OTL logfile created on: 21/04/2011 2:15:50 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\FDU spare\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1,023.00 Mb Total Physical Memory | 325.00 Mb Available Physical Memory | 32.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.29 Gb Total Space | 3.68 Gb Free Space | 12.57% Space Free | Partition Type: NTFS
Drive D: | 45.23 Gb Total Space | 8.28 Gb Free Space | 18.30% Space Free | Partition Type: NTFS
Computer Name: FLINDERS-7B80CB | User Name: FDU spare | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/04/21 14:14:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FDU spare\Desktop\OTL.com
PRC - [2009/12/13 14:27:19 | 000,289,584 | -H-- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/12/03 09:12:12 | 000,976,320 | -H-- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/09/25 22:32:18 | 000,189,736 | -H-- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 22:31:32 | 000,185,640 | -H-- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/05/14 16:07:14 | 000,759,048 | -H-- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2008/08/29 14:20:56 | 000,935,208 | -H-- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007/06/13 19:53:07 | 001,033,216 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/29 10:07:04 | 000,167,936 | -H-- | M] (Sophos Plc) -- c:\Program Files\Sophos\AutoUpdate\ALsvc.exe
PRC - [2007/05/29 10:03:47 | 000,086,016 | -H-- | M] (Sophos Plc) -- c:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2007/05/29 10:03:38 | 000,069,632 | -H-- | M] (Sophos Plc) -- c:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2006/03/03 21:03:10 | 000,069,632 | -H-- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/04/26 17:02:14 | 000,163,840 | -H-- | M] (WIDCOMM, Inc.) -- C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
PRC - [2004/01/13 15:15:20 | 000,376,832 | -H-- | M] (Intel Corporation) -- C:\WINDOWS\system32\ZCfgSvc.exe
PRC - [2004/01/13 15:08:52 | 000,184,320 | -H-- | M] (Intel) -- C:\WINDOWS\system32\1XConfig.exe
PRC - [2004/01/13 15:08:12 | 000,311,363 | -H-- | M] (Intel Corporation ) -- C:\WINDOWS\system32\S24EvMon.exe
PRC - [2004/01/13 15:07:04 | 000,122,880 | -H-- | M] (Intel Corporation) -- C:\WINDOWS\system32\RegSrvc.exe
PRC - [2002/03/12 10:37:28 | 000,028,672 | -H-- | M] (Novell, Inc.) -- C:\WINDOWS\system32\nwtray.exe
========== Modules (SafeList) ==========
MOD - [2011/04/21 14:14:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FDU spare\Desktop\OTL.com
MOD - [2006/08/25 07:45:56 | 001,054,208 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/05/03 21:53:54 | 000,174,592 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/10/27 08:26:36 | 000,657,408 | -H-- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/09/25 22:32:18 | 000,189,736 | -H-- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/05/14 16:07:14 | 000,759,048 | -H-- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/08/29 14:20:56 | 000,935,208 | -H-- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007/05/29 10:07:04 | 000,167,936 | -H-- | M] (Sophos Plc) [Auto | Running] -- c:\Program Files\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service)
SRV - [2007/05/29 10:03:47 | 000,086,016 | -H-- | M] (Sophos Plc) [Unknown | Running] -- c:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2007/05/29 10:03:38 | 000,069,632 | -H-- | M] (Sophos Plc) [Unknown | Running] -- c:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2006/03/03 21:03:10 | 000,069,632 | -H-- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005/01/18 09:17:56 | 000,036,864 | -H-- | M] (Novell, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\cusrvc.exe -- (cusrvc)
SRV - [2004/04/26 17:02:14 | 000,163,840 | -H-- | M] (WIDCOMM, Inc.) [Auto | Running] -- C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2004/01/13 15:08:12 | 000,311,363 | -H-- | M] (Intel Corporation ) [Auto | Running] -- C:\WINDOWS\system32\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004/01/13 15:07:04 | 000,122,880 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\RegSrvc.exe -- (RegSrvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Boot | Running] -- -- (szkgfs)
DRV - File not found [Kernel | Boot | Running] -- -- (szkg5)
DRV - [2009/08/05 21:48:42 | 000,054,752 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2007/02/12 18:14:31 | 000,639,224 | -H-- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006/08/14 12:26:10 | 000,014,037 | -H-- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2006/07/24 15:05:00 | 000,005,632 | -H-- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/06/08 10:49:50 | 000,344,064 | -H-- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006/01/05 17:43:54 | 000,080,128 | -H-- | M] (Sophos plc) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\savonaccesscontrol.sys -- (SAVOnAccess Control)
DRV - [2006/01/05 17:43:46 | 000,024,064 | -H-- | M] (Sophos plc) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\savonaccessfilter.sys -- (SAVOnAccess Filter)
DRV - [2005/11/10 07:53:00 | 000,018,353 | -H-- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\nwdhcp.sys -- (NWDHCP)
DRV - [2005/10/27 16:38:46 | 000,497,743 | -H-- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\nwfs.sys -- (NetwareWorkstation)
DRV - [2005/10/27 16:21:08 | 000,155,761 | -H-- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\srvloc.sys -- (SRVLOC)
DRV - [2005/10/27 16:15:14 | 000,039,731 | -H-- | M] (Novell, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\NetWare\nwsipx32.sys -- (NWSIPX32)
DRV - [2005/10/12 13:12:18 | 000,009,297 | -H-- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwhost.sys -- (NWHOST)
DRV - [2005/10/12 13:11:32 | 000,006,128 | -H-- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwsns.sys -- (NWSNS)
DRV - [2005/09/29 12:04:46 | 000,035,568 | -H-- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwdns.sys -- (NWDNS)
DRV - [2005/05/26 18:14:00 | 000,015,891 | -H-- | M] (Novell, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\NetWare\nwfilter.sys -- (NWFILTER)
DRV - [2005/01/03 14:51:38 | 000,020,332 | -H-- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwslp.sys -- (NWSLP)
DRV - [2004/08/19 12:34:06 | 000,038,848 | -H-- | M] (Novell, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nicm.sys -- (NICM)
DRV - [2004/08/12 22:14:00 | 000,786,944 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/07/20 11:14:06 | 000,258,160 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2004/06/01 18:19:34 | 000,027,249 | -H-- | M] (Novell, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\NetWare\resmgr.sys -- (RESMGR)
DRV - [2004/04/26 16:38:18 | 000,016,896 | -H-- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2004/04/26 16:31:56 | 001,239,338 | -H-- | M] (WIDCOMM, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2004/04/26 16:24:56 | 000,147,864 | -H-- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2004/04/26 16:24:44 | 000,030,235 | -H-- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2004/04/26 16:15:16 | 000,053,336 | -H-- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2004/03/08 11:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/01/14 05:58:26 | 001,648,640 | -H-- | M] (IntelĀ® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w22n51.sys -- (w22n51) Intel(R)
DRV - [2003/11/13 18:21:16 | 000,197,120 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2003/11/13 18:18:36 | 000,679,808 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/13 18:17:00 | 001,042,816 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/15 10:20:18 | 000,011,258 | -H-- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2003/05/15 18:09:32 | 000,043,136 | RH-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2003/02/26 14:51:18 | 000,023,232 | -H-- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\NetWare\nwsap.sys -- (NWSAP)
DRV - [2002/09/09 19:54:06 | 000,016,269 | -H-- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001/08/22 08:42:58 | 000,013,632 | -H-- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kapersky.com/virusscanner
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
========== FireFox ==========
FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"
FF - prefs.js..extensions.enabledItems: inboxcomtoolbar@inbox.com:1.0.0.42
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.0.20090922023629
FF - prefs.js..keyword.URL: "http://toolbar.inbox.com/search/dispatcher.aspx?tp=sf&tbid=80101&language=en&qkw="
FF - prefs.js..network.proxy.autoconfig_url: "http://www.flinders.edu.au/proxy.pac"
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/17 10:48:48 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/17 10:48:48 | 000,000,000 | -H-D | M]
[2009/12/13 10:09:18 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\FDU spare\Application Data\Mozilla\Extensions
[2011/04/21 13:22:56 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\FDU spare\Application Data\Mozilla\Firefox\Profiles\xsryr3nr.default\extensions
[2009/10/11 10:54:40 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\FDU spare\Application Data\Mozilla\Firefox\Profiles\xsryr3nr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2007/01/25 09:28:02 | 000,000,000 | -H-D | M] (Firefox Showcase) -- C:\Documents and Settings\FDU spare\Application Data\Mozilla\Firefox\Profiles\xsryr3nr.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2007/01/25 09:22:31 | 000,000,000 | -H-D | M] (Hyperwords(tm)) -- C:\Documents and Settings\FDU spare\Application Data\Mozilla\Firefox\Profiles\xsryr3nr.default\extensions\{9A752782-D706-479b-98F8-3F66BF921692}
[2007/01/25 09:28:02 | 000,000,000 | -H-D | M] (ReminderFox) -- C:\Documents and Settings\FDU spare\Application Data\Mozilla\Firefox\Profiles\xsryr3nr.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2008/10/07 09:56:06 | 000,000,000 | -H-D | M] (Move Media Player) -- C:\Documents and Settings\FDU spare\Application Data\Mozilla\Firefox\Profiles\xsryr3nr.default\extensions\moveplayer@movenetworks.com
[2009/07/04 14:00:18 | 000,001,632 | -H-- | M] () -- C:\Documents and Settings\FDU spare\Application Data\Mozilla\Firefox\Profiles\xsryr3nr.default\searchplugins\live-search.xml
[2011/04/02 10:02:48 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\FDU SPARE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\XSRYR3NR.DEFAULT\EXTENSIONS\INBOXCOMTOOLBAR@INBOX.COM
[2007/01/06 09:53:00 | 000,049,152 | -H-- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
O1 HOSTS File: ([2001/08/23 21:30:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.)
O4 - HKCU..\Run: [DriverMax] File not found
O4 - HKCU..\Run: [DriverMax_RESTART] File not found
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.)
O15 - HKCU\..Trusted Domains: flinders.edu.au ([gateway] https in Trusted sites)
O15 - HKCU\..Trusted Domains: select2perform.com.au ([www] https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {483EB14D-AF1C-4951-81B0-4E2B41829FF6} https://www.select2perform.com.au/cabs/QOLCheck.ocx (QOLCheck Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} https://upload.facebook.com/controls/FacebookPhotoUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} https://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238532461910 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1265009281922 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Java Plug-in 1.5.0_08)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (WIDCOMM, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (NWGINA.DLL) - C:\WINDOWS\System32\nwgina.dll (Novell, Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\Sebring: DllName - c:\WINDOWS\system32\LgNotify.dll - C:\WINDOWS\system32\LgNotify.dll (Intel Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\FDU spare\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\FDU spare\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/15 10:00:28 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/05 12:26:40 | 000,000,090 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{1927ca50-f3d5-11dc-b70f-0010c652b6ef}\Shell - "" = AutoRun
O33 - MountPoints2\{1927ca50-f3d5-11dc-b70f-0010c652b6ef}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1927ca50-f3d5-11dc-b70f-0010c652b6ef}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{3a50e210-729e-11de-9c28-0010c652b6ef}\Shell\AutoRun\command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{3a50e210-729e-11de-9c28-0010c652b6ef}\Shell\Explore\Command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{3a50e210-729e-11de-9c28-0010c652b6ef}\Shell\open\command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{42cd8072-453d-11df-9cfe-0010c652b6ef}\Shell\AutoRun\command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{42cd8072-453d-11df-9cfe-0010c652b6ef}\Shell\Explore\Command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{42cd8072-453d-11df-9cfe-0010c652b6ef}\Shell\open\command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{a8f1be12-1075-11e0-9db9-0010c652b6ef}\Shell\AutoRun\command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{a8f1be12-1075-11e0-9db9-0010c652b6ef}\Shell\Explore\Command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{a8f1be12-1075-11e0-9db9-0010c652b6ef}\Shell\open\command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{bbb0fed3-31a3-11dc-b554-00114361e263}\Shell\AutoRun\command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{bbb0fed3-31a3-11dc-b554-00114361e263}\Shell\Explore\Command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{bbb0fed3-31a3-11dc-b554-00114361e263}\Shell\open\command - "" = E:\ice\fire\traymgr.exe
O33 - MountPoints2\{dad52254-fee1-11dc-b728-0010c652b6ef}\Shell\AutoRun\command - "" = G:\ice\fire\traymgr.exe
O33 - MountPoints2\{dad52254-fee1-11dc-b728-0010c652b6ef}\Shell\Explore\Command - "" = G:\ice\fire\traymgr.exe
O33 - MountPoints2\{dad52254-fee1-11dc-b728-0010c652b6ef}\Shell\open\command - "" = G:\ice\fire\traymgr.exe
O33 - MountPoints2\{e9c714f2-0fa1-11df-9cc5-0010c652b6ef}\Shell\AutoRun\command - "" = G:\ice\fire\traymgr.exe
O33 - MountPoints2\{e9c714f2-0fa1-11df-9cc5-0010c652b6ef}\Shell\Explore\Command - "" = G:\ice\fire\traymgr.exe
O33 - MountPoints2\{e9c714f2-0fa1-11df-9cc5-0010c652b6ef}\Shell\open\command - "" = G:\ice\fire\traymgr.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoUpdate Monitor.lnk - C:\Program Files\Sophos\AutoUpdate\ALMon.exe - (Sophos Plc)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\Dell\Bluetooth Software\BTTray.exe - (WIDCOMM, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\hp color LaserJet 2550 Series\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk - C:\Program Files\Hewlett-Packard\hp color LaserJet 2550 Series\Digital Imaging\bin\hpqthb08.exe - (Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MiniMavis.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^FDU spare^Start Menu^Programs^Startup^Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^FDU spare^Start Menu^Programs^Startup^America Online 5.0 Tray Icon.lnk - - File not found
MsConfig - StartUpReg: ATIPTA - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
MsConfig - StartUpReg: BitTorrent - hkey= - key= - File not found
MsConfig - StartUpReg: BluetoothAuthenticationAgent - hkey= - key= - File not found
MsConfig - StartUpReg: ccApp - hkey= - key= - File not found
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DAEMON Tools - hkey= - key= - File not found
MsConfig - StartUpReg: HP Component Manager - hkey= - key= - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\Hewlett-Packard\hp color LaserJet 2550 Series\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: Microsoft - hkey= - key= - File not found
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: NWTRAY - hkey= - key= - File not found
MsConfig - StartUpReg: osCheck - hkey= - key= - File not found
MsConfig - StartUpReg: Picasa Media Detector - hkey= - key= - File not found
MsConfig - StartUpReg: PRONoMgr.exe - hkey= - key= - c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe (Intel(R) Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: StatusClient 2.6 - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: TomcatStartup 2.5 - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SAVService - c:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SAVService - c:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1325db73-d9f1-48f8-8895-6d814ec58889} - Security Update for Windows XP (KB913433)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} - Security Update for Microsoft .NET Framework 2.0 (KB928365)
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B01B78B4-7E93-4A48-C336-A8D1B814423F} - Vector Graphics Rendering (VML)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56590081070202880)
========== Files/Folders - Created Within 30 Days ==========
[2011/04/21 14:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FDU spare\Desktop\Virus Removal Tool
[2011/04/21 14:14:24 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\FDU spare\Desktop\OTL.com
[2011/04/21 13:04:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\BDOSCAN8
[2011/04/21 13:04:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\LastGood
[2011/04/21 13:02:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\FDU spare\Recent
[2011/04/19 19:18:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\CSC
[2011/04/19 06:57:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/04/19 06:55:07 | 000,509,440 | -H-- | C] (iS3, Inc.) -- C:\SZSetupAV.exe
[2011/04/19 00:21:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\NtmsData
[2011/04/19 00:18:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\FDU spare\Application Data\Avira
[2011/04/19 00:13:51 | 000,000,000 | -H-D | C] -- C:\Program Files\Avira
[2011/04/18 23:11:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\FDU spare\Start Menu\Programs\Windows Recovery
[2011/04/02 10:09:57 | 000,000,000 | ---D | C] -- D:\My Documents\New Folder
[2011/03/22 19:08:12 | 000,000,000 | -H-D | C] -- C:\Program Files\Inbox Toolbar
[2009/02/02 08:19:56 | 003,686,400 | -H-- | C] (Infor) -- C:\Program Files\Shortcut to IKEA Home Planner.lnk
[2007/03/13 15:33:29 | 037,844,544 | -H-- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
[2006/08/14 11:40:30 | 000,151,552 | -H-- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[18 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/04/21 14:25:20 | 000,002,299 | ---- | M] () -- C:\Documents and Settings\FDU spare\Start Menu\Programs\Startup\setup_9.0.0.722_21.04.2011_06-53[1].lnk
[2011/04/21 14:14:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FDU spare\Desktop\OTL.com
[2011/04/21 14:08:02 | 000,000,886 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/21 13:05:49 | 000,000,704 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kgpfr2.cfg
[2011/04/21 13:05:47 | 000,002,232 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/04/21 12:52:43 | 000,000,868 | -H-- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/04/21 12:49:37 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F30FF99A-BAB0-43C9-861E-A588716FAAAD}.job
[2011/04/21 12:46:22 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2011/04/21 12:46:16 | 000,000,882 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/21 12:45:27 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/21 12:45:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/19 06:55:10 | 000,509,440 | -H-- | M] (iS3, Inc.) -- C:\SZSetupAV.exe
[2011/04/19 03:00:00 | 000,000,370 | -H-- | M] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2011/04/19 00:03:23 | 051,349,520 | -H-- | M] () -- C:\avira_antivir_personal_en.exe
[2011/04/18 23:11:18 | 000,000,821 | -H-- | M] () -- C:\Documents and Settings\FDU spare\Desktop\Windows Recovery.lnk
[2011/04/18 23:11:17 | 000,000,128 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~18145076
[2011/04/18 23:11:16 | 000,000,160 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~18145076r
[2011/04/18 23:10:51 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\18145076
[2011/04/18 23:06:10 | 000,116,224 | -H-- | M] () -- C:\WINDOWS\System32\drivers\20232.sys
[2011/04/05 15:48:54 | 000,016,896 | -H-- | M] () -- C:\Documents and Settings\FDU spare\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/03 09:48:43 | 000,440,164 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/03 09:48:43 | 000,071,718 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/02 09:57:00 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[18 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/04/21 12:50:00 | 000,000,704 | -H-- | C] () -- C:\WINDOWS\System32\drivers\kgpfr2.cfg
[2011/04/21 12:48:24 | 000,002,232 | -H-- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/04/19 00:03:23 | 051,349,520 | -H-- | C] () -- C:\avira_antivir_personal_en.exe
[2011/04/18 23:11:18 | 000,000,821 | -H-- | C] () -- C:\Documents and Settings\FDU spare\Desktop\Windows Recovery.lnk
[2011/04/18 23:11:16 | 000,000,160 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~18145076r
[2011/04/18 23:11:16 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~18145076
[2011/04/18 23:10:51 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\18145076
[2011/04/18 23:06:10 | 000,116,224 | -H-- | C] () -- C:\WINDOWS\System32\drivers\20232.sys
[2011/02/15 13:39:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/02/04 15:50:12 | 000,004,767 | -H-- | C] () -- C:\WINDOWS\Irremote.ini
[2010/02/04 15:39:11 | 000,214,136 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/10/17 16:24:12 | 000,091,916 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/28 19:23:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/07/17 14:14:45 | 000,000,094 | -H-- | C] () -- C:\WINDOWS\awshkwv.ini
[2009/01/05 15:44:10 | 000,053,248 | -H-- | C] () -- C:\WINDOWS\bdoscandel.exe
[2009/01/05 15:44:10 | 000,000,453 | -H-- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/05/30 20:50:26 | 000,537,600 | -H-- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2008/05/30 20:50:26 | 000,496,640 | -H-- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2008/05/30 20:50:26 | 000,159,827 | -H-- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2008/04/01 19:22:27 | 000,005,092 | -H-- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/03/06 10:34:24 | 000,237,057 | -H-- | C] () -- C:\WINDOWS\System32\Office [Keygen].exe
[2008/02/04 17:23:10 | 000,693,792 | -H-- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/01/07 19:40:32 | 000,000,033 | -H-- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2008/01/07 18:19:44 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008/01/07 17:50:00 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/12/11 15:15:52 | 000,000,030 | -H-- | C] () -- C:\WINDOWS\Mavis12.INI
[2007/12/11 15:11:16 | 024,733,448 | -H-- | C] () -- C:\WINDOWS\aolback.exe
[2007/12/11 15:11:15 | 000,182,966 | -H-- | C] () -- C:\WINDOWS\Aolunins.exe
[2007/12/11 14:39:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/11/30 14:11:34 | 000,003,679 | -H-- | C] () -- C:\WINDOWS\System32\Sys2679b.DLL
[2007/10/11 16:36:50 | 000,117,255 | -H-- | C] () -- C:\WINDOWS\hpoins11.dat
[2007/10/11 16:09:58 | 000,077,824 | RH-- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/04/07 11:05:04 | 000,000,151 | -H-- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/03/08 13:13:07 | 047,122,544 | -H-- | C] () -- C:\Program Files\Symantec Antivirus.exe
[2007/01/27 18:33:39 | 000,012,288 | -H-- | C] () -- C:\WINDOWS\System32\impborl.dll
[2006/12/15 17:29:03 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/15 09:57:58 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/12/12 13:01:52 | 000,100,724 | -H-- | C] () -- C:\WINDOWS\cpeins04.dat
[2006/12/12 13:01:52 | 000,017,176 | -H-- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2006/12/12 13:00:00 | 000,000,214 | -H-- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/11/20 18:33:18 | 000,016,896 | -H-- | C] () -- C:\Documents and Settings\FDU spare\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/13 19:33:38 | 000,001,755 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/11/11 11:24:40 | 000,000,132 | -H-- | C] () -- C:\Documents and Settings\FDU spare\Local Settings\Application Data\fusioncache.dat
[2006/11/11 11:02:33 | 000,104,340 | -H-- | C] () -- C:\WINDOWS\hpoins04.dat
[2006/11/11 11:02:33 | 000,017,176 | -H-- | C] () -- C:\WINDOWS\hpomdl04.dat
[2006/09/15 09:49:28 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\webica.ini
[2006/09/08 16:35:38 | 000,007,019 | -H-- | C] () -- C:\WINDOWS\hpclj2550.ini
[2006/08/31 11:30:03 | 000,000,302 | -H-- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2006/08/31 11:30:02 | 000,003,399 | RH-- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2006/08/31 11:27:53 | 000,000,103 | -H-- | C] () -- C:\WINDOWS\System32\hptrace.ini
[2006/08/31 11:27:11 | 000,009,092 | -H-- | C] () -- C:\WINDOWS\hplj42504350.ini
[2006/08/31 11:26:55 | 000,001,474 | -H-- | C] () -- C:\WINDOWS\mariner.ini
[2006/08/14 20:15:36 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/08/14 20:14:25 | 000,411,880 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/08/14 14:52:16 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/14 14:22:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2006/08/14 14:22:09 | 000,002,301 | -H-- | C] () -- C:\WINDOWS\mozver.dat
[2006/08/14 11:40:29 | 000,389,120 | -H-- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2006/08/14 11:40:29 | 000,086,016 | -H-- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2006/08/14 11:02:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/08/14 10:56:21 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/05/06 07:46:29 | 000,011,634 | -H-- | C] () -- C:\WINDOWS\hpomdl11.dat
[2005/11/10 11:38:44 | 000,235,520 | -H-- | C] () -- C:\WINDOWS\System32\lgnwnt32.dll
[2005/09/08 10:55:34 | 000,245,843 | -H-- | C] () -- C:\WINDOWS\System32\nwshlxnt.dll
[2005/04/18 08:43:00 | 000,053,248 | -H-- | C] () -- C:\WINDOWS\System32\setupw2k.dll
[2004/08/04 01:07:22 | 000,001,788 | -H-- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 00:56:44 | 000,755,200 | -H-- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/04 00:56:44 | 000,338,432 | -H-- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/04 00:56:44 | 000,200,192 | -H-- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/04 00:56:44 | 000,183,808 | -H-- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/04 00:56:44 | 000,120,320 | -H-- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004/08/02 14:20:40 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/04/26 16:53:42 | 000,086,016 | -H-- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2003/12/18 10:29:12 | 000,001,724 | -H-- | C] () -- C:\WINDOWS\System32\vipx.exe
[2003/04/17 12:35:00 | 000,651,264 | -H-- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003/04/17 12:35:00 | 000,147,456 | -H-- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2003/02/25 15:19:56 | 000,094,274 | -H-- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/02/05 16:31:42 | 000,045,119 | -H-- | C] () -- C:\WINDOWS\System32\dprpcw32.dll
[2001/11/14 13:56:00 | 001,802,240 | -H-- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/10/23 10:14:28 | 000,012,736 | -H-- | C] () -- C:\WINDOWS\System32\cmdinfo.exe
[2001/10/04 14:40:54 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\nwslog32.dll
[2001/08/23 21:30:00 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 21:30:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 21:30:00 | 000,440,164 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 21:30:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 21:30:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 21:30:00 | 000,071,718 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 21:30:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 21:30:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 21:30:00 | 000,004,463 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 21:30:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2000/01/20 09:15:14 | 000,051,200 | -H-- | C] () -- C:\WINDOWS\System32\lgncon32.dll
[1999/07/22 19:07:38 | 000,015,898 | -H-- | C] () -- C:\WINDOWS\System32\vlmsup.exe
[1999/01/11 04:37:36 | 000,002,757 | -H-- | C] () -- C:\WINDOWS\System32\rdrstats.ini
[1996/05/14 09:50:22 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\prtwin32.dll
[1995/08/22 08:36:12 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\nwpsrv32.dll