New
#21
I'm not seeing anything that jumps out at me
Was anything removed with all your Virus scans?
Help! - Any advice on trojans removal ?
-
-
New #22
There were various things.e.g.
"D:/32788R22F22FWJFW/LIST-C.bat - Probably infected with BATCH.virus."
"D:/32788R22F22FWJFW/FIND3M.bat - Probably infected with BATCH.virus."
I also spottend something running called "Joseph.Dorm12.nctu.edu.tw"
On my Laptop
Malwarebytes AntiMalware found:
Trojan.Downloader - wibb32.exe - in: Local Settings\Temp
Rogue.Installer - setupxv[1].exe - in: Content.IE5\GHAJW1lJ
Trojan.Dropper - nvvscv.exe - in: Local Settings\Temp
Disabled.SecurityCenter - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Data 1).
-
New #23
Here is the OTL from my WindowXP Laptop:
Code:[OTL.txt PART01] OTL logfile created on: 12/01/2010 13:03:02 - Run 1 OTL by OldTimer - Version 3.1.24.0 Folder = C:\Documents and Settings\xxxx xxxxxx\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 79.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 69.64 Gb Total Space | 40.46 Gb Free Space | 58.10% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: xxxx08 Current User Name: xxxx xxxxxx Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\xxxx xxxxxx\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) PRC - C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files\Mindjet\MindManager 8\MmReminderService.exe (Mindjet) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) PRC - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe () PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab) PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe (Kaspersky Lab) PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.) PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.) PRC - C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited) PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\ThinkVantage\AMSG\Amsg.exe (LENOVO) PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo) PRC - C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited) PRC - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited) PRC - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo ) PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo ) PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo ) PRC - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo ) PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited) PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited) PRC - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.) PRC - c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe (Microsoft Corporation) PRC - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) PRC - c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.) PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) PRC - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) PRC - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe () PRC - C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited) PRC - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited) PRC - C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe (Lenovo Group Limited) PRC - C:\WINDOWS\system32\TpKmpSvc.exe () PRC - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\wisptis.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\xxxx xxxxxx\Desktop\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (Power Manager DBC Service) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe () SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab) SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.) SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo) SRV - (AcSvc) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo ) SRV - (AcPrfMgrSvc) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo ) SRV - (TPHKSVC) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) SRV - (LENOVO.MICMUTE) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SRV - (TPHDEXLGSVC) -- C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.) SRV - (SUService) -- c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) SRV - (Irmon) -- C:\WINDOWS\system32\irmon.dll (Microsoft Corporation) SRV - (TVT Scheduler) -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (IPSSVC) -- C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited) SRV - (TpKmpSVC) -- C:\WINDOWS\system32\TpKmpSvc.exe () SRV - (btwdins) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab) DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (truecrypt) -- C:\WINDOWS\system32\drivers\truecrypt.sys (TrueCrypt Foundation) DRV - (SCDEmu) -- C:\WINDOWS\system32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS () DRV - (klbg) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab) DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (LMIRfsClientNP) -- C:\WINDOWS\system32\LMIRfsClientNP.dll (LogMeIn, Inc.) DRV - (NETw5x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation) DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab) DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab) DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS () DRV - (ANC) -- C:\WINDOWS\system32\drivers\ANC.sys (IBM Corp.) DRV - (IBMTPCHK) -- C:\WINDOWS\system32\drivers\IBMBLDID.sys () DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics Incorporated) DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.) DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.) DRV - (MpFilter) -- C:\WINDOWS\system32\drivers\MpFilter.sys (Microsoft Corporation) DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation) DRV - (RimVSerPort) -- C:\WINDOWS\system32\drivers\RimSerial.sys (Research in Motion Ltd) DRV - (adfs) -- C:\WINDOWS\system32\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.) DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.) DRV - (lmimirr) -- C:\WINDOWS\system32\drivers\lmimirr.sys (LogMeIn, Inc.) DRV - (hwusbfake) -- C:\WINDOWS\system32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (Lenovo Group Limited) DRV - (NSCIRDA) -- C:\WINDOWS\system32\drivers\nscirda.sys (National Semiconductor Corporation) DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (mdvrmng) -- C:\WINDOWS\system32\drivers\mdvrmng.sys () DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (PROCDD) -- C:\WINDOWS\system32\drivers\PROCDD.SYS (Lenovo Group Limited) DRV - (Smapint) -- C:\WINDOWS\system32\drivers\SMAPINT.SYS (Microsoft Corporation) DRV - (TDSMAPI) -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS () DRV - (AEAudioService) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation) DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV - (mdmxsdk) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys (Conexant) DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.) DRV - (smihlp) -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys (UPEK Inc.) DRV - (HSXHWAZL) -- C:\WINDOWS\system32\drivers\hsxhwazl.sys (Conexant Systems, Inc.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions) DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions) DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions) DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions) DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions) DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions) DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions) DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions) DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions) DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions) DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions) DRV - (atmeltpm) -- C:\WINDOWS\system32\drivers\atmeltpm.sys (Atmel, Inc.) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (ROOTMODEM) -- C:\WINDOWS\system32\drivers\rootmdm.sys (Microsoft Corporation) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation) DRV - (E100B) Intel(R) -- C:\WINDOWS\system32\drivers\e100b325.sys (Intel Corporation) DRV - (PMEM) -- C:\WINDOWS\system32\drivers\PMEMNT.SYS (Microsoft Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yyyyyyyy.co.uk/t1/t1/launch.html IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.yyyyyyyy.co.uk/t1/t1/launch.html" FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:7.0.20091216Wb1 FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.464 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {b4e481a8-9ef7-47ff-8512-dc865ba752bd}:1.1.5 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/12/23 00:41:49 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/08 10:14:45 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/08 10:14:45 | 00,000,000 | ---D | M] [2009/12/22 18:50:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla\Extensions [2009/12/22 18:50:16 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/12/23 20:46:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla\Extensions\home2@tomtom.com [2010/01/12 09:50:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla\Firefox\Profiles\yfoaw9to.default\extensions [2009/12/23 11:59:11 | 00,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla\Firefox\Profiles\yfoaw9to.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/12/23 12:01:00 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla\Firefox\Profiles\yfoaw9to.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/01/08 10:34:25 | 00,000,000 | ---D | M] (Zen Usage Viewer) -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla\Firefox\Profiles\yfoaw9to.default\extensions\{b4e481a8-9ef7-47ff-8512-dc865ba752bd} [2009/12/23 20:23:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla\Firefox\Profiles\yfoaw9to.default\extensions\LogMeInClient@logmein.com [2010/01/12 09:50:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/01/08 10:14:45 | 00,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2010/01/12 09:40:56 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010/01/08 10:14:40 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2010/01/08 10:14:40 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2010/01/08 10:14:42 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2007/03/22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL [2009/12/02 08:11:44 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2009/12/02 08:11:44 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml [2009/12/02 08:11:44 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2009/12/02 08:11:44 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2009/12/02 08:11:44 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2009/12/02 08:11:44 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2009/12/02 08:11:44 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml [2009/12/02 08:11:44 | 00,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: (698 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (CmjBrowserHelperObject Object) - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Lenovo ThinkVantage Toolbox) - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll (PC-Doctor, Inc.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo ) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe (LENOVO) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL () O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [LPMailChecker] C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [MMReminderService] C:\Program Files\Mindjet\MindManager 8\MmReminderService.exe (Mindjet) O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo) O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKCU..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe () O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe File not found O4 - Startup: C:\Documents and Settings\xxxx xxxxxx\Start Menu\Programs\Startup\306313.lnk = C:\Documents and Settings\xxxx xxxxxx\Local Settings\Temp\nvscv.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.) O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra 'Tools' menuitem : IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet) O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet) O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} http://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1261506780282 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1261522796421 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/...ll-142-win.cab (Java Plug-in 1.4.2) O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/...ll-142-win.cab (Java Plug-in 1.4.2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo ) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O20 - Winlogon\Notify\psfus: DllName - psqlpwd.dll - C:\WINDOWS\System32\psqlpwd.dll (UPEK Inc.) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll () O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1775d9aa-f4d8-11de-bcdc-00164155a02e}\Shell - "" = AutoRun O33 - MountPoints2\{1775d9aa-f4d8-11de-bcdc-00164155a02e}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1775d9aa-f4d8-11de-bcdc-00164155a02e}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{3c647896-f18d-11de-bcd7-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{3c647896-f18d-11de-bcd7-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{3c647896-f18d-11de-bcd7-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{3c647897-f18d-11de-bcd7-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{3c647897-f18d-11de-bcd7-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{3c647897-f18d-11de-bcd7-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{3c64789f-f18d-11de-bcd7-00164155a02e}\Shell - "" = AutoRun O33 - MountPoints2\{3c64789f-f18d-11de-bcd7-00164155a02e}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{3c64789f-f18d-11de-bcd7-00164155a02e}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{3c6478a1-f18d-11de-bcd7-00164155a02e}\Shell - "" = AutoRun O33 - MountPoints2\{3c6478a1-f18d-11de-bcd7-00164155a02e}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{3c6478a1-f18d-11de-bcd7-00164155a02e}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\{3c6478a4-f18d-11de-bcd7-00164155a02e}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{7f4a335a-f79e-11de-bcdd-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{7f4a335a-f79e-11de-bcdd-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{7f4a335a-f79e-11de-bcdd-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{7f4a335d-f79e-11de-bcdd-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{7f4a335d-f79e-11de-bcdd-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{7f4a335d-f79e-11de-bcdd-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{860176b0-f189-11de-bcd5-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{860176b0-f189-11de-bcd5-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{860176b0-f189-11de-bcd5-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{9875eb13-efae-11de-bcc3-00164155a02e}\Shell - "" = AutoRun O33 - MountPoints2\{9875eb13-efae-11de-bcc3-00164155a02e}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9875eb13-efae-11de-bcc3-00164155a02e}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{c0fac01c-f7c6-11de-bcdf-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{c0fac01c-f7c6-11de-bcdf-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c0fac01c-f7c6-11de-bcdf-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{c0fac01d-f7c6-11de-bcdf-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{c0fac01d-f7c6-11de-bcdf-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c0fac01d-f7c6-11de-bcdf-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{fc7c8638-f349-11de-bcd9-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{fc7c8638-f349-11de-bcd9-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{fc7c8638-f349-11de-bcd9-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{fc7c8639-f349-11de-bcd9-00130242c244}\Shell - "" = AutoRun O33 - MountPoints2\{fc7c8639-f349-11de-bcd9-00130242c244}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{fc7c8639-f349-11de-bcd9-00130242c244}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %*
Last edited by skunksmash; 12 Jan 2010 at 11:55.
-
New #24
Code:Part 02 ========== Files/Folders - Created Within 30 Days ========== [2010/01/12 12:53:33 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\OTL.exe [2010/01/12 12:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Desktop\HostsXpert [2010/01/12 10:21:43 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys [2010/01/12 10:21:43 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys [2010/01/12 09:52:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Skype [2010/01/12 09:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010/01/12 09:51:58 | 00,000,000 | R--D | C] -- C:\Program Files\Skype [2010/01/12 09:39:17 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2010/01/12 09:39:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010/01/12 09:39:02 | 00,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010/01/12 09:24:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2010/01/12 09:22:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files [2010/01/12 00:38:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2010/01/11 22:41:31 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Recent [2010/01/11 22:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion [2010/01/11 22:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Yahoo! [2010/01/11 22:36:42 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo! [2010/01/11 22:36:29 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/01/11 10:18:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab [2010/01/11 09:40:31 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010/01/11 00:57:54 | 00,195,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe [2010/01/11 00:56:02 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials [2010/01/11 00:54:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2010/01/11 00:53:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\SUPERAntiSpyware.com [2010/01/11 00:53:25 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2010/01/11 00:51:01 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010/01/11 00:51:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2010/01/10 22:17:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Malwarebytes [2010/01/10 22:17:33 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/01/10 22:17:32 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/01/10 22:17:32 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/01/10 22:17:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/01/10 00:04:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\{C0B133B8-33F7-401B-A331-5780D8F885A9} [2010/01/09 21:19:09 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010/01/09 12:52:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet [2010/01/09 11:55:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2010/01/08 20:51:52 | 00,000,000 | ---D | C] -- C:\Program Files\PowerISO [2010/01/07 23:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2010/01/07 23:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\LogMeIn [2010/01/07 23:08:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS [2010/01/07 23:08:20 | 00,083,288 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll [2010/01/07 23:08:20 | 00,028,984 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll [2010/01/07 23:08:19 | 00,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2010/01/07 23:08:15 | 00,087,352 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll [2010/01/07 23:08:02 | 00,000,000 | ---D | C] -- C:\Program Files\LogMeIn [2010/01/07 23:06:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Deployment [2010/01/04 08:55:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel [2010/01/02 12:59:06 | 00,872,192 | R--- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys [2010/01/02 12:59:06 | 00,103,168 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbfake.sys [2010/01/02 12:59:06 | 00,101,376 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [2010/01/02 12:59:06 | 00,100,992 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [2010/01/02 12:59:06 | 00,024,448 | R--- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [2009/12/26 21:35:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2009/12/26 18:59:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/12/26 18:59:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\AdobeUM [2009/12/26 18:58:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Adobe [2009/12/26 16:37:14 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom DesktopSuite [2009/12/26 13:34:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Birdstep Technology [2009/12/26 13:34:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology [2009/12/26 13:32:12 | 00,000,000 | ---D | C] -- C:\Program Files\Huawei Modems [2009/12/26 13:31:47 | 00,000,000 | ---D | C] -- C:\Program Files\3 Mobile Broadband [2009/12/25 22:29:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/12/25 22:27:43 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe [2009/12/25 19:10:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss [2009/12/25 18:45:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Videos [2009/12/24 11:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Adobe [2009/12/24 11:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS [2009/12/24 07:50:28 | 00,000,000 | ---D | C] -- C:\Program Files\AVG [2009/12/24 00:59:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Google Gadgets [2009/12/24 00:33:08 | 00,000,000 | ---D | C] -- C:\zz_AMSS_Photos [2009/12/24 00:07:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic [2009/12/24 00:05:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio [2009/12/24 00:00:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\.oit [2009/12/23 23:20:48 | 00,027,136 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys [2009/12/23 21:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\IBM [2009/12/23 20:47:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\TomTom [2009/12/23 20:46:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\TomTom [2009/12/23 20:46:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TomTom [2009/12/23 20:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V [2009/12/23 20:46:21 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom HOME 2 [2009/12/23 20:44:10 | 20,299,200 | ---- | C] (TomTom International B.V.) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\TomTomHOME2winlatest.exe [2009/12/23 18:51:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Avaya [2009/12/23 18:21:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Van Dyke Technologies [2009/12/23 18:20:30 | 00,000,000 | ---D | C] -- C:\Program Files\AbsoluteFTP [2009/12/23 18:07:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TeamViewer [2009/12/23 18:06:10 | 00,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2009/12/23 18:05:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\temp [2009/12/23 18:03:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\skypePM [2009/12/23 18:00:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype [2009/12/23 17:53:50 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent [2009/12/23 17:53:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\uTorrent [2009/12/23 17:47:02 | 00,000,000 | ---D | C] -- C:\Program Files\Edraw Max [2009/12/23 17:17:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI [2009/12/23 17:02:22 | 00,290,816 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiok3x2.dll [2009/12/23 17:02:21 | 00,126,976 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll [2009/12/23 17:02:21 | 00,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibrtmon.exe [2009/12/23 17:02:20 | 00,049,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll [2009/12/23 17:00:30 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2009/12/23 17:00:07 | 01,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll [2009/12/23 16:52:50 | 00,000,000 | ---D | C] -- C:\Program Files\Digital Line Detect [2009/12/23 16:52:37 | 00,000,000 | ---D | C] -- C:\Program Files\NetWaiting [2009/12/23 16:52:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\InstallShield [2009/12/23 16:51:20 | 00,028,272 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NicCo2.dll [2009/12/23 16:39:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Lenovo [2009/12/23 16:33:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Lenovo [2009/12/23 16:22:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\(null) [2009/12/23 15:49:03 | 00,030,144 | ---- | C] (Lenovo (United States) Inc.) -- C:\WINDOWS\System32\drivers\psadd.sys [2009/12/23 15:46:33 | 00,000,000 | ---D | C] -- C:\SWTOOLS [2009/12/23 15:39:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCDr [2009/12/23 15:38:37 | 00,000,000 | ---D | C] -- C:\Program Files\PC-Doctor [2009/12/23 15:28:37 | 00,094,208 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\PWMCPl.cpl [2009/12/23 15:25:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Intel [2009/12/23 15:25:04 | 05,977,216 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\NETw5x32.sys [2009/12/23 15:25:04 | 02,756,608 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw5r32.dll [2009/12/23 15:25:04 | 00,675,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw5c32.dll [2009/12/23 15:24:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2009/12/23 15:24:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel [2009/12/23 12:32:33 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys [2009/12/23 12:31:19 | 00,000,000 | ---D | C] -- C:\Program Files\Orange Mobile Partner [2009/12/23 12:30:59 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2009/12/23 12:30:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macromedia [2009/12/23 12:30:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia [2009/12/23 12:30:10 | 00,000,000 | ---D | C] -- C:\Program Files\Macromedia [2009/12/23 11:02:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TrueCrypt [2009/12/23 10:54:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TrueCrypt [2009/12/23 10:54:30 | 00,223,440 | ---- | C] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys [2009/12/23 10:54:28 | 00,000,000 | ---D | C] -- C:\Program Files\TrueCrypt [2009/12/23 10:41:23 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2009/12/23 10:06:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/12/23 10:04:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Salty Brine [2009/12/23 10:04:21 | 00,874,248 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com Xceed Home) -- C:\WINDOWS\System32\SmartUI2.ocx [2009/12/23 10:04:21 | 00,659,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX [2009/12/23 10:04:21 | 00,599,800 | ---- | C] (Software FX, Inc.) -- C:\WINDOWS\System32\Cfx4032.ocx [2009/12/23 10:04:21 | 00,396,960 | ---- | C] (Namtuk.com) -- C:\WINDOWS\System32\MyCommandButton.ocx [2009/12/23 10:04:21 | 00,319,488 | ---- | C] (Seekford Solutions, Inc.) -- C:\WINDOWS\System32\SNTP Wizard2.ocx [2009/12/23 10:04:21 | 00,258,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msflxgrd.ocx [2009/12/23 10:04:21 | 00,218,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RICHTX32.OCX [2009/12/23 10:04:21 | 00,159,744 | ---- | C] (MicroDexterity, Inc.) -- C:\WINDOWS\System32\stamin32.dll [2009/12/23 10:04:21 | 00,155,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Comdlg32.ocx [2009/12/23 10:04:21 | 00,136,976 | ---- | C] (Software FX, Inc.) -- C:\WINDOWS\System32\SfxBar.dll [2009/12/23 10:04:20 | 00,000,000 | ---D | C] -- C:\Program Files\FolderMatch [2009/12/23 10:01:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009/12/23 09:44:47 | 00,000,000 | ---D | C] -- C:\Program Files\TextPad [2009/12/23 09:41:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Mindjet [2009/12/23 09:34:08 | 00,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll [2009/12/23 09:34:08 | 00,005,632 | ---- | C] (Tracker Software) -- C:\WINDOWS\System32\pxc25pm.dll [2009/12/23 09:33:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Maps [2009/12/23 09:33:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mindjet [2009/12/23 09:33:27 | 00,000,000 | ---D | C] -- C:\Program Files\Mindjet [2009/12/23 09:21:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\{7C480F86-91B2-4DE0-9E83-A05DD0140F5C} [2009/12/23 08:38:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Xara_Xara Xtreme Pro 5 [2009/12/23 08:38:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Magix [2009/12/23 08:38:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\MAGIX [2009/12/23 08:38:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Xara [2009/12/23 08:37:42 | 00,000,000 | ---D | C] -- C:\Program Files\Xara [2009/12/23 08:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Xara [2009/12/23 01:29:02 | 00,000,000 | ---D | C] -- C:\DRIVERS [2009/12/23 01:27:10 | 00,017,844 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\drivers\TPHKDRV.sys [2009/12/23 01:24:45 | 00,108,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\PROCHLP.DLL [2009/12/23 01:24:45 | 00,108,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\IPSSVC.EXE [2009/12/23 01:24:45 | 00,012,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\drivers\PROCDD.SYS [2009/12/23 01:23:36 | 00,000,000 | ---D | C] -- C:\IBMTOOLS [2009/12/23 01:10:50 | 00,000,000 | ---D | C] -- C:\zz_downloads-all [2009/12/23 01:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Tracing [2009/12/23 01:06:38 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2009/12/23 01:05:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft [2009/12/23 01:05:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft [2009/12/23 01:05:14 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live [2009/12/23 00:42:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2009/12/23 00:41:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009/12/23 00:41:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2009/12/23 00:40:57 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009/12/23 00:40:44 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2009/12/23 00:39:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2009/12/23 00:32:39 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys [2009/12/23 00:32:26 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll [2009/12/23 00:32:06 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe [2009/12/23 00:32:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll [2009/12/23 00:32:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll [2009/12/23 00:32:05 | 00,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\nscirda.sys [2009/12/23 00:32:03 | 00,000,000 | ---D | C] -- C:\Program Files\Synaptics [2009/12/23 00:21:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2009/12/23 00:21:50 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild [2009/12/23 00:21:42 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2009/12/23 00:21:25 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2009/12/23 00:21:25 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2009/12/23 00:21:25 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2009/12/23 00:21:25 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [2009/12/23 00:21:24 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2009/12/23 00:21:24 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2009/12/22 23:38:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA [2009/12/22 23:17:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Macromedia [2009/12/22 23:10:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2009/12/22 23:10:39 | 00,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2009/12/22 23:10:39 | 00,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2009/12/22 22:54:01 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2009/12/22 22:34:33 | 00,000,000 | ---D | C] -- C:\Docs [2009/12/22 22:32:47 | 00,000,000 | ---D | C] -- C:\PSTs [2009/12/22 22:21:39 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\IECompatCache [2009/12/22 22:20:47 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\PrivacIE [2009/12/22 22:19:25 | 00,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2009/12/22 22:18:35 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync [2009/12/22 22:18:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009/12/22 22:17:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2009/12/22 22:17:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2009/12/22 22:17:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009/12/22 22:08:54 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009/12/22 22:03:07 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009/12/22 21:57:34 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\IETldCache [2009/12/22 21:55:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Downloads [2009/12/22 21:49:02 | 11,069,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2009/12/22 21:49:02 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2009/12/22 21:49:02 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2009/12/22 21:49:02 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2009/12/22 21:48:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2009/12/22 21:48:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009/12/22 