========== Files - Modified Within 30 Days ==========
[2011/04/11 20:26:32 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Conti\Desktop\OTL.com
[2011/04/11 19:42:50 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/04/11 19:42:50 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/04/11 19:42:50 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/04/11 19:36:31 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/11 19:36:30 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/11 19:36:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/11 19:36:22 | 2136,133,631 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/11 19:10:02 | 000,000,732 | ---- | M] () -- C:\Users\Conti\AppData\Local\d3d9caps64.dat
[2011/04/11 18:32:53 | 000,032,858 | ---- | M] () -- C:\Users\Conti\Desktop\Conti_Greg Dell Inspir 530S.rtf
[2011/04/11 18:11:44 | 000,625,664 | ---- | M] () -- C:\Users\Conti\Desktop\dds.scr
[2011/04/11 17:59:26 | 000,007,512 | ---- | M] () -- C:\Users\Conti\AppData\Local\d3d9caps.dat
[2011/04/11 15:51:27 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2 C:\Users\Conti\AppData\Roaming\*.tmp files -> C:\Users\Conti\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/04/11 19:36:22 | 2136,133,631 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/11 18:11:43 | 000,625,664 | ---- | C] () -- C:\Users\Conti\Desktop\dds.scr
[2011/04/11 17:57:46 | 000,000,732 | ---- | C] () -- C:\Users\Conti\AppData\Local\d3d9caps64.dat
[2011/04/11 15:55:20 | 000,032,858 | ---- | C] () -- C:\Users\Conti\Desktop\Conti_Greg Dell Inspir 530S.rtf
[2011/04/11 15:51:27 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/24 17:17:26 | 000,000,120 | -H-- | C] () -- C:\Users\Conti\AppData\Local\Vlunedokezezoco.dat
[2011/02/24 17:17:26 | 000,000,000 | -H-- | C] () -- C:\Users\Conti\AppData\Local\Qvicupehukuho.bin
[2009/12/10 08:00:50 | 000,581,872 | ---- | C] () -- C:\Windows\SysWow64\STRegistry64.dll
[2009/12/10 08:00:50 | 000,540,912 | ---- | C] () -- C:\Windows\SysWow64\STString64d.dll
[2009/12/10 08:00:50 | 000,385,264 | ---- | C] () -- C:\Windows\SysWow64\STFiles64.dll
[2009/12/10 08:00:50 | 000,172,784 | ---- | C] () -- C:\Windows\SysWow64\STLog64.dll
[2009/12/10 08:00:50 | 000,157,424 | ---- | C] () -- C:\Windows\SysWow64\STWmiM64.dll
[2009/12/10 08:00:50 | 000,152,816 | ---- | C] () -- C:\Windows\SysWow64\STNLS64.dll
[2009/12/10 08:00:50 | 000,132,848 | ---- | C] () -- C:\Windows\SysWow64\STPE64.dll
[2009/12/10 08:00:50 | 000,106,224 | ---- | C] () -- C:\Windows\SysWow64\STMsXml64.dll
[2009/12/10 08:00:50 | 000,092,400 | ---- | C] () -- C:\Windows\SysWow64\STEncryptableVol64.dll
[2009/12/10 08:00:50 | 000,089,328 | ---- | C] () -- C:\Windows\SysWow64\STProcessDLL64.dll
[2009/12/10 08:00:50 | 000,089,328 | ---- | C] () -- C:\Windows\SysWow64\STProcess64.dll
[2009/12/10 08:00:50 | 000,000,060 | ---- | C] () -- C:\Windows\SysWow64\winpeshl.ini
[2009/12/10 08:00:50 | 000,000,020 | ---- | C] () -- C:\Windows\SysWow64\ST_LOG.INI
[2009/12/10 08:00:49 | 002,303,728 | ---- | C] () -- C:\Windows\SysWow64\libxml2.dll
[2009/12/10 08:00:49 | 001,372,672 | ---- | C] () -- C:\Windows\SysWow64\Restore7.exe
[2009/12/10 08:00:49 | 000,619,760 | ---- | C] () -- C:\Windows\SysWow64\STBackupEngine.dll
[2009/12/10 08:00:49 | 000,334,576 | ---- | C] () -- C:\Windows\SysWow64\RestoreLauncher.exe
[2009/12/10 08:00:49 | 000,134,384 | ---- | C] () -- C:\Windows\SysWow64\PSTVdsDisk64.dll
[2009/12/10 08:00:49 | 000,127,728 | ---- | C] () -- C:\Windows\SysWow64\STCrypto64.dll
[2009/12/10 08:00:49 | 000,052,464 | ---- | C] () -- C:\Windows\SysWow64\STCoreXml64.dll
[2009/12/10 08:00:48 | 000,578,288 | ---- | C] () -- C:\Windows\SysWow64\BackupApi.dll
[2009/12/10 08:00:48 | 000,108,272 | ---- | C] () -- C:\Windows\FixBCD.exe
[2009/12/10 08:00:48 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\abort.dat
[2009/12/02 21:12:19 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/02 21:12:00 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/02 21:11:42 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/20 10:05:20 | 000,040,448 | ---- | C] () -- C:\Users\Conti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/13 20:04:45 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/09/13 20:04:45 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7340.DAT
[2009/09/13 20:03:48 | 000,000,218 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2009/09/13 20:03:48 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2009/09/13 20:01:39 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2009/09/13 20:01:17 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2009/09/13 20:01:16 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2009/09/13 20:01:16 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2009/09/13 19:58:48 | 000,031,567 | ---- | C] () -- C:\Windows\maxlink.ini
