WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


win32/fakerean

2 posters

descriptionwin32/fakerean Emptywin32/fakerean29th May 2011, 7:01 pm

more_horiz
OTL logfile created on: 5/29/2011 11:45:41 AM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\admin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 143.00 Mb Available Physical Memory | 28.04% Memory free
1.22 Gb Paging File | 0.61 Gb Available in Paging File | 50.39% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 54.94 Gb Free Space | 73.79% Space Free | Partition Type: NTFS

Computer Name: LO16 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/29 11:45:19 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\My Documents\Downloads\OTL.com
PRC - [2011/04/14 09:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/29 11:45:19 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\My Documents\Downloads\OTL.com
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (LiveUpdate)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (avgwd)
SRV - File not found [Auto | Stopped] -- -- (avgfws)
SRV - File not found [Disabled | Stopped] -- -- (AVG Security Toolbar Service)
SRV - File not found [Disabled | Stopped] -- -- (avast! Web Scanner)
SRV - File not found [Disabled | Stopped] -- -- (avast! Mail Scanner)
SRV - File not found [Disabled | Stopped] -- -- (avast! Antivirus)
SRV - File not found [Disabled | Stopped] -- -- (Automatic LiveUpdate Scheduler)
SRV - File not found [Auto | Stopped] -- -- (aswUpdSv)
SRV - [2011/05/26 21:37:17 | 000,069,632 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2011/05/26 20:53:27 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2010/11/16 01:10:14 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/11/06 10:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/04/27 19:11:55 | 001,245,064 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/08/22 01:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/05/11 18:32:22 | 000,142,112 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:16:48 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7D39A9FD-7752-491C-923F-CD051D0DEA59}\MpKsl5cb85fb2.sys -- (MpKsl5cb85fb2)
DRV - [2011/05/29 08:25:07 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7D39A9FD-7752-491C-923F-CD051D0DEA59}\MpKslb20f77b7.sys -- (MpKslb20f77b7)
DRV - [2011/05/28 21:09:32 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7D39A9FD-7752-491C-923F-CD051D0DEA59}\MpKslb9c8129c.sys -- (MpKslb9c8129c)
DRV - [2011/05/26 21:37:58 | 000,004,096 | ---- | M] (SuperAdBlocker.com) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\sabprocenum.sys -- (SABProcEnum)
DRV - [2011/05/26 21:37:06 | 000,020,480 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NwUsbCdFil.sys -- (NWUSBCDFIL)
DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/07/12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/07/12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/18 12:13:04 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\PCASp50.sys -- (PCASp50)
DRV - [2009/12/18 12:13:00 | 000,230,912 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2009/12/18 12:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2009/12/18 12:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2009/12/18 12:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2009/02/25 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/02/19 12:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 12:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 12:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 12:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 12:31:16 | 000,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 12:31:16 | 000,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 12:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 12:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/02/09 15:59:18 | 000,251,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20090318.001\SymIDSco.sys -- (SYMIDSCO)
DRV - [2009/02/05 13:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/02/05 13:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 13:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/02/05 13:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 13:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/02/05 13:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/01/08 23:36:06 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/05/17 15:51:13 | 000,000,000 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvuvc.hs -- (LVUVC) QuickCam Communicate Deluxe(UVC)
DRV - [2008/01/31 18:51:16 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 18:51:16 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 18:51:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/12/28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/08/08 17:39:56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2003/07/24 12:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DNINDIS5.sys -- (DNINDIS5)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr10/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4de00d8d&v=7.004.022.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="


FF - HKLM\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/23 19:18:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/22 13:02:27 | 000,000,000 | ---D | M]

[2010/03/17 01:25:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions
[2009/06/21 17:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/27 13:21:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\rffoih5k.default\extensions
[2010/04/27 21:16:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\rffoih5k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/23 18:38:07 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\rffoih5k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2011/05/25 21:03:37 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\rffoih5k.default\searchplugins\askcom.xml
[2008/12/12 11:23:54 | 000,002,158 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\rffoih5k.default\searchplugins\MySpace.xml
[2011/05/23 19:18:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/23 18:38:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/21 21:29:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/20 23:58:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/05/23 19:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/05/23 19:18:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/22 13:02:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution(2)\extensions
[2011/05/23 18:38:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution(2)\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) --
[2008/12/01 10:20:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 09:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/02/09 15:05:22 | 000,002,236 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\askcom.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/05/27 13:36:51 | 000,000,764 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.1.8 HP000D9D26243B
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - File not found
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\RunOnce: [BrandClearStubs] C:\WINDOWS\System32\iedkcs32.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 16:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b691eb73-aa0c-11df-bde7-c3d96fbc17af}\Shell - "" = AutoRun
O33 - MountPoints2\{b691eb73-aa0c-11df-bde7-c3d96fbc17af}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b691eb73-aa0c-11df-bde7-c3d96fbc17af}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/05/29 09:36:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/05/29 09:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2011/05/29 08:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/05/29 00:39:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/05/28 21:56:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\AVG Security Toolbar
[2011/05/28 20:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/28 14:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\FixItCenter
[2011/05/28 14:02:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2011/05/28 14:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2011/05/28 14:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/05/28 14:01:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/05/28 13:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011/05/27 17:51:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\DriverCure
[2011/05/27 17:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\ParetoLogic
[2011/05/27 17:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Start Menu\Programs\ParetoLogic
[2011/05/27 17:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011/05/27 17:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2011/05/27 17:49:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/05/27 12:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2011/05/27 10:48:53 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2011/05/27 10:48:53 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/05/27 10:48:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/05/27 10:48:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll
[2011/05/27 10:48:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2011/05/27 10:48:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/05/27 10:48:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll
[2011/05/27 10:48:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/05/27 10:32:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2011/05/26 17:16:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011/05/26 12:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\AVG10
[2011/05/26 12:44:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/05/26 12:43:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/05/26 12:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/05/26 12:39:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/05/26 12:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/25 20:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/05/25 19:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Sammsoft
[2011/05/25 11:49:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\Recent
[2011/05/23 19:09:33 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/04/30 11:45:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\U3
[2011/04/30 11:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[366 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[344 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/29 11:50:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1327C4F4-34E1-4B43-9C5A-F477A2056B0A}.job
[2011/05/29 10:19:00 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
[2011/05/29 09:32:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/29 09:32:36 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/05/29 09:32:35 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
[2011/05/29 09:21:47 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/29 09:15:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/29 09:15:25 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/29 08:12:43 | 000,003,398 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
[2011/05/29 07:25:25 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2011/05/29 07:24:42 | 116,439,227 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/05/29 00:39:21 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/29 00:05:46 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor_sch_1278673A-89C2-11E0-BF8D-001320D39B0B.job
[2011/05/28 23:23:06 | 000,001,680 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Microsoft Security Essentials (2).lnk
[2011/05/28 21:55:49 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Shortcut to firefox.lnk
[2011/05/28 20:38:18 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/05/28 18:00:03 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/05/28 14:02:18 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2011/05/28 05:02:12 | 000,193,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/05/27 17:50:44 | 000,000,838 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/05/27 17:50:41 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2011/05/27 13:36:51 | 000,000,764 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2011/05/27 10:58:00 | 000,184,224 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/27 08:21:45 | 000,653,807 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/05/26 21:39:05 | 000,356,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpdsp.dll
[2011/05/26 21:39:04 | 000,045,056 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\WNASPI32.DLL
[2011/05/26 21:39:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVADVE.DLL
[2011/05/26 21:39:02 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVADVD.dll
[2011/05/26 21:38:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfapi.dll
[2011/05/26 21:38:58 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\wdl.trm
[2011/05/26 21:38:52 | 000,937,984 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.sve
[2011/05/26 21:38:52 | 000,225,280 | ---- | M] (VideoSoft) -- C:\WINDOWS\System32\VSFLEX3.OCX
[2011/05/26 21:38:52 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2011/05/26 21:38:49 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\UncPH.dll
[2011/05/26 21:38:48 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tquery.dll.mui
[2011/05/26 21:38:48 | 000,008,192 | ---- | M] (DSP GROUP, INC.) -- C:\WINDOWS\System32\tssoft32.acm
[2011/05/26 21:38:47 | 000,147,456 | ---- | M] () -- C:\WINDOWS\System32\ssleay32.dll
[2011/05/26 21:38:47 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\srchadmin.dll.mui
[2011/05/26 21:38:47 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Stkit432.dll
[2011/05/26 21:38:46 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.dll
[2011/05/26 21:38:46 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.rll
[2011/05/26 21:38:16 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\sl_anet.acm
[2011/05/26 21:37:58 | 000,004,096 | ---- | M] (SuperAdBlocker.com) -- C:\WINDOWS\System32\sabprocenum.sys
[2011/05/26 21:37:57 | 000,053,248 | ---- | M] (World Wide Woodshed) -- C:\WINDOWS\System32\rhythmgd.ocx
[2011/05/26 21:37:55 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\RDOCURS.DLL
[2011/05/26 21:37:55 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2011/05/26 21:37:54 | 000,147,456 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\PRONtObj.dll
[2011/05/26 21:37:54 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\Prounstl.exe
[2011/05/26 21:37:54 | 000,122,880 | ---- | M] (Crescent Division of Progress Software Corporation) -- C:\WINDOWS\System32\Qpro32.dll
[2011/05/26 21:37:54 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2011/05/26 21:37:53 | 000,077,824 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\PRApplet.cpl
[2011/05/26 21:37:41 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nlsdl.dll
[2011/05/26 21:37:41 | 000,020,480 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\NicCo32.dll
[2011/05/26 21:37:40 | 001,355,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm50.dll
[2011/05/26 21:37:40 | 000,487,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll
[2011/05/26 21:37:40 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2011/05/26 21:37:40 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2011/05/26 21:37:40 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTKPRP.DLL
[2011/05/26 21:37:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mssph.dll.mui
[2011/05/26 21:37:38 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSREPL35.DLL
[2011/05/26 21:37:38 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSRDO20.DLL
[2011/05/26 21:37:36 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2011/05/26 21:37:33 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFPLAT.dll
[2011/05/26 21:37:33 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71KOR.DLL
[2011/05/26 21:37:33 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71JPN.DLL
[2011/05/26 21:37:32 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71DEU.DLL
[2011/05/26 21:37:32 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ITA.DLL
[2011/05/26 21:37:32 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71FRA.DLL
[2011/05/26 21:37:32 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ESP.DLL
[2011/05/26 21:37:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71ENU.DLL
[2011/05/26 21:37:32 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71CHT.DLL
[2011/05/26 21:37:32 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71CHS.DLL
[2011/05/26 21:37:31 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll
[2011/05/26 21:37:31 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2011/05/26 21:37:31 | 000,086,016 | ---- | M] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2011/05/26 21:37:31 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC42ENU.DLL
[2011/05/26 21:37:30 | 000,651,264 | ---- | M] () -- C:\WINDOWS\System32\libeay32.dll
[2011/05/26 21:37:28 | 000,163,840 | ---- | M] (America Online) -- C:\WINDOWS\System32\jgdw400.dll
[2011/05/26 21:37:28 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/05/26 21:37:28 | 000,065,536 | ---- | M] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgsh400.dll
[2011/05/26 21:37:27 | 002,310,144 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2011/05/26 21:37:27 | 000,049,152 | ---- | M] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\inetwh32.dll
[2011/05/26 21:37:26 | 000,524,288 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2011/05/26 21:37:26 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe
[2011/05/26 21:37:25 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2011/05/26 21:37:25 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2011/05/26 21:37:25 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2011/05/26 21:37:25 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2011/05/26 21:37:25 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2011/05/26 21:37:25 | 000,147,456 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2011/05/26 21:37:25 | 000,147,456 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2011/05/26 21:37:25 | 000,143,360 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2011/05/26 21:37:25 | 000,143,360 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2011/05/26 21:37:25 | 000,143,360 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2011/05/26 21:37:25 | 000,143,360 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2011/05/26 21:37:25 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2011/05/26 21:37:25 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2011/05/26 21:37:25 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2011/05/26 21:37:25 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2011/05/26 21:37:25 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2011/05/26 21:37:25 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2011/05/26 21:37:25 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2011/05/26 21:37:25 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2011/05/26 21:37:25 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2011/05/26 21:37:25 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2011/05/26 21:37:25 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2011/05/26 21:37:25 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2011/05/26 21:37:25 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2011/05/26 21:37:25 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2011/05/26 21:37:24 | 000,446,464 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2011/05/26 21:37:24 | 000,086,016 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2011/05/26 21:37:24 | 000,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2011/05/26 21:37:24 | 000,040,960 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2011/05/26 21:37:23 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2011/05/26 21:37:22 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuTRK.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuTHA.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuSVE.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuRUS.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuPTG.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuPTB.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuPLK.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuNOR.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuNLD.dll
[2011/05/26 21:37:21 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuKOR.dll
[2011/05/26 21:37:20 | 000,114,688 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuJPN.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuITA.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuHUN.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuHEB.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuFRC.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuFRA.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2011/05/26 21:37:20 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2011/05/26 21:37:19 | 000,049,152 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2011/05/26 21:37:19 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2011/05/26 21:37:19 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuDAN.dll
[2011/05/26 21:37:19 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuCSY.dll
[2011/05/26 21:37:19 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2011/05/26 21:37:19 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2011/05/26 21:37:19 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2011/05/26 21:37:19 | 000,040,960 | ---- | M] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2011/05/26 21:37:18 | 000,061,440 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4396.dll
[2011/05/26 21:37:17 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2011/05/26 21:37:17 | 000,204,800 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipr12.dll
[2011/05/26 21:37:17 | 000,094,208 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipt12.dll
[2011/05/26 21:37:17 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
[2011/05/26 21:37:17 | 000,061,440 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZinw12.exe
[2011/05/26 21:37:17 | 000,057,344 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZisn12.dll
[2011/05/26 21:37:17 | 000,028,672 | R--- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzjfw01.dll
[2011/05/26 21:37:16 | 000,393,216 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzcon12.dll
[2011/05/26 21:37:16 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\System32\hpzcoi12.dll
[2011/05/26 21:37:15 | 000,581,632 | R--- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl.dll
[2011/05/26 21:37:15 | 000,278,528 | R--- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\hpgwiamd.dll
[2011/05/26 21:37:15 | 000,274,432 | R--- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\HPZc3212.dll
[2011/05/26 21:37:15 | 000,229,376 | R--- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst08.dll
[2011/05/26 21:37:10 | 000,036,864 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\e100bmsg.dll
[2011/05/26 21:37:09 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drmupgds.exe
[2011/05/26 21:37:06 | 000,020,480 | ---- | M] (Novatel Wireless Inc.) -- C:\WINDOWS\System32\drivers\NwUsbCdFil.sys
[2011/05/26 21:37:03 | 000,094,208 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\DNIN50.dll
[2011/05/26 21:37:01 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2011/05/26 21:37:01 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2011/05/26 21:37:00 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2011/05/26 21:36:52 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll
[2011/05/26 21:36:51 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2011/05/26 21:36:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2011/05/26 21:36:33 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2011/05/26 21:36:29 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll
[2011/05/26 21:36:28 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2011/05/26 21:36:27 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2011/05/26 21:36:27 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/05/26 21:36:25 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2011/05/26 21:36:25 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2011/05/26 21:36:23 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2011/05/26 21:36:21 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/05/26 21:36:19 | 000,536,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2011/05/26 21:36:19 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2011/05/26 21:36:19 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2011/05/26 21:36:19 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2011/05/26 21:36:19 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2011/05/26 21:36:19 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2011/05/26 21:36:19 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2011/05/26 21:36:19 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2011/05/26 21:36:19 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2011/05/26 21:36:19 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2011/05/26 21:36:18 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2011/05/26 21:36:17 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2011/05/26 21:36:17 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2011/05/26 21:36:12 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2011/05/26 21:36:10 | 001,241,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2011/05/26 21:36:10 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2011/05/26 21:36:08 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2011/05/26 21:36:08 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2011/05/26 21:36:05 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2011/05/26 21:36:05 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2011/05/26 21:36:04 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2011/05/26 21:36:03 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2011/05/26 21:36:00 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2011/05/26 21:35:59 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2011/05/26 21:35:56 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2011/05/26 21:35:51 | 000,720,896 | ---- | M] (Sensaura Ltd) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/05/26 21:35:42 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnmpntw.dll
[2011/05/26 21:35:41 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsrpcn.dll
[2011/05/26 21:34:52 | 000,106,496 | ---- | M] (Canon Inc.) -- C:\WINDOWS\System32\cnco460.dll
[2011/05/26 21:34:51 | 000,135,168 | ---- | M] (Canon Inc.) -- C:\WINDOWS\System32\CNCL460.DLL
[2011/05/26 21:34:50 | 001,302,528 | ---- | M] (CANON INC.) -- C:\WINDOWS\System32\CNCC460.DLL
[2011/05/26 21:34:50 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\System32\CNCI460.DLL
[2011/05/26 21:34:48 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.rll
[2011/05/26 21:34:48 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2011/05/26 21:34:47 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.dll
[2011/05/26 21:34:46 | 000,069,632 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\System32\cdnotify6.ocx
[2011/05/26 21:33:54 | 000,319,488 | ---- | M] () -- C:\WINDOWS\System32\AegisI5.exe
[2011/05/26 21:33:54 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ATHPRXY.DLL
[2011/05/26 21:33:51 | 000,380,928 | ---- | M] () -- C:\WINDOWS\System32\actskin4.ocx
[2011/05/26 21:33:50 | 000,323,584 | ---- | M] (Dialog Medien GmbH) -- C:\WINDOWS\System32\ACD.ocx
[2011/05/26 21:30:14 | 000,049,152 | ---- | M] () -- C:\WINDOWS\setpwrcg.exe
[2011/05/26 21:26:07 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/05/26 20:08:00 | 001,265,664 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2011/05/26 11:55:46 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/26 09:18:30 | 000,008,544 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/05/25 11:50:30 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~15851300
[2011/05/25 11:50:20 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\15851300
[2011/05/24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/05/23 19:09:33 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/05/23 18:33:42 | 000,014,454 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\h0387md7ekpl3vuk24yy
[2011/05/23 18:33:42 | 000,014,454 | -HS- | M] () -- C:\Documents and Settings\admin\Local Settings\Application Data\h0387md7ekpl3vuk24yy
[366 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[344 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/29 09:34:42 | 000,001,077 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Live ID.lnk
[2011/05/29 09:15:25 | 534,827,008 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/29 07:56:27 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/29 07:24:42 | 116,439,227 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/05/29 00:39:21 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/29 00:05:45 | 000,000,322 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor_sch_1278673A-89C2-11E0-BF8D-001320D39B0B.job
[2011/05/28 23:23:06 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Microsoft Security Essentials (2).lnk
[2011/05/28 21:55:49 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Shortcut to firefox.lnk
[2011/05/28 20:37:03 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/05/28 14:19:38 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job
[2011/05/28 14:19:37 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job
[2011/05/28 14:02:18 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2011/05/28 14:02:18 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2011/05/28 13:22:12 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011/05/28 05:02:12 | 000,193,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/05/27 17:51:33 | 000,000,444 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/05/27 17:50:43 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/05/27 17:50:42 | 000,000,466 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/05/27 17:50:40 | 000,000,376 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2011/05/27 17:50:37 | 000,000,358 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2011/05/27 08:21:45 | 000,653,807 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/05/26 09:16:20 | 000,008,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/05/25 11:50:30 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~15851300
[2011/05/25 11:50:20 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\15851300
[2011/05/23 13:17:37 | 000,014,454 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\h0387md7ekpl3vuk24yy
[2011/05/23 13:17:37 | 000,014,454 | -HS- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\h0387md7ekpl3vuk24yy
[2011/02/12 18:56:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\olx98NT.sys
[2011/01/31 15:49:35 | 000,000,047 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/07/15 22:10:30 | 000,003,139 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010/03/06 18:53:35 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/11/10 01:35:18 | 000,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/11/05 23:52:04 | 000,000,287 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/28 09:56:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/18 21:40:33 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2009/05/18 21:40:33 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2009/05/18 21:40:29 | 000,149,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\ar5523.bin
[2009/05/13 23:28:30 | 000,003,398 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
[2008/10/04 13:49:42 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\bwmedia.dll
[2008/10/04 13:38:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Setup1.exe
[2008/06/21 01:21:50 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/21 01:08:04 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/03/23 22:05:56 | 000,001,158 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/03/23 21:54:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/06/20 22:53:34 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2006/03/02 18:45:35 | 000,000,316 | ---- | C] () -- C:\WINDOWS\Ar115e.INI
[2006/01/21 12:33:33 | 000,000,147 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2006/01/21 12:33:32 | 000,003,399 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2006/01/21 12:33:12 | 000,000,728 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2006/01/21 12:28:20 | 000,069,372 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2006/01/21 12:28:20 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2006/01/21 12:26:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/17 12:04:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/01/17 11:45:24 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/01/17 11:45:12 | 000,000,390 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/11 16:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 16:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 16:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 16:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 16:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 16:06:43 | 000,184,224 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 16:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 16:00:28 | 000,463,938 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 16:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 16:00:28 | 000,079,214 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 16:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 16:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 16:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 16:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 16:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 16:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 16:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 16:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:17639624
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

descriptionwin32/fakerean EmptyRe: win32/fakerean30th May 2011, 8:05 pm

more_horiz
Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    [2011/05/25 11:50:30 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~15851300
    [2011/05/25 11:50:20 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\15851300
    [2011/05/23 13:17:37 | 000,014,454 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\h0387md7ekpl3vuk24yy
    [2011/05/23 13:17:37 | 000,014,454 | -HS- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\h0387md7ekpl3vuk24yy


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
win32/fakerean DXwU4
win32/fakerean VvYDg
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum