OTL logfile created on: 3/25/2010 4:37:48 PM - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\CW\Desktop\Virus problelm
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.52 Gb Total Space | 68.09 Gb Free Space | 47.11% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 976.13 Mb Total Space | 685.67 Mb Free Space | 70.24% Space Free | Partition Type: FAT
Computer Name: DHDBRW71
Current User Name: CW
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/03/23 18:40:27 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/21 23:32:34 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CW\Desktop\Virus problelm\OTL.exe
PRC - [2010/02/02 17:31:56 | 000,279,296 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010/01/27 11:37:22 | 000,091,392 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2009/10/23 10:31:46 | 006,569,984 | ---- | M] (eSignal) -- C:\Program Files\QCharts\QCharts.exe
PRC - [2009/10/03 04:07:50 | 000,349,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2009/08/27 16:59:36 | 001,716,224 | ---- | M] (eSignal) -- C:\Program Files\QCharts\winros.exe
PRC - [2009/08/05 10:37:58 | 012,313,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
PRC - [2009/06/22 21:23:38 | 000,196,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
PRC - [2009/05/14 15:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009/05/14 15:47:08 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/01/08 07:36:42 | 002,521,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
PRC - [2008/12/16 12:23:24 | 000,748,032 | ---- | M] (Investors FastTrack) -- C:\FT\FT4WIN\ft4win.exe
PRC - [2008/07/25 23:32:16 | 000,028,672 | ---- | M] (DataViz, Inc.) -- C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
PRC - [2008/05/21 04:24:26 | 000,148,768 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\chatsupport.palm.com\bin\tgsrvc.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/03 18:28:08 | 001,392,640 | R--- | M] (PalmSource, Inc) -- C:\Program Files\Palm\Hotsync.exe
PRC - [2006/11/07 23:51:46 | 000,075,336 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
PRC - [2006/11/07 23:51:46 | 000,058,952 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
PRC - [2006/11/07 23:51:26 | 006,366,792 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
PRC - [2006/08/04 15:29:14 | 000,062,976 | ---- | M] (Alexander Avdonin) -- C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003/09/17 08:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
========== Modules (SafeList) ========== MOD - [2010/03/21 23:32:34 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CW\Desktop\Virus problelm\OTL.exe
========== Win32 Services (SafeList) ========== SRV - [2010/01/27 11:37:22 | 000,091,392 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/05/14 15:54:22 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/05/14 15:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2008/07/23 19:16:26 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/05/21 04:24:26 | 000,394,608 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008/05/21 04:24:26 | 000,148,768 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\chatsupport.palm.com\bin\tgsrvc.exe -- (tgsrvc_chatsupport.palm.com) SupportSoft Repair Service (chatsupport.palm.com)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTBCM)
========== Driver Services (SafeList) ========== DRV - [2009/05/14 15:49:26 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2009/05/14 15:49:26 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/05/14 15:49:22 | 000,133,000 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2009/05/14 15:47:14 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/05/14 15:41:10 | 000,114,472 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 09:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/12/04 17:10:30 | 000,016,640 | R--- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2005/03/31 17:22:16 | 000,180,096 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2005/03/30 02:03:06 | 001,035,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/12/05 23:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/05 23:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/05 23:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/05 23:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/05 23:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/05 23:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/05 23:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/05 23:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/05 23:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 01:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 00:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/11/02 13:12:14 | 000,019,456 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2004/08/03 20:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/14 09:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 09:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/06/16 01:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/06/09 15:16:00 | 000,840,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2004/03/06 02:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 02:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 02:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/09/22 11:48:00 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 11:47:00 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 16:19:00 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pfmodnt.sys -- (PfModNT)
DRV - [2002/11/08 17:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2001/08/17 12:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 12:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 12:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 12:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 12:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 11:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 11:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 11:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 11:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 11:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 11:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 11:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 11:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 11:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 11:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 11:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.msn.com"