21:48:30 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2009/12/22 21:47:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Temp [2009/12/22 21:20:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2009/12/22 21:16:47 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2009/12/22 21:06:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2009/12/22 20:59:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2009/12/22 20:57:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2009/12/22 20:55:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2009/12/22 20:53:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2009/12/22 19:25:34 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2009/12/22 19:15:17 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2009/12/22 19:15:11 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2009/12/22 19:15:04 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2009/12/22 19:14:57 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2009/12/22 19:14:26 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2009/12/22 19:11:50 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2009/12/22 19:11:48 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2009/12/22 19:11:48 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2009/12/22 19:09:51 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2009/12/22 19:09:51 | 00,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2009/12/22 19:09:51 | 00,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2009/12/22 19:09:51 | 00,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2009/12/22 19:09:51 | 00,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2009/12/22 19:09:51 | 00,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2009/12/22 19:09:50 | 00,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2009/12/22 19:09:50 | 00,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2009/12/22 19:09:50 | 00,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2009/12/22 19:09:50 | 00,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2009/12/22 19:09:49 | 00,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2009/12/22 19:09:49 | 00,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2009/12/22 19:09:49 | 00,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2009/12/22 19:09:48 | 01,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2009/12/22 19:09:48 | 00,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2009/12/22 19:09:48 | 00,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2009/12/22 19:09:44 | 01,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys [2009/12/22 19:09:44 | 00,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys [2009/12/22 19:09:44 | 00,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys [2009/12/22 19:08:59 | 00,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2009/12/22 19:08:59 | 00,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2009/12/22 19:08:59 | 00,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2009/12/22 19:08:59 | 00,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2009/12/22 19:08:59 | 00,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2009/12/22 19:08:59 | 00,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2009/12/22 19:08:59 | 00,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2009/12/22 19:08:59 | 00,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2009/12/22 19:08:59 | 00,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2009/12/22 19:08:59 | 00,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2009/12/22 19:08:59 | 00,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2009/12/22 19:08:59 | 00,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2009/12/22 19:08:59 | 00,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2009/12/22 19:08:59 | 00,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2009/12/22 19:08:59 | 00,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2009/12/22 19:08:59 | 00,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2009/12/22 19:08:59 | 00,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2009/12/22 19:08:59 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2009/12/22 19:08:59 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2009/12/22 19:08:59 | 00,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2009/12/22 19:08:59 | 00,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2009/12/22 18:57:13 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2009/12/22 18:57:05 | 01,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2009/12/22 18:56:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2009/12/22 18:48:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2009/12/22 18:48:26 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2009/12/22 18:46:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Mozilla [2009/12/22 18:46:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla [2009/12/22 18:45:56 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009/12/22 18:34:31 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2009/12/22 18:34:31 | 00,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui [2009/12/22 18:34:31 | 00,017,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui [2009/12/22 18:34:31 | 00,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui [2009/12/22 18:34:31 | 00,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2009/12/22 18:34:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2009/12/22 18:20:18 | 00,000,000 | --SD | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Microsoft [2009/12/22 18:20:18 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\SendTo [2009/12/22 18:20:18 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\Start Menu [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Pictures [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Music [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\Favorites [2009/12/22 18:20:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\UserData [2009/12/22 18:20:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\Cookies [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Templates [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\PrintHood [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\NetHood [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Symantec [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Symantec [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Microsoft [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Identities [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\IBM [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Google [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Google [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Desktop [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\BVRP Software [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\ATI [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\ATI [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\ApplicationHistory [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Access Connections [2009/12/22 18:10:22 | 00,000,000 | -HSD | C] -- C:\Recycled [2009/12/22 18:10:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009/12/22 18:09:39 | 00,582,968 | ---- | C] (Lenovo) -- C:\WINDOWS\System32\tvt_gina.dll [2009/12/22 18:09:39 | 00,292,152 | ---- | C] (Lenovo) -- C:\WINDOWS\System32\tvt_gina_api.dll [2009/12/22 18:09:39 | 00,011,520 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\drivers\ANC.sys [2009/12/22 18:09:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2009/12/22 18:08:40 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009/12/22 18:07:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Lenovo [2009/12/22 18:04:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Symantec Client Security [2009/12/22 18:02:58 | 00,516,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capicom.dll [2009/12/22 18:02:58 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec Client Security [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec [2009/12/22 18:01:25 | 00,000,000 | ---D | C] -- C:\Program Files\IBM ThinkVantage [2009/12/22 18:01:01 | 00,021,060 | ---- | C] (InterVideo, Inc.) -- C:\WINDOWS\System32\drivers\iviaspi.sys [2009/12/22 18:00:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo [2009/12/22 18:00:37 | 00,000,000 | ---D | C] -- C:\Program Files\IBMTOOLS [2009/12/22 18:00:14 | 00,013,440 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\pcdrndisuio.sys [2009/12/22 17:59:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2009/12/22 17:59:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared [2009/12/22 17:59:56 | 00,000,000 | ---D | C] -- C:\Program Files\Sonic [2009/12/22 17:59:55 | 00,094,263 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\DLA.EXE [2009/12/22 17:59:55 | 00,088,704 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVMCDB.SYS [2009/12/22 17:59:55 | 00,061,500 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\DLAAPI_W.DLL [2009/12/22 17:59:55 | 00,040,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVNDDM.SYS [2009/12/22 17:59:55 | 00,022,684 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DLARTL_N.SYS [2009/12/22 17:59:55 | 00,005,628 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS [2009/12/22 17:59:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DLA [2009/12/22 17:59:54 | 00,000,000 | ---D | C] -- C:\Program Files\Multimedia Center for Think Offerings [2009/12/22 17:59:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared [2009/12/22 17:59:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lenovo [2009/12/22 17:59:00 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll [2009/12/22 17:58:36 | 00,922,920 | ---- | C] (LENOVO) -- C:\WINDOWS\System32\ahlprun.exe [2009/12/22 17:58:28 | 01,056,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll [2009/12/22 17:58:28 | 01,049,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71u.dll [2009/12/22 17:57:52 | 00,061,440 | ---- | C] (IBM) -- C:\WINDOWS\System32\IBMJavaPlugin142.cpl [2009/12/22 17:57:52 | 00,042,032 | ---- | C] (IBM) -- C:\WINDOWS\System32\javaw.exe [2009/12/22 17:57:52 | 00,042,032 | ---- | C] (IBM) -- C:\WINDOWS\System32\java.exe [2009/12/22 17:57:45 | 00,000,000 | ---D | C] -- C:\Program Files\IBM [2009/12/22 17:56:59 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkVantage [2009/12/22 17:55:17 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect [2009/12/22 17:50:44 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2009/12/22 17:50:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2009/12/22 17:50:02 | 00,000,000 | ---D | C] -- C:\Program Files\CONEXANT [2009/12/22 17:49:34 | 01,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll [2009/12/22 17:49:34 | 00,053,248 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll [2009/12/22 17:49:34 | 00,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe [2009/12/22 17:49:34 | 00,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe [2009/12/22 17:48:10 | 00,065,536 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP4EX.exe [2009/12/22 17:48:10 | 00,049,152 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\tp4ex.cpl [2009/12/22 17:48:10 | 00,040,960 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP4HOOK.dll [2009/12/22 17:48:10 | 00,040,960 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\tp4cross.exe [2009/12/22 17:47:40 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkVantage Fingerprint Software [2009/12/22 17:47:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2009/12/22 17:47:25 | 00,055,296 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP98.CPL [2009/12/22 17:47:25 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SMAPINT.SYS [2009/12/22 17:46:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE [2009/12/22 17:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Intel [2009/12/22 17:45:54 | 00,000,000 | ---D | C] -- C:\Program Files\Lenovo [2009/12/22 17:45:33 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2009/12/22 17:45:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2009/12/22 17:45:11 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkPad [2009/12/22 17:40:47 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2009/12/22 17:38:41 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2009/12/22 17:38:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2009/12/22 17:38:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp [2009/12/22 17:37:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2009/12/22 17:37:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2009/12/22 17:34:31 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll [2009/12/22 17:33:02 | 00,000,000 | ---D | C] -- C:\Program Files\Analog Devices [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/01/12 13:01:39 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job [2010/01/12 12:53:36 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\OTL.exe [2010/01/12 12:52:48 | 00,000,698 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/01/12 12:52:00 | 00,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1197846292-3383628571-2451298793-1005UA.job [2010/01/12 12:06:00 | 00,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/01/12 10:06:01 | 00,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/01/12 09:52:05 | 00,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2010/01/12 09:41:45 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/01/12 09:41:08 | 00,000,314 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2010/01/12 09:40:32 | 00,108,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010/01/12 09:40:32 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010/01/12 09:39:02 | 00,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010/01/12 09:37:26 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/01/12 09:37:10 | 00,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2010/01/12 09:37:06 | 00,025,224 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI [2010/01/12 09:36:42 | 00,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI [2010/01/12 09:36:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/01/12 09:36:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/01/12 09:36:29 | 32,195,74784 | -HS- | M] () -- C:\hiberfil.sys [2010/01/12 09:35:41 | 04,194,304 | -H-- | M] () -- C:\Documents and Settings\xxxx xxxxxx\NTUSER.DAT [2010/01/12 09:35:19 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\xxxx xxxxxx\ntuser.ini [2010/01/12 09:19:12 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F9310CAE-CC84-4595-AFF0-72A1DBB42BE2}.job [2010/01/11 23:45:09 | 00,044,024 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/01/11 23:44:52 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/01/11 23:44:00 | 00,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/01/11 23:43:56 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/01/11 23:43:56 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/01/11 23:43:20 | 02,068,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/01/11 22:36:30 | 00,001,620 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\CCleaner.lnk [2010/01/11 10:08:11 | 11,258,6752 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\minDrWebLiveCD-5.0.1.iso [2010/01/11 09:40:23 | 27,276,0832 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\BitDefenderRescueCD_v2.0.0_3_08_2009.iso [2010/01/11 00:56:03 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk [2010/01/11 00:51:10 | 00,001,005 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Spybot - Search & Destroy.lnk [2010/01/10 22:17:36 | 00,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/01/10 21:52:00 | 00,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1197846292-3383628571-2451298793-1005Core.job [2010/01/10 19:34:34 | 02,097,152 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\bubblegums_9-1-2010 [2010/01/10 17:26:45 | 00,000,870 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to TpKmapAp.exe.lnk [2010/01/10 00:12:33 | 00,000,928 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Adobe Photoshop CS4.lnk [2010/01/10 00:12:12 | 00,000,952 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Adobe Dreamweaver CS4.lnk [2010/01/10 00:06:32 | 00,000,848 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Start Menu\Programs\Startup\306313.lnk [2010/01/10 00:05:38 | 00,001,972 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mindjet MindManager 8.lnk [2010/01/09 21:21:54 | 00,000,717 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\7-Zip File Manager.lnk [2010/01/09 17:48:15 | 00,001,087 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Untitled-1.gif [2010/01/09 13:10:15 | 00,016,896 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/08 20:51:56 | 00,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2010/01/07 23:08:14 | 00,001,024 | ---- | M] () -- C:\.rnd [2010/01/07 19:54:01 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/01/02 12:59:17 | 00,000,910 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Orange Mobile Partner.lnk [2009/12/28 23:18:36 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin [2009/12/28 22:53:08 | 04,315,988 | -H-- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\IconCache.db [2009/12/28 08:40:53 | 00,318,233 | ---- | M] () -- C:\x1supportfiles.zip [2009/12/26 21:07:26 | 00,506,068 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/12/26 21:07:26 | 00,444,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/12/26 21:07:26 | 00,072,306 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/12/26 13:34:36 | 00,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\3Connect.lnk [2009/12/26 13:32:12 | 00,070,667 | ---- | M] () -- C:\WINDOWS\Huawei ModemsUninstall.exe [2009/12/25 20:04:31 | 00,002,495 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Excel2003.lnk [2009/12/25 19:17:40 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009/12/25 19:17:40 | 00,000,194 | RHS- | M] () -- C:\BOOT.INI [2009/12/25 18:43:45 | 00,000,757 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Control_Alt_W__batch_file.bat.lnk [2009/12/23 22:52:53 | 00,001,026 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to SCANPST.EXE.lnk [2009/12/23 22:07:27 | 00,001,034 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Traigh_NYE_2009-10.xls.lnk [2009/12/23 20:46:13 | 20,299,200 | ---- | M] (TomTom International B.V.) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\TomTomHOME2winlatest.exe [2009/12/23 18:20:30 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AbsoluteFTP.lnk [2009/12/23 18:03:06 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/12/23 17:53:51 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2009/12/23 17:47:30 | 00,000,730 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Edraw Max.lnk [2009/12/23 17:16:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin [2009/12/23 17:00:41 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2009/12/23 17:00:35 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2009/12/23 16:57:09 | 00,000,188 | ---- | M] () -- C:\WINDOWS\x [2009/12/23 16:53:34 | 00,001,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ThinkVantage Productivity Center.lnk [2009/12/23 15:49:03 | 00,030,144 | ---- | M] (Lenovo (United States) Inc.) -- C:\WINDOWS\System32\drivers\psadd.sys [2009/12/23 15:39:48 | 00,000,528 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job [2009/12/23 12:31:55 | 00,001,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Macromedia Dreamweaver 8.lnk [2009/12/23 10:54:31 | 00,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TrueCrypt.lnk [2009/12/23 10:54:30 | 00,223,440 | ---- | M] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys [2009/12/23 10:39:45 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\FolderMatch v3.5.6.lnk [2009/12/23 09:44:37 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009/12/23 09:43:16 | 00,000,808 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Xara Xtreme Pro 5.lnk [2009/12/23 01:30:14 | 00,002,481 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI [2009/12/23 00:41:09 | 00,000,765 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Control_Alt_A__batch_file.bat.lnk [2009/12/23 00:39:36 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2009/12/23 00:39:07 | 00,000,920 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog [2009/12/22 22:42:47 | 00,002,036 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Word 2003.lnk [2009/12/22 22:42:42 | 00,002,016 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\PowerPoint 2003.lnk [2009/12/22 22:42:34 | 00,002,060 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Outlook 2003.lnk [2009/12/22 22:42:15 | 00,002,004 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Microsoft Office Access 2003.lnk [2009/12/22 22:19:31 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2009/12/22 21:49:41 | 00,002,348 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Google Chrome.lnk [2009/12/22 21:19:21 | 00,000,040 | ---- | M] () -- C:\WINDOWS\System32\profile.dat [2009/12/22 21:08:28 | 00,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2009/12/22 20:55:45 | 00,250,048 | RHS- | M] () -- C:\ntldr [2009/12/22 18:46:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009/12/22 18:21:06 | 00,000,135 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\fusioncache.dat [2009/12/22 18:20:27 | 00,000,100 | ---- | M] () -- C:\WINDOWS\System32\drivers\LENOVO_2007_F4G.MRK [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\IO.SYS [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\CONFIG.SYS [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\AUTOEXEC.BAT [2009/12/22 18:20:23 | 00,000,010 | ---- | M] () -- C:\WINDOWS\System32\firstboot.ibm [2009/12/22 18:20:01 | 00,002,359 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009/12/22 18:20:00 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2009/12/22 18:10:22 | 00,000,061 | ---- | M] () -- C:\WINDOWS\smscfg.ini [2009/12/22 18:10:16 | 00,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf [2009/12/22 18:09:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\AccConnAdvanced.html [2009/12/22 18:06:24 | 00,000,000 | -H-- | M] () -- C:\BOOTLOG.PRV [2009/12/22 18:03:28 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2009/12/22 18:00:02 | 00,000,148 | ---- | M] () -- C:\WINDOWS\wininit.ini [2009/12/22 17:58:02 | 00,001,472 | ---- | M] () -- C:\SYSLEVEL.IBM [2009/12/22 17:49:40 | 00,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\IBM_2007_F4G_TP.MRK [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]Last edited by skunksmash; 12 Jan 2010 at 11:55.
-
New #25
Code:Part 02 ========== Files/Folders - Created Within 30 Days ========== [2010/01/12 12:53:33 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\OTL.exe [2010/01/12 12:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Desktop\HostsXpert [2010/01/12 10:21:43 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys [2010/01/12 10:21:43 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys [2010/01/12 09:52:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Skype [2010/01/12 09:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010/01/12 09:51:58 | 00,000,000 | R--D | C] -- C:\Program Files\Skype [2010/01/12 09:39:17 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2010/01/12 09:39:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010/01/12 09:39:02 | 00,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010/01/12 09:24:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2010/01/12 09:22:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files [2010/01/12 00:38:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2010/01/11 22:41:31 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Recent [2010/01/11 22:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion [2010/01/11 22:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Yahoo! [2010/01/11 22:36:42 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo! [2010/01/11 22:36:29 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/01/11 10:18:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab [2010/01/11 09:40:31 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010/01/11 00:57:54 | 00,195,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe [2010/01/11 00:56:02 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials [2010/01/11 00:54:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2010/01/11 00:53:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\SUPERAntiSpyware.com [2010/01/11 00:53:25 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2010/01/11 00:51:01 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010/01/11 00:51:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2010/01/10 22:17:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Malwarebytes [2010/01/10 22:17:33 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/01/10 22:17:32 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/01/10 22:17:32 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/01/10 22:17:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/01/10 00:04:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\{C0B133B8-33F7-401B-A331-5780D8F885A9} [2010/01/09 21:19:09 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010/01/09 12:52:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet [2010/01/09 11:55:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2010/01/08 20:51:52 | 00,000,000 | ---D | C] -- C:\Program Files\PowerISO [2010/01/07 23:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2010/01/07 23:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\LogMeIn [2010/01/07 23:08:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS [2010/01/07 23:08:20 | 00,083,288 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll [2010/01/07 23:08:20 | 00,028,984 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll [2010/01/07 23:08:19 | 00,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2010/01/07 23:08:15 | 00,087,352 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll [2010/01/07 23:08:02 | 00,000,000 | ---D | C] -- C:\Program Files\LogMeIn [2010/01/07 23:06:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Deployment [2010/01/04 08:55:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel [2010/01/02 12:59:06 | 00,872,192 | R--- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys [2010/01/02 12:59:06 | 00,103,168 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbfake.sys [2010/01/02 12:59:06 | 00,101,376 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [2010/01/02 12:59:06 | 00,100,992 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [2010/01/02 12:59:06 | 00,024,448 | R--- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [2009/12/26 21:35:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2009/12/26 18:59:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/12/26 18:59:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\AdobeUM [2009/12/26 18:58:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Adobe [2009/12/26 16:37:14 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom DesktopSuite [2009/12/26 13:34:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Birdstep Technology [2009/12/26 13:34:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology [2009/12/26 13:32:12 | 00,000,000 | ---D | C] -- C:\Program Files\Huawei Modems [2009/12/26 13:31:47 | 00,000,000 | ---D | C] -- C:\Program Files\3 Mobile Broadband [2009/12/25 22:29:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/12/25 22:27:43 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe [2009/12/25 19:10:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss [2009/12/25 18:45:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Videos [2009/12/24 11:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Adobe [2009/12/24 11:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS [2009/12/24 07:50:28 | 00,000,000 | ---D | C] -- C:\Program Files\AVG [2009/12/24 00:59:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Google Gadgets [2009/12/24 00:33:08 | 00,000,000 | ---D | C] -- C:\zz_AMSS_Photos [2009/12/24 00:07:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic [2009/12/24 00:05:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio [2009/12/24 00:00:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\.oit [2009/12/23 23:20:48 | 00,027,136 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys [2009/12/23 21:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\IBM [2009/12/23 20:47:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\TomTom [2009/12/23 20:46:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\TomTom [2009/12/23 20:46:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TomTom [2009/12/23 20:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V [2009/12/23 20:46:21 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom HOME 2 [2009/12/23 20:44:10 | 20,299,200 | ---- | C] (TomTom International B.V.) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\TomTomHOME2winlatest.exe [2009/12/23 18:51:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Avaya [2009/12/23 18:21:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Van Dyke Technologies [2009/12/23 18:20:30 | 00,000,000 | ---D | C] -- C:\Program Files\AbsoluteFTP [2009/12/23 18:07:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TeamViewer [2009/12/23 18:06:10 | 00,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2009/12/23 18:05:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\temp [2009/12/23 18:03:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\skypePM [2009/12/23 18:00:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype [2009/12/23 17:53:50 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent [2009/12/23 17:53:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\uTorrent [2009/12/23 17:47:02 | 00,000,000 | ---D | C] -- C:\Program Files\Edraw Max [2009/12/23 17:17:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI [2009/12/23 17:02:22 | 00,290,816 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiok3x2.dll [2009/12/23 17:02:21 | 00,126,976 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll [2009/12/23 17:02:21 | 00,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibrtmon.exe [2009/12/23 17:02:20 | 00,049,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll [2009/12/23 17:00:30 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2009/12/23 17:00:07 | 01,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll [2009/12/23 16:52:50 | 00,000,000 | ---D | C] -- C:\Program Files\Digital Line Detect [2009/12/23 16:52:37 | 00,000,000 | ---D | C] -- C:\Program Files\NetWaiting [2009/12/23 16:52:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\InstallShield [2009/12/23 16:51:20 | 00,028,272 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NicCo2.dll [2009/12/23 16:39:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Lenovo [2009/12/23 16:33:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Lenovo [2009/12/23 16:22:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\(null) [2009/12/23 15:49:03 | 00,030,144 | ---- | C] (Lenovo (United States) Inc.) -- C:\WINDOWS\System32\drivers\psadd.sys [2009/12/23 15:46:33 | 00,000,000 | ---D | C] -- C:\SWTOOLS [2009/12/23 15:39:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCDr [2009/12/23 15:38:37 | 00,000,000 | ---D | C] -- C:\Program Files\PC-Doctor [2009/12/23 15:28:37 | 00,094,208 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\PWMCPl.cpl [2009/12/23 15:25:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Intel [2009/12/23 15:25:04 | 05,977,216 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\NETw5x32.sys [2009/12/23 15:25:04 | 02,756,608 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw5r32.dll [2009/12/23 15:25:04 | 00,675,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw5c32.dll [2009/12/23 15:24:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2009/12/23 15:24:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel [2009/12/23 12:32:33 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys [2009/12/23 12:31:19 | 00,000,000 | ---D | C] -- C:\Program Files\Orange Mobile Partner [2009/12/23 12:30:59 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2009/12/23 12:30:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macromedia [2009/12/23 12:30:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia [2009/12/23 12:30:10 | 00,000,000 | ---D | C] -- C:\Program Files\Macromedia [2009/12/23 11:02:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TrueCrypt [2009/12/23 10:54:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TrueCrypt [2009/12/23 10:54:30 | 00,223,440 | ---- | C] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys [2009/12/23 10:54:28 | 00,000,000 | ---D | C] -- C:\Program Files\TrueCrypt [2009/12/23 10:41:23 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2009/12/23 10:06:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/12/23 10:04:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Salty Brine [2009/12/23 10:04:21 | 00,874,248 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com Xceed Home) -- C:\WINDOWS\System32\SmartUI2.ocx [2009/12/23 10:04:21 | 00,659,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX [2009/12/23 10:04:21 | 00,599,800 | ---- | C] (Software FX, Inc.) -- C:\WINDOWS\System32\Cfx4032.ocx [2009/12/23 10:04:21 | 00,396,960 | ---- | C] (Namtuk.com) -- C:\WINDOWS\System32\MyCommandButton.ocx [2009/12/23 10:04:21 | 00,319,488 | ---- | C] (Seekford Solutions, Inc.) -- C:\WINDOWS\System32\SNTP Wizard2.ocx [2009/12/23 10:04:21 | 00,258,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msflxgrd.ocx [2009/12/23 10:04:21 | 00,218,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RICHTX32.OCX [2009/12/23 10:04:21 | 00,159,744 | ---- | C] (MicroDexterity, Inc.) -- C:\WINDOWS\System32\stamin32.dll [2009/12/23 10:04:21 | 00,155,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Comdlg32.ocx [2009/12/23 10:04:21 | 00,136,976 | ---- | C] (Software FX, Inc.) -- C:\WINDOWS\System32\SfxBar.dll [2009/12/23 10:04:20 | 00,000,000 | ---D | C] -- C:\Program Files\FolderMatch [2009/12/23 10:01:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009/12/23 09:44:47 | 00,000,000 | ---D | C] -- C:\Program Files\TextPad [2009/12/23 09:41:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Mindjet [2009/12/23 09:34:08 | 