[2009/09/12 18:27:07 | 000,007,512 | ---- | C] () -- C:\Users\Conti\AppData\Local\d3d9caps.dat
[2009/07/08 10:02:09 | 001,953,696 | ---- | C] () -- C:\Windows\SysWow64\igklg400.dll
[2009/07/08 10:02:09 | 001,533,360 | ---- | C] () -- C:\Windows\SysWow64\igklg450.dll
[2009/07/08 10:02:09 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igmedcompkrn.dll
[2009/07/08 09:52:25 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2009/07/08 07:11:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/04/24 23:58:05 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== Custom Scans ==========
< %systemroot%\Fonts\*.com >
[2006/11/02 11:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 11:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 11:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/12/08 18:10:36 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/09/18 17:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/04/17 00:04:40 | 000,306,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2008/01/20 23:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/09/29 18:12:55 | 000,000,286 | -HS- | M] () -- C:\Users\Conti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/04/11 18:20:59 | 000,122,328 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
[2011/04/11 18:21:00 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[2011/04/11 18:21:02 | 000,246,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2009/09/12 18:03:50 | 000,000,402 | -HS- | M] () -- C:\Users\Conti\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.sys >
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
< %SYSTEMDRIVE%\*.* >
[2011/04/11 19:36:20 | 000,065,788 | ---- | M] () -- C:\aaw7boot.log
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/06/24 20:22:20 | 000,546,872 | ---- | M] (Microsoft Corporation) -- C:\bootmgr.efi
[2009/07/08 10:02:20 | 000,004,122 | RH-- | M] () -- C:\dell.sdr
[2011/04/11 19:36:22 | 2136,133,631 | -HS- | M] () -- C:\hiberfil.sys
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/04/11 19:36:20 | 2449,752,063 | -HS- | M] () -- C:\pagefile.sys
< %PROGRAMFILES%\*. >
[2009/09/13 22:54:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2009/12/01 22:11:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Amazon
[2009/09/20 10:30:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2009/07/08 07:24:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2009/09/20 10:31:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2009/09/13 20:03:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brother
[2009/07/08 07:31:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
[2010/01/27 22:25:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2009/07/08 07:32:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2009/07/08 07:38:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell
[2011/03/30 20:31:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell DataSafe Local Backup
[2009/09/20 10:09:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Remote Access
[2009/07/08 07:34:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Support Center
[2009/07/08 07:29:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Video Chat
[2011/04/11 16:53:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ESET
[2010/02/17 18:10:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/02/10 04:20:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2009/09/20 15:05:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iPhone Configuration Utility
[2010/02/09 22:06:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/04/11 18:29:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2009/10/30 17:42:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lavasoft
[2011/04/11 15:51:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/09/03 14:57:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee
[2010/09/08 19:46:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee.com
[2010/04/15 03:36:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Merge
[2009/07/08 07:36:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2009/07/08 07:28:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/04/09 21:57:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/07/08 07:37:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/07/08 07:38:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Sync Framework
[2009/10/14 03:02:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/06/25 03:01:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2011/04/11 18:21:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2006/11/02 11:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2009/09/15 03:00:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010/07/30 22:08:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2011/04/09 21:57:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars.NET
[2010/02/09 22:04:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2006/11/02 11:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2009/07/08 07:31:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2009/09/13 19:58:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ScanSoft
[2010/04/15 03:36:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Sportsbook Poker
[2006/11/02 11:36:07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2009/12/09 04:22:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Calendar
[2008/01/20 23:09:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Collaboration
[2008/01/20 23:09:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010/10/17 07:10:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2009/07/08 07:35:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/04/09 21:57:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/10/14 03:41:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2006/11/02 11:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/12/09 04:22:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Gallery
[2009/12/10 04:21:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/12/09 04:22:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
< %appdata%\*.* >
[2011/03/19 23:27:47 | 000,000,065 | -H-- | M] () -- C:\Users\Conti\AppData\Roaming\AcroIEHelpe.txt
[2010/01/23 08:58:46 | 008,653,312 | ---- | M] (Dell, Inc. ) -- C:\Users\Conti\AppData\Roaming\DataSafeDotNet.exe
[2 C:\Users\Conti\AppData\Roaming\*.tmp files -> C:\Users\Conti\AppData\Roaming\*.tmp -> ]
< MD5 for: AGP440.SYS >
[2008/01/20 22:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008/01/20 22:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/20 22:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008/01/20 22:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/04/24 23:26:24 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=5EB9EF6EEC5D873E94992095A1719BF6 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_39c3f1ccf31998cb\atapi.sys
[2009/04/11 03:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009/04/11 03:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
[2009/04/24 23:26:24 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_393a5501d9fbf901\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 07:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006/11/02 07:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: DISK.SYS >
[2008/01/20 22:46:53 | 000,068,664 | ---- | M] (Microsoft Corporation) MD5=2DC415FC05FB8A079F896CBBACB19324 -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_55e51d682c89f490\disk.sys
[2009/04/11 03:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\SysNative\drivers\disk.sys
[2009/04/11 03:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_57d0967429abbfdc\disk.sys
< MD5 for: IASTORV.SYS >
[2008/01/20 22:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008/01/20 22:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2008/01/20 22:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/11 03:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009/04/11 03:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/20 22:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2008/01/20 22:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008/01/20 22:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008/01/20 22:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/20 22:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/11 03:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009/04/11 03:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
< MD5 for: USBSTOR.SYS >
[2008/01/20 22:47:25 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=586D9876A4945779C8EEA926C0D16889 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_a4a4ea3a50308c79\USBSTOR.SYS
[2009/04/11 01:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=B854C1558FCA0C269A38663E8B59B581 -- C:\Windows\SysNative\drivers\USBSTOR.SYS
[2009/04/11 01:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=B854C1558FCA0C269A38663E8B59B581 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_a69063464d5257c5\USBSTOR.SYS
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 81 bytes -> C:\Program Files (x86)\Sportsbook Poker:MID
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >