOWS\vm303.mid
[2010/09/01 22:19:30 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HAmcap.lnk
[2010/09/01 22:19:30 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Zoom.lnk
[2010/09/01 20:49:18 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/09/01 20:49:13 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/09/01 20:49:13 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/09/01 20:49:13 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/09/01 20:49:12 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/09/01 20:49:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/09/01 20:49:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/09/01 20:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/09/01 20:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/09/01 20:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/09/01 20:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/09/01 20:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/09/01 20:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/09/01 20:49:00 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/09/01 20:49:00 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/09/01 20:48:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/09/01 20:48:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/09/01 20:48:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/09/01 20:48:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/09/01 20:48:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/09/01 20:48:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/09/01 20:48:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/09/01 20:48:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/09/01 20:48:56 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/09/01 20:48:56 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/09/01 20:48:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/09/01 20:48:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/09/01 20:48:49 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/09/01 20:48:41 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/09/01 20:48:41 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/09/01 20:48:41 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/09/01 20:48:41 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/09/01 20:48:41 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/09/01 20:48:41 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/09/01 20:48:41 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/09/01 20:48:41 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/09/01 20:48:41 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/09/01 20:48:41 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/09/01 20:48:41 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/09/01 20:48:41 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/09/01 20:48:41 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/09/01 20:48:41 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/09/01 20:48:41 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/09/01 20:48:41 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/09/01 20:48:40 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/09/01 20:48:40 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/09/01 20:48:40 | 000,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/09/01 20:48:04 | 000,118,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/01 20:46:50 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/09/01 20:46:47 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/01 20:05:18 | 000,001,186 | -H-- | C] () -- E:\My Documents\Default.rdp
[2010/09/01 16:38:45 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZenLar.lnk
[2010/09/01 16:07:44 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\GUI Design Viewer.lnk
[2010/09/01 16:05:40 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/09/01 15:48:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/09/01 15:47:08 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/09/01 15:27:08 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/09/01 13:58:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/09/01 13:51:08 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/09/01 13:41:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/09/01 13:41:38 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/01 13:41:38 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/09/01 13:23:12 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\bayandsl.lnk
[2010/09/01 13:18:58 | 000,001,904 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2010/09/01 13:18:55 | 000,005,242 | R--- | C] () -- C:\WINDOWS\System32\e100b325.din
[2010/09/01 13:14:33 | 000,524,850 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2010/09/01 13:14:33 | 000,348,880 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2010/09/01 13:14:33 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll
[2010/09/01 13:14:33 | 000,058,704 | R--- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2010/09/01 13:14:33 | 000,022,160 | R--- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2010/09/01 13:14:33 | 000,000,929 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2010/09/01 13:13:34 | 000,121,232 | R--- | C] () -- C:\WINDOWS\System32\IScrNBR.bmp
[2010/09/01 13:13:33 | 000,121,232 | R--- | C] () -- C:\WINDOWS\System32\IScrNB.bmp
[2010/09/01 13:03:37 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/01 13:03:29 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/01 13:03:24 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\David\ntuser.dat.LOG
[2010/09/01 13:03:24 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\David\ntuser.ini
[2010/09/01 13:03:23 | 001,835,008 | -H-- | C] () -- C:\Documents and Settings\David\NTUSER.DAT
[2010/09/01 13:01:32 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/01 13:00:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/09/01 13:00:17 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/09/01 12:59:56 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/09/01 12:59:56 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/09/01 12:59:55 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/09/01 12:59:45 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/09/01 12:59:44 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/09/01 12:59:39 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/09/01 12:59:38 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/09/01 12:59:37 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/09/01 12:59:26 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/09/01 12:59:22 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/09/01 12:59:19 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/09/01 12:59:11 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/09/01 12:59:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/09/01 12:59:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/09/01 12:59:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/09/01 12:59:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/09/01 12:59:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/09/01 12:59:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/09/01 12:59:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/09/01 12:59:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/09/01 12:59:08 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/09/01 12:59:08 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/09/01 12:59:08 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/09/01 12:59:07 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/09/01 12:59:07 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/09/01 12:59:07 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/09/01 12:59:07 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/09/01 12:59:07 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/09/01 12:59:06 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/09/01 12:59:06 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/09/01 12:59:05 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/09/01 12:59:05 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/09/01 12:59:05 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/09/01 12:59:05 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/09/01 12:59:05 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/09/01 12:59:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/09/01 12:59:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/09/01 12:59:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/09/01 12:59:04 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/09/01 12:58:34 | 000,002,626 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/01 12:58:34 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/09/01 12:58:34 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/09/01 12:58:34 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/09/01 12:58:34 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/09/01 12:58:31 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/01 12:58:31 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/01 12:58:30 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/01 12:57:43 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/01 12:57:43 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/01 12:57:24 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/09/01 12:57:00 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/09/01 12:57:00 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/09/01 1253 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/09/01 1241 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/09/01 1230 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/09/01 12:55:59 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/01 12:55:17 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/09/01 12:55:17 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/09/01 12:55:17 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/09/01 12:55:17 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/09/01 12:55:17 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/09/01 12:55:17 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/09/01 12:55:17 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/09/01 12:55:17 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/09/01 12:55:17 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/09/01 12:55:17 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/09/01 12:55:17 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/09/01 12:55:16 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/09/01 12:55:16 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/09/01 12:55:16 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/09/01 12:55:16 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/09/01 12:55:16 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/09/01 12:55:16 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/09/01 12:55:16 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/09/01 12:55:16 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/09/01 12:55:15 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/09/01 12:55:15 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/09/01 12:55:14 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/09/01 12:55:08 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/08/13 07:24:52 | 000,000,099 | ---- | C] () -- E:\My Documents\DungeonSiege2.CT
[2010/07/20 14:27:24 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2004/08/04 20:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 20:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
-
continuation...
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 90 Days ==========
[2010/09/05 08:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Malwarebytes
[2010/09/05 08:45:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/05 08:45:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/05 08:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/05 08:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/03 21:22:45 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010/09/03 19:45:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\2K Sports
[2010/09/03 18:18:27 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/09/03 18:18:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/09/03 18:18:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/09/03 18:00:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/09/03 17:58:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/09/03 17:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/09/03 17:52:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/09/03 17:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Vtune
[2010/09/03 00:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\runic games
[2010/09/03 00:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\Runic Games
[2010/09/02 10:32:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\vlc
[2010/09/02 09:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Temp
[2010/09/02 09:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Google
[2010/09/02 09:06:14 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/09/02 08:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Yahoo!
[2010/09/02 08:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Yahoo
[2010/09/02 08:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/09/02 08:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/09/01 23:34:26 | 000,020,328 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz134_x32.sys
[2010/09/01 23:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010/09/01 22:45:34 | 000,000,000 | ---D | C] -- E:\My Documents\bak
[2010/09/01 22:19:31 | 000,032,768 | ---- | C] (Vimicro) -- C:\WINDOWS\VMZoom.exe
[2010/09/01 22:19:30 | 000,390,849 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\drivers\usbVM303.sys
[2010/09/01 22:19:30 | 000,270,421 | ---- | C] (Vimicro) -- C:\WINDOWS\System32\VM303Prp.Ax
[2010/09/01 22:19:30 | 000,102,400 | ---- | C] (www.zsmc.com.cn) -- C:\WINDOWS\VM303Cap.exe
[2010/09/01 22:19:30 | 000,081,920 | ---- | C] (VM) -- C:\WINDOWS\System32\VM303STI.dll
[2010/09/01 22:19:30 | 000,061,440 | ---- | C] (Vimicro) -- C:\WINDOWS\VM303_STI.EXE
[2010/09/01 22:19:30 | 000,053,248 | ---- | C] (VM) -- C:\WINDOWS\Sti303.exe
[2010/09/01 22:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Vimicro
[2010/09/01 22:19:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\EffectResources
[2010/09/01 22:19:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\CatRoot
[2010/09/01 20:49:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/09/01 20:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/09/01 20:49:12 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/09/01 20:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/09/01 20:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/09/01 20:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/09/01 20:48:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/09/01 20:48:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/09/01 20:48:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/09/01 20:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/09/01 20:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/09/01 20:48:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/09/01 20:48:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/09/01 20:48:25 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/09/01 20:48:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/09/01 20:48:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/09/01 20:48:04 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/09/01 20:39:54 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/09/01 20:39:54 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/09/01 20:39:54 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/09/01 20:39:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/09/01 20:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/09/01 16:34:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/09/01 16:07:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\GUI Design Studio
[2010/09/01 16:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/09/01 15:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/09/01 15:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/09/01 15:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/09/01 15:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Macromedia
[2010/09/01 15:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Adobe
[2010/09/01 15:52:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Adobe
[2010/09/01 15:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\WinRAR
[2010/09/01 15:49:47 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/01 15:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Desktop\Drick
[2010/09/01 15:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/09/01 15:48:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\skypePM
[2010/09/01 15:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Skype
[2010/09/01 15:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/09/01 15:47:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/09/01 15:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/09/01 15:46:54 | 000,000,000 | R--D | C] -- E:\My Documents\Copy of My Music
[2010/09/01 15:46:54 | 000,000,000 | ---D | C] -- E:\My Documents\Copy of Downloads2
[2010/09/01 15:27:08 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/01 15:27:08 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/01 15:27:07 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/01 15:27:06 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/01 15:27:05 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/01 15:27:05 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/01 15:27:05 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/09/01 15:26:57 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/01 15:26:57 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/09/01 15:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/09/01 15:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/01 14:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Desktop\pictures
[2010/09/01 13:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/09/01 13:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/09/01 13:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/09/01 13:57:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/09/01 13:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/09/01 13:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/09/01 13:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\DAEMON Tools Lite
[2010/09/01 13:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/09/01 13:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Mozilla
[2010/09/01 13:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Mozilla
[2010/09/01 13:23:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\David\UserData
[2010/09/01 13:16:12 | 000,041,728 | ---- | C] (Sonic Focus, Inc) -- C:\WINDOWS\System32\drivers\sfng32.sys
[2010/09/01 13:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/09/01 13:16:03 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/09/01 13:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/09/01 13:13:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/09/01 13:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010/09/01 13:09:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/09/01 13:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/09/01 13:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/09/01 13:06:56 | 000,000,000 | ---D | C] -- C:\TempEI4
[2010/09/01 13:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Identities
[2010/09/01 13:03:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/09/01 13:03:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\David\Application Data\Microsoft
[2010/09/01 13:03:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\David\Cookies
[2010/09/01 13:03:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\David\SendTo
[2010/09/01 13:03:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\David\Recent
[2010/09/01 13:03:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\David\Application Data
[2010/09/01 13:03:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\David\Start Menu
[2010/09/01 13:03:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\David\Favorites
[2010/09/01 13:03:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\David\Templates
[2010/09/01 13:03:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\David\PrintHood
[2010/09/01 13:03:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\David\NetHood
[2010/09/01 13:03:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\David\Local Settings
[2010/09/01 13:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\My Documents
[2010/09/01 13:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\Microsoft
[2010/09/01 13:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Desktop
[2010/09/01 13:02:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/09/01 13:02:38 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/09/01 13:02:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/01 13:02:37 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/09/01 13:02:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/09/01 13:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/09/01 13:01:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/09/01 13:00:00 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/09/01 13:00:00 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/09/01 13:00:00 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/09/01 12:59:10 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/09/01 12:58:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/09/01 12:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/09/01 12:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/09/01 12:57:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/09/01 12:57:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/09/01 12:57:43 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/09/01 12:57:35 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/09/01 12:57:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/09/01 1250 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/09/01 1248 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/09/01 1247 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/09/01 1244 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/09/01 1243 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/09/01 1235 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/09/01 1228 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/09/01 1225 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/09/01 1223 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/09/01 1218 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/09/01 1216 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/09/01 1216 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/09/01 12:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/09/01 12:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/09/01 12:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/09/01 12:55:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/09/01 12:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/09/01 12:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/09/01 12:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/09/01 12:54:59 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/09/01 12:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/09/01 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/09/01 12:54:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/09/01 12:54:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/09/01 12:54:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/08/19 10:25:33 | 000,000,000 | ---D | C] -- E:\My Documents\NBA LIVE 08
[2010/08/07 19:04:24 | 000,000,000 | ---D | C] -- E:\My Documents\gegl-0.0
[2010/08/07 00:07:46 | 000,000,000 | ---D | C] -- E:\My Documents\My Games
[2010/08/06 20:24:28 | 000,000,000 | R--D | C] -- E:\My Documents\My Videos
[2010/08/05 10:05:07 | 000,000,000 | ---D | C] -- E:\My Documents\Downloads
[2010/08/05 09:45:46 | 000,000,000 | R--D | C] -- E:\My Documents\My Pictures
[2010/08/05 09:45:46 | 000,000,000 | R--D | C] -- E:\My Documents\My Music
[2010/08/05 09:45:46 | 000,000,000 | ---D | C] -- E:\My Documents\My eBooks
[2010/07/20 14:27:24 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
========== Files - Modified Within 90 Days ==========
[2010/09/05 09:18:35 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/05 09:18:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/05 09:17:45 | 001,835,008 | -H-- | M] () -- C:\Documents and Settings\David\NTUSER.DAT
[2010/09/05 09:17:22 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\David\ntuser.ini
[2010/09/05 09:07:23 | 000,093,261 | ---- | M] () -- C:\Documents and Settings\David\Desktop\GMER error.JPG
[2010/09/05 08:45:55 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/05 05:17:45 | 004,272,230 | -H-- | M] () -- C:\Documents and Settings\David\Local Settings\Application Data\IconCache.db
[2010/09/05 05:13:51 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003UA.job
[2010/09/05 03:37:40 | 000,000,396 | ---- | M] () -- E:\My Documents\nba2k10.CT
[2010/09/04 11:33:26 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/09/03 21:22:46 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Cheat Engine.lnk
[2010/09/03 19:41:32 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\NBA 2K10.lnk
[2010/09/03 18:43:23 | 000,000,751 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/03 18:43:23 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/03 18:43:23 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/09/03 1843 | 000,469,370 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/03 1843 | 000,401,394 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/03 1843 | 000,062,548 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/03 17:58:45 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/09/03 17:58:45 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/03 17:58:43 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/09/03 17:58:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/09/03 09:11:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003Core.job
[2010/09/02 1926 | 000,001,186 | -H-- | M] () -- E:\My Documents\Default.rdp
[2010/09/02 1024 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/09/02 10:02:59 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to wvs.lnk
[2010/09/02 09:10:27 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Google Talk.lnk
[2010/09/02 08:31:04 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/09/02 08:31:04 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/09/01 23:34:27 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2010/09/01 22:47:40 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Garena.lnk
[2010/09/01 22:19:30 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HAmcap.lnk
[2010/09/01 22:19:30 | 000,000,355 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zoom.lnk
[2010/09/01 16:38:45 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZenLar.lnk
[2010/09/01 16:31:21 | 000,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/01 16:07:44 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\GUI Design Viewer.lnk
[2010/09/01 16:05:40 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/09/01 15:48:30 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/09/01 15:27:08 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/09/01 15:27:05 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/01 15:19:13 | 000,020,368 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/01 13:58:06 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/09/01 13:51:08 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/09/01 13:41:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/09/01 13:41:38 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/01 13:41:38 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/09/01 13:23:12 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\bayandsl.lnk
[2010/09/01 13:16:31 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/01 13:03:37 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/01 13:03:37 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/01 13:03:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/01 13:01:32 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/01 13:00:24 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/01 12:58:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/09/01 12:58:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/01 12:58:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/09/01 12:58:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/09/01 12:58:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/09/01 12:58:31 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/01 12:58:31 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/01 12:58:31 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/01 12:58:22 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/09/01 12:57:43 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/01 12:57:43 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/01 12:55:59 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/01 12:55:49 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/09/01 12:55:49 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/08/13 10:24:39 | 000,000,099 | ---- | M] () -- E:\My Documents\DungeonSiege2.CT
[2010/07/20 14:27:24 | 002,195,030 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010/07/20 14:27:24 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/07/20 14:27:24 | 000,007,959 | R--- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/07/09 13:18:54 | 000,020,328 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz134_x32.sys
[2010/06/29 04:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/06/29 04:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/29 04:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/29 04:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/29 04:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/29 04:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/29 04:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/29 04:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/29 04:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[color=#E56717]========== Files Created - No
-
continuation...
[2010/09/05 09:07:23 | 000,093,261 | ---- | C] () -- C:\Documents and Settings\David\Desktop\GMER error.JPG
[2010/09/05 08:45:55 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/03 22:32:44 | 000,000,396 | ---- | C] () -- E:\My Documents\nba2k10.CT
[2010/09/03 21:22:46 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Cheat Engine.lnk
[2010/09/03 21:22:45 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/09/03 19:41:32 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\NBA 2K10.lnk
[2010/09/03 17:58:45 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/09/03 17:58:43 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/09/03 17:58:43 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/03 17:58:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/09/03 17:58:37 | 000,007,959 | R--- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/09/02 1024 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/09/02 10:02:59 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to wvs.lnk
[2010/09/02 09:10:27 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Google Talk.lnk
[2010/09/02 09:06:51 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003UA.job
[2010/09/02 09:06:50 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003Core.job
[2010/09/02 08:31:04 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/09/02 08:31:04 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/09/01 23:34:27 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2010/09/01 22:47:40 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Garena.lnk
[2010/09/01 22:19:30 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll
[2010/09/01 22:19:30 | 000,003,930 | ---- | C] () -- C:\WINDOWS\vm303.mid
[2010/09/01 22:19:30 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HAmcap.lnk
[2010/09/01 22:19:30 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Zoom.lnk
[2010/09/01 20:49:18 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/09/01 20:49:13 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/09/01 20:49:13 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/09/01 20:49:13 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/09/01 20:49:12 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/09/01 20:49:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/09/01 20:49:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/09/01 20:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/09/01 20:49:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/09/01 20:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/09/01 20:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/09/01 20:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/09/01 20:49:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/09/01 20:49:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/09/01 20:49:00 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/09/01 20:49:00 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/09/01 20:49:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/09/01 20:48:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/09/01 20:48:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/09/01 20:48:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/09/01 20:48:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/09/01 20:48:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/09/01 20:48:58 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/09/01 20:48:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/09/01 20:48:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/09/01 20:48:56 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/09/01 20:48:56 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/09/01 20:48:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/09/01 20:48:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/09/01 20:48:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/09/01 20:48:49 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/09/01 20:48:41 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/09/01 20:48:41 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/09/01 20:48:41 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/09/01 20:48:41 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/09/01 20:48:41 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/09/01 20:48:41 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/09/01 20:48:41 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/09/01 20:48:41 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/09/01 20:48:41 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/09/01 20:48:41 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/09/01 20:48:41 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/09/01 20:48:41 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/09/01 20:48:41 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/09/01 20:48:41 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/09/01 20:48:41 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/09/01 20:48:41 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/09/01 20:48:40 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/09/01 20:48:40 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/09/01 20:48:40 | 000,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/09/01 20:48:04 | 000,118,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/01 20:46:50 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/09/01 20:46:47 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/01 20:05:18 | 000,001,186 | -H-- | C] () -- E:\My Documents\Default.rdp
[2010/09/01 16:38:45 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZenLar.lnk
[2010/09/01 16:07:44 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\GUI Design Viewer.lnk
[2010/09/01 16:05:40 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/09/01 15:48:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/09/01 15:47:08 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/09/01 15:27:08 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/09/01 13:58:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/09/01 13:51:08 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/09/01 13:41:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/09/01 13:41:38 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/01 13:41:38 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/09/01 13:23:12 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\bayandsl.lnk
[2010/09/01 13:18:58 | 000,001,904 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2010/09/01 13:18:55 | 000,005,242 | R--- | C] () -- C:\WINDOWS\System32\e100b325.din
[2010/09/01 13:14:33 | 000,524,850 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2010/09/01 13:14:33 | 000,348,880 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2010/09/01 13:14:33 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll
[2010/09/01 13:14:33 | 000,058,704 | R--- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2010/09/01 13:14:33 | 000,022,160 | R--- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2010/09/01 13:14:33 | 000,000,929 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2010/09/01 13:13:34 | 000,121,232 | R--- | C] () -- C:\WINDOWS\System32\IScrNBR.bmp
[2010/09/01 13:13:33 | 000,121,232 | R--- | C] () -- C:\WINDOWS\System32\IScrNB.bmp
[2010/09/01 13:03:37 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/01 13:03:29 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/01 13:03:24 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\David\ntuser.dat.LOG
[2010/09/01 13:03:24 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\David\ntuser.ini
[2010/09/01 13:03:23 | 001,835,008 | -H-- | C] () -- C:\Documents and Settings\David\NTUSER.DAT
[2010/09/01 13:01:32 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/01 13:00:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/09/01 13:00:17 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/09/01 12:59:56 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/09/01 12:59:56 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/09/01 12:59:55 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/09/01 12:59:45 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/09/01 12:59:44 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/09/01 12:59:39 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/09/01 12:59:38 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/09/01 12:59:37 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/09/01 12:59:26 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/09/01 12:59:22 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/09/01 12:59:19 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/09/01 12:59:11 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/09/01 12:59:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/09/01 12:59:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/09/01 12:59:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/09/01 12:59:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/09/01 12:59:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/09/01 12:59:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/09/01 12:59:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/09/01 12:59:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/09/01 12:59:08 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/09/01 12:59:08 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/09/01 12:59:08 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/09/01 12:59:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/09/01 12:59:07 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/09/01 12:59:07 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/09/01 12:59:07 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/09/01 12:59:07 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/09/01 12:59:07 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/09/01 12:59:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/09/01 12:59:06 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/09/01 12:59:06 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/09/01 12:59:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/09/01 12:59:05 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/09/01 12:59:05 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/09/01 12:59:05 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/09/01 12:59:05 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/09/01 12:59:05 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/09/01 12:59:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/09/01 12:59:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/09/01 12:59:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/09/01 12:59:04 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/09/01 12:58:34 | 000,002,626 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/01 12:58:34 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/09/01 12:58:34 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/09/01 12:58:34 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/09/01 12:58:34 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/09/01 12:58:31 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/01 12:58:31 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/01 12:58:30 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/01 12:57:43 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/01 12:57:43 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/01 12:57:39 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/01 12:57:24 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/09/01 12:57:00 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/09/01 12:57:00 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/09/01 1253 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/09/01 1241 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/09/01 1230 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/09/01 12:55:59 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/01 12:55:17 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/09/01 12:55:17 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/09/01 12:55:17 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/09/01 12:55:17 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/09/01 12:55:17 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/09/01 12:55:17 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/09/01 12:55:17 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/09/01 12:55:17 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/09/01 12:55:17 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/09/01 12:55:17 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/09/01 12:55:17 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/09/01 12:55:16 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/09/01 12:55:16 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/09/01 12:55:16 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/09/01 12:55:16 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/09/01 12:55:16 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/09/01 12:55:16 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/09/01 12:55:16 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/09/01 12:55:16 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/09/01 12:55:15 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/09/01 12:55:15 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/09/01 12:55:14 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/09/01 12:55:08 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/08/13 07:24:52 | 000,000,099 | ---- | C] () -- E:\My Documents\DungeonSiege2.CT
[2010/07/20 14:27:24 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2004/08/04 20:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 20:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
========== LOP Check ==========
[2010/09/01 15:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/01 13:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/09/03 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\2K Sports
[2010/09/01 13:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\DAEMON Tools Lite
[2010/09/03 00:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\runic games
========== Purity Check ==========
========== Custom Scans ==========
-
< %SYSTEMDRIVE%\*.* >
[2010/09/01 12:58:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/09/03 18:43:23 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/09/01 12:58:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/09/01 12:58:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/01 12:58:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 20:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 20:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/09/05 09:18:27 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/09/01 13:16:51 | 000,000,172 | ---- | M] () -- C:\Sigmatel.log
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2003/06/18 17:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.d ll
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
< %systemroot%\Fonts\*.dll >
< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010/09/01 20:46:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/09/01 20:46:49 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/09/01 20:46:49 | 000,905,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >
[2004/08/04 20:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=C72661F8552ACE7C5C85E16A3CF505C4 -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2004/08/04 20:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2004/08/04 20:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9BEACB911CA61E5881102188AB7FB431 -- C:\WINDOWS\system32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >
----------------------
OTL 2nd log (extras)
OTL Extras logfile created on: 9/5/2010 9:14:05 AM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = E:\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 83.00% Memory free
8.00 Gb Paging File | 8.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.29 Gb Total Space | 22.76 Gb Free Space | 77.70% Space Free | Partition Type: NTFS
Drive D: | 97.65 Gb Total Space | 94.57 Gb Free Space | 96.84% Space Free | Partition Type: NTFS
Drive E: | 105.93 Gb Total Space | 34.25 Gb Free Space | 32.33% Space Free | Partition Type: NTFS
Drive F: | 37.41 Gb Total Space | 4.78 Gb Free Space | 12.78% Space Free | Partition Type: NTFS
Drive G: | 37.11 Gb Total Space | 5.41 Gb Free Space | 14.56% Space Free | Partition Type: NTFS
Drive H: | 37.25 Gb Total Space | 0.25 Gb Free Space | 0.68% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive K: | 1.83 Gb Total Space | 0.35 Gb Free Space | 19.41% Space Free | Partition Type: FAT32
Computer Name: DRICK-PC
Current User Name: David
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox2\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet
isabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNetisabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"E:\Games\Garena\Garena.exe" = E:\Games\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"D:\Program Files\Yahoo\Messenger\YahooMessenger.exe" = D:\Program Files\Yahoo\Messenger\YahooMessenger.exe:*:Enabled :Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Documents and Settings\David\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\David\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"E:\Games\Nba2k10\nba2k10.exe" = E:\Games\Nba2k10\nba2k10.exe:*:Enabled:2K Sports NBA 2K10 -- (2K Sports)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{0A9C9BD5-8588-40D4-8A1A-860E3D2ED6EE}" = NBA 2K10
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{26B878A8-5704-3B64-BDBC-4F0EACA38121}" = Google Talk Plugin
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9628389F-8CDE-4D3E-9E06-27CC780E0A6E}" = Intel(R) PRO Network Connections
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE3B8E96-B0AF-4871-9178-1519B58E3A93}" = A4 TECH USB PC Camera H
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"Garena" = Garena 2010
"GUI Design Viewer_is1" = GUI Design Viewer 4.1.109.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MySSID_is1" = Vtune 7.11
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Runic Games Torchlight" = Torchlight
"VLC media player" = VLC media player 1.1.4
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9/4/2010 3:11:05 PM | Computer Name = DRICK-PC | Source = Google Update | ID = 20
Description =
Error - 9/4/2010 4:14:14 PM | Computer Name = DRICK-PC | Source = Google Update | ID = 20
Description =
Error - 9/4/2010 5:10:05 PM | Computer Name = DRICK-PC | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.
Error - 9/4/2010 5:15:39 PM | Computer Name = DRICK-PC | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.
Error - 9/4/2010 5:15:55 PM | Computer Name = DRICK-PC | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.
Error - 9/4/2010 5:16:02 PM | Computer Name = DRICK-PC | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.
Error - 9/4/2010 5:16:35 PM | Computer Name = DRICK-PC | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.
Error - 9/4/2010 8:41:40 PM | Computer Name = DRICK-PC | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.
Error - 9/4/2010 9:04:48 PM | Computer Name = DRICK-PC | Source = Application Error | ID = 1000
Description = Faulting application jpw9htfj.exe, version 1.0.15.15281, faulting
module jpw9htfj.exe, version 1.0.15.15281, fault address 0x0005c887.
Error - 9/4/2010 9:05:12 PM | Computer Name = DRICK-PC | Source = Application Error | ID = 1000
Description = Faulting application jpw9htfj.exe, version 1.0.15.15281, faulting
module jpw9htfj.exe, version 1.0.15.15281, fault address 0x0005c887.
[ System Events ]
Error - 9/4/2010 5:11:51 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7034
Description = The System Restore Service service terminated unexpectedly. It has
done this 1 time(s).
Error - 9/4/2010 5:11:51 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7034
Description = The Telephony service terminated unexpectedly. It has done this 1
time(s).
Error - 9/4/2010 5:11:51 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7031
Description = The Themes service terminated unexpectedly. It has done this 1 time(s).
The following corrective action will be taken in 60000 milliseconds: Restart the
service.
Error - 9/4/2010 5:11:51 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7034
Description = The Distributed Link Tracking Client service terminated unexpectedly.
It has done this 1 time(s).
Error - 9/4/2010 5:11:51 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7034
Description = The Windows Time service terminated unexpectedly. It has done this
1 time(s).
Error - 9/4/2010 5:11:51 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Management Instrumentation service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
60000 milliseconds: Restart the service.
Error - 9/4/2010 5:11:51 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7034
Description = The Wireless Zero Configuration service terminated unexpectedly.
It has done this 1 time(s).
Error - 9/4/2010 5:14:29 PM | Computer Name = DRICK-PC | Source = DCOM | ID = 10010
Description = The server {B2B3C70A-B20F-40B7-90C5-EA7E946C16E0} did not register
with DCOM within the required timeout.
Error - 9/4/2010 9:01:06 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 9/4/2010 9:01:06 PM | Computer Name = DRICK-PC | Source = Service Control Manager | ID = 7034
Description = The Windows Image Acquisition (WIA) service terminated unexpectedly.
It has done this 1 time(s).
< End of report >
Thanks,
David
-
Please download ComboFix from Here or Here to your Desktop.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
- Please, never rename Combofix unless instructed.
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
NOTE. If Combofix asks you to install Recovery Console, please allow it.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
- Double click on combofix.exe & follow the prompts.
- When finished, it will produce a report for you.
- Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
Make sure, you re-enable your security programs, when you're done with Combofix.
DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
-
Here is the ComboFix log file....
I can't install the recovery console cause I can't connect to the internet. I'm using my laptop right now btw.
ComboFix 10-09-04.06 - David 09/05/2010 21:46:15.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1670 [GMT 8:00]
Running from: c:\documents and settings\David\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\install.exe
.
((((((((((((((((((((((((( Files Created from 2010-08-05 to 2010-09-05 )))))))))))))))))))))))))))))))
.
2010-09-05 00:46 . 2010-09-05 00:46 -------- d-----w- c:\documents and settings\David\Application Data\Malwarebytes
2010-09-05 00:45 . 2010-04-29 07:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-05 00:45 . 2010-09-05 00:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-05 00:45 . 2010-09-05 00:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-09-05 00:45 . 2010-04-29 07:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-05 00:42 . 2004-08-03 15:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-09-03 13:22 . 2009-11-03 06:07 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-09-03 13:22 . 2009-11-03 06:07 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-09-03 11:45 . 2010-09-03 11:45 -------- d-----w- c:\documents and settings\David\Application Data\2K Sports
2010-09-03 10:49 . 2001-08-17 05:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-09-03 10:49 . 2001-08-17 05:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-09-03 10:49 . 2001-08-17 06:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-09-03 10:49 . 2001-08-17 06:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-09-03 10:18 . 2010-09-03 10:18 -------- d-----w- c:\windows\system32\URTTemp
2010-09-03 09:58 . 2010-09-03 09:58 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-09-03 09:58 . 2010-09-03 09:58 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-09-03 09:58 . 2010-09-03 09:58 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-09-03 09:58 . 2010-09-03 09:58 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-09-03 09:57 . 2010-09-03 10:00 -------- d-----w- c:\program files\NVIDIA Corporation
2010-09-03 09:54 . 2007-03-15 08:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2010-09-03 09:52 . 2010-09-03 09:52 -------- d-----w- c:\windows\Logs
2010-09-03 09:52 . 2007-03-16 02:11 12256 ----a-w- c:\windows\system32\drivers\TBPanel.sys
2010-09-03 09:52 . 2010-09-03 09:52 -------- d-----w- c:\program files\Vtune
2010-09-02 16:51 . 2010-09-02 16:51 -------- d-----w- c:\documents and settings\David\Application Data\runic games
2010-09-02 16:48 . 2010-09-02 16:48 -------- d-----w- c:\program files\Runic Games
2010-09-02 02:32 . 2010-09-02 02:49 -------- d-----w- c:\documents and settings\David\Application Data\vlc
2010-09-02 01:06 . 2010-09-02 01:07 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\Temp
2010-09-02 01:06 . 2010-09-02 01:07 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\Google
2010-09-02 01:06 . 2010-09-02 01:06 -------- d-----w- c:\program files\Google
2010-09-02 00:31 . 2010-09-02 00:31 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\Yahoo
2010-09-02 00:31 . 2010-09-02 00:31 -------- d-----w- c:\documents and settings\David\Application Data\Yahoo!
2010-09-02 00:31 . 2010-09-02 00:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-09-02 00:31 . 2010-04-20 08:45 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-09-02 00:26 . 2010-09-02 00:31 -------- d-----w- c:\program files\Yahoo!
2010-09-01 15:34 . 2010-09-01 15:34 -------- d-----w- c:\program files\CPUID
2010-09-01 15:34 . 2010-07-09 05:18 20328 ----a-w- c:\windows\system32\drivers\cpuz134_x32.sys
2010-09-01 14:23 . 2004-08-03 14:58 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2010-09-01 14:23 . 2004-08-03 14:58 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2010-09-01 14:23 . 2004-08-03 15:10 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2010-09-01 14:23 . 2004-08-03 15:10 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-09-01 14:22 . 2004-08-03 15:10 15360 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2010-09-01 14:22 . 2004-08-03 15:10 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-09-01 14:22 . 2004-08-03 15:10 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2010-09-01 14:22 . 2004-08-03 15:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-09-01 14:22 . 2004-08-03 15:10 19328 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-09-01 14:22 . 2004-08-03 15:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-09-01 14:22 . 2004-08-03 15:10 85376 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2010-09-01 14:22 . 2004-08-03 15:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-09-01 14:22 . 2004-08-03 15:10 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-09-01 14:22 . 2004-08-03 15:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-09-01 14:22 . 2004-08-03 16:56 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-09-01 14:22 . 2004-08-03 16:56 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-09-01 14:19 . 2005-05-18 02:55 32768 ----a-w- c:\windows\VMZoom.exe
2010-09-01 14:19 . 2010-09-01 14:19 -------- d-----w- c:\windows\EffectResources
2010-09-01 14:19 . 2010-09-01 14:19 -------- d-----w- c:\windows\CatRoot
2010-09-01 14:19 . 2010-09-01 14:19 -------- d-----w- c:\program files\Vimicro
2010-09-01 14:19 . 2005-10-27 06:34 390849 ----a-w- c:\windows\system32\drivers\usbVM303.sys
2010-09-01 14:19 . 2005-10-25 04:56 61440 ----a-w- c:\windows\VM303_STI.EXE
2010-09-01 14:19 . 2005-05-18 02:54 24576 ----a-w- c:\windows\VMPipe.dll
2010-09-01 14:19 . 2005-05-03 07:51 176128 ----a-w- c:\windows\amcap.exe
2010-09-01 14:19 . 2005-05-02 08:45 53248 ----a-w- c:\windows\Sti303.exe
2010-09-01 14:19 . 2005-04-30 10:46 81920 ----a-w- c:\windows\system32\VM303STI.dll
2010-09-01 14:19 . 2005-04-30 10:46 102400 ----a-w- c:\windows\VM303Cap.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-09-04 06:39 . 2010-09-01 07:47 -------- d-----w- c:\documents and settings\David\Application Data\Skype
2010-09-04 03:33 . 2010-09-01 07:48 -------- d-----w- c:\documents and settings\David\Application Data\skypePM
2010-09-01 14:19 . 2010-09-01 05:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-01 14:19 . 2010-09-01 05:15 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-01 08:05 . 2010-09-01 08:05 -------- d-----w- c:\program files\Common Files\Adobe
2010-09-01 07:57 . 2010-09-01 07:57 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-01 07:48 . 2010-09-01 07:48 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-09-01 07:47 . 2010-09-01 07:47 -------- d-----r- c:\program files\Skype
2010-09-01 07:47 . 2010-09-01 07:47 -------- d-----w- c:\program files\Common Files\Skype
2010-09-01 07:47 . 2010-09-01 07:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-09-01 07:26 . 2010-09-01 07:26 -------- d-----w- c:\program files\Alwil Software
2010-09-01 07:26 . 2010-09-01 07:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-09-01 07:19 . 2010-09-01 05:39 20368 ----a-w- c:\documents and settings\David\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-01 05:57 . 2010-09-01 05:57 -------- d-----w- c:\program files\Microsoft.NET
2010-09-01 05:57 . 2010-09-01 05:57 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-09-01 05:55 . 2010-09-01 05:50 -------- d-----w- c:\documents and settings\David\Application Data\DAEMON Tools Lite
2010-09-01 05:52 . 2010-09-01 05:51 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-01 05:51 . 2010-09-01 05:51 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-01 05:50 . 2010-09-01 05:50 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-09-01 05:47 . 2010-09-01 04:57 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-09-01 05:41 . 2010-09-01 05:41 0 ----a-w- c:\windows\nsreg.dat
2010-09-01 05:19 . 2010-09-01 05:09 -------- d-----w- c:\program files\Intel
2010-09-01 05:16 . 2010-09-01 05:16 -------- d-----w- c:\program files\SigmaTel
2010-09-01 05:07 . 2010-09-01 05:07 -------- d-----w- c:\program files\MSXML 4.0
2010-09-01 04:58 . 2010-09-01 04:58 -------- d-----w- c:\program files\microsoft frontpage
2010-09-01 04:55 . 2010-09-01 04:55 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-07-20 06:27 . 2010-07-20 06:27 6343040 ----a-w- c:\windows\system32\nv4_disp.dll
2010-07-20 06:27 . 2010-07-20 06:27 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-07-20 06:27 . 2010-07-20 06:27 4595712 ----a-w- c:\windows\system32\nvcuda.dll
2010-07-20 06:27 . 2010-07-20 06:27 2914408 ----a-w- c:\windows\system32\nvcuvid.dll
2010-07-20 06:27 . 2010-07-20 06:27 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-07-20 06:27 . 2010-07-20 06:27 236136 ----a-w- c:\windows\system32\nvcodins.dll
2010-07-20 06:27 . 2010-07-20 06:27 236136 ----a-w- c:\windows\system32\nvcod.dll
2010-07-20 06:27 . 2010-07-20 06:27 2195030 ----a-w- c:\windows\system32\nvdata.bin
2010-07-20 06:27 . 2010-07-20 06:27 1388544 ----a-w- c:\windows\system32\nvapi.dll
2010-07-20 06:27 . 2010-07-20 06:27 13549568 ----a-w- c:\windows\system32\nvoglnt.dll
2010-07-20 06:27 . 2010-07-20 06:27 10604128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-07-20 06:27 . 2010-07-20 06:27 10260480 ----a-w- c:\windows\system32\nvcompiler.dll
2010-06-28 20:57 . 2010-09-01 07:26 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2010-09-01 07:26 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-09-01 07:27 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-09-01 07:27 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-09-01 07:27 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-09-01 07:27 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2010-09-01 07:27 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2010-09-01 07:27 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2010-09-01 07:27 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-11 08:51 . 2010-06-11 08:51 3055600 ----a-w- c:\documents and settings\David\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
2010-06-11 08:36 . 2010-06-11 08:36 275952 ----a-w- c:\documents and settings\David\Application Data\Mozilla\plugins\npgoogletalk.dll
.
------- Sigcheck -------
[-] 2009-03-21 . 32272BF10467C8ACF1F83138C61D541E . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI. exe" [2010-06-28 2837864]
"BigDog303"="c:\windows\VM303_STI.EXE" [2005-10-25 61440]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-02 01:06 136176 ----atw- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2006-07-21 03:50 86016 ----a-r- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2006-07-21 03:48 98304 ----a-r- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2006-07-21 03:47 81920 ----a-r- c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-07-27 06:19 282624 ----a-w- c:\windows\sttray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"STacSV"=2 (0x2)
"ose"=3 (0x3)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"UPS"=3 (0x3)
"Spooler"=2 (0x2)
"ImapiService"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"e:\\Games\\Garena\\Garena.exe"=
"d:\\Program Files\\Yahoo\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Documents and Settings\\David\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"e:\\Games\\Nba2k10\\nba2k10.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/1/2010 3:27 PM 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [9/1/2010 3:27 PM 17744]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz13 4_x32.sys [9/1/2010 11:34 PM 20328]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\David\ LOCALS~1\Temp\NLV6D.tmp --> c:\docume~1\David\LOCALS~1\Temp\NLV6D.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\e:\games\Garena\plugins\UI\safedrv.sys --> e:\games\Garena\plugins\UI\safedrv.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\dr ivers\mbamswissarmy.sys [9/5/2010 8:45 AM 38224]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9/1/2010 1:51 PM 691696]
.
Contents of the 'Scheduled Tasks' folder
2010-09-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003Core.job
- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-02 01:06]
2010-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-823518204-682003330-1003UA.job
- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-02 01:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {58741C0F-BC63-4D37-90B6-47D141808D81} = 192.168.2.2
FF - ProfilePath - c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\0n7emsyx.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - component: d:\program files\Mozilla Firefox2\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\David\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\David\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\David\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dl l
---- FIREFOX POLICIES ----
d:\program files\Mozilla Firefox2\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\Mozilla Firefox2\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox2\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-09-05 21:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
BigDog303 = c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)????????????????0?????????@???????????? ??
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\G arenaPEngine]
"ImagePath"="\??\c:\docume~1\David\LOCALS~1\Temp\N LV6D.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macrome d\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUt il10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-09-05 21:49:00
ComboFix-quarantined-files.txt 2010-09-05 13:48
Pre-Run: 23,883,739,136 bytes free
Post-Run: 23,852,429,312 bytes free
- - End Of File - - B324CEC6D70A2ABD51634FE50F67F20A
-
We didn't find much, so far.
Combofix log looks clean too.
Is your laptop having any connection problems at all?
Here is a desktop, we've been working on, correct?
-
I'm not having connection problems in my laptop. Yes it is the desktop were checking. The desktop only acts up when I connect it to the internet, if I'm using it offline it does not have any problems. As you can see on the malwarebytes log file it deleted many files. Those files keep on showing up and I have to delete it every other time.
Junior Member