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.072
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems:
moveplayer@movenetworks.com:7
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/23 18:40:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/23 18:40:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009/08/12 10:32:42 | 000,000,000 | ---D | M]
[2008/09/16 21:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CW\Application Data\Mozilla\Extensions
[2010/03/24 21:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions
[2009/09/03 18:33:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/20 21:15:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2009/06/11 08:53:04 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/06/11 08:53:26 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/06/11 08:53:02 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/06/11 08:53:55 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/06/11 08:54:00 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/07/07 19:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\isreaditlater@ideashower.com
[2009/07/07 19:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CW\Application Data\Mozilla\Firefox\Profiles\fw8gu1jm.default\extensions\ubiquity@labs.mozilla.com
[2008/09/16 21:20:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/02/07 21:46:12 | 000,087,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2008/02/07 21:46:20 | 000,091,448 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2008/02/07 21:46:16 | 000,021,824 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2007/03/16 17:27:00 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcm80.dll
[2007/03/16 17:27:00 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcp80.dll
[2007/03/16 17:27:00 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr80.dll
[2008/02/07 21:48:26 | 000,419,136 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2008/09/23 12:12:47 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2008/02/07 21:46:12 | 000,024,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
O1 HOSTS File: ([2004/08/04 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKCU..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (Alexander Avdonin)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe (DataViz, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238570555156 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (XPize_Logon.exe) - C:\WINDOWS\System32\XPize_Logon.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Dell.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/03/19 17:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CW\Application Data\Malwarebytes
[2010/03/19 17:50:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/19 17:50:13 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/19 17:50:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/19 17:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/18 20:33:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/03/18 20:00:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/03/18 20:00:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/03/18 20:00:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/03/18 20:00:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/03/18 19:59:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/18 17:14:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/03/18 12:30:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CW\Desktop\Code stuff
[2010/03/18 10:22:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CW\Desktop\Virus problelm
[2010/03/18 01:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\ESET
[2010/03/17 10:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2010/03/17 10:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2010/03/17 10:35:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CW\My Documents\Phone
[2010/03/11 09:24:13 | 016,368,471 | ---- | C] (Armen Computing Ltd ) -- C:\Documents and Settings\CW\My Documents\setupTL7.exe
[2010/03/10 19:56:01 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/02/19 17:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/02/19 16:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/01/31 06:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2009/08/31 08:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS
[2009/04/01 01:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/10/09 07:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/07/23 21:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\HP
[2005/07/16 05:48:54 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2005/05/11 23:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[2004/08/11 15:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2004/08/11 15:06:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2004/08/11 15:06:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/03/25 16:13:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/25 16:11:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2805297054-913802056-4196249912-1007UA.job
[2010/03/25 11:16:07 | 003,880,039 | ---- | M] () -- C:\Documents and Settings\CW\Desktop\OTR-Edge_v3222Installer.exe
[2010/03/25 11:15:24 | 000,303,104 | ---- | M] () -- C:\Documents and Settings\CW\Desktop\z_Files.exe
[2010/03/25 09:07:08 | 000,000,728 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/25 07:51:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/24 18:13:00 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/24 17:11:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2805297054-913802056-4196249912-1007Core.job
[2010/03/24 13:11:34 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\CW\Desktop\Google Chrome.lnk
[2010/03/22 08:26:25 | 000,003,064 | ---- | M] () -- C:\WINDOWS\winros.ini
[2010/03/20 22:01:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/20 21:45:09 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/03/20 21:45:06 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/20 21:44:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/20 21:44:50 | 2145,538,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/20 21:43:54 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\CW\NTUSER.DAT
[2010/03/20 21:43:49 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\CW\ntuser.ini
[2010/03/20 21:36:10 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/19 23:45:21 | 002,067,532 | ---- | M] () -- C:\Documents and Settings\CW\Desktop\droid.pdf
[2010/03/19 17:50:19 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/18 17:16:37 | 000,001,758 | ---- | M] () -- C:\Documents and Settings\CW\Desktop\ESET Smart Security.lnk
[2010/03/17 11:51:36 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\CW\Desktop\1-LowVol_2.exe
[2010/03/16 22:09:18 | 000,463,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/16 22:09:18 | 000,080,226 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/16 22:09:16 | 000,550,872 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/03/11 09:25:50 | 000,000,635 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TradeLog8.lnk
[2010/03/11 09:25:11 | 016,368,471 | ---- | M] (Armen Computing Ltd ) -- C:\Documents and Settings\CW\My Documents\setupTL7.exe
[2010/02/24 03:01:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/03/25 11:16:08 | 003,880,039 | ---- | C] () -- C:\Documents and Settings\CW\Desktop\OTR-Edge_v3222Installer.exe
[2010/03/19 23:45:33 | 002,067,532 | ---- | C] () -- C:\Documents and Settings\CW\Desktop\droid.pdf
[2010/03/19 17:50:19 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/18 20:44:28 | 2145,538,048 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/18 20:00:03 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/18 20:00:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/18 20:00:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/03/18 20:00:03 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/18 20:00:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/03/18 17:16:37 | 000,001,758 | ---- | C] () -- C:\Documents and Settings\CW\Desktop\ESET Smart Security.lnk
[2010/03/11 09:25:50 | 000,000,635 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TradeLog8.lnk
[2010/03/03 11:51:28 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\CW\Desktop\1-LowVol_2.exe
[2009/08/31 01:00:24 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/03/30 16:53:25 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\UndB2Kr.dll
[2009/03/30 16:53:25 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Iduninst.dll
[2008/08/19 16:46:19 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2008/07/30 22:07:05 | 000,003,064 | ---- | C] () -- C:\WINDOWS\winros.ini
[2008/07/30 22:07:05 | 000,000,152 | ---- | C] () -- C:\WINDOWS\WinSig.Ini
[2008/07/30 22:07:05 | 000,000,144 | ---- | C] () -- C:\WINDOWS\reader.Ini
[2008/07/26 00:25:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/07/24 21:08:58 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\CW\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/24 20:36:11 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/07/24 16:16:01 | 000,030,595 | ---- | C] () -- C:\Documents and Settings\CW\Local Settings\Application Data\FASTWiz.log
[2008/07/24 03:13:27 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\CW\Local Settings\Application Data\FASTWiz.html
[2008/07/23 22:12:05 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\CW\Local Settings\Application Data\fusioncache.dat
[2008/07/23 22:03:26 | 000,000,208 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2008/07/23 21:42:03 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/07/23 21:41:50 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2007/03/28 09:04:34 | 000,001,607 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/07/16 06:38:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/07/16 06:30:02 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/07/16 06:14:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/16 06:12:24 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2005/07/16 06:12:14 | 000,003,278 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2005/07/16 06:12:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005/07/16 06:12:08 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/07/16 05:48:54 | 000,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2005/07/16 05:48:54 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2005/01/28 06:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 15:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 15:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/01/07 13:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== Custom Scans ========== < MD5 for: ATAPI.SYS >[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/04/01 00:36:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/04/01 00:36:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys
< MD5 for: QMGR.DLL >[2004/08/04 03:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\i386\qmgr.dll
[2004/08/04 03:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ERDNT\cache\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\bits\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\qmgr.dll
< MD5 for: SFCFILES.DLL >[2004/08/04 03:00:00 | 001,580,544 | ---- | M] (Microsoft Corporation) MD5=30A609E00BD1D4FFC49D6B5A432BE7F2 -- C:\i386\sfcfiles.dll
[2004/08/04 03:00:00 | 001,580,544 | ---- | M] (Microsoft Corporation) MD5=30A609E00BD1D4FFC49D6B5A432BE7F2 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll
[2008/04/13 17:12:05 | 001,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\ERDNT\cache\sfcfiles.dll
[2008/04/13 17:12:05 | 001,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll
[2008/04/13 17:12:05 | 001,614,848 | ---- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\system32\sfcfiles.dll
< %programfiles%\*.* >< End of report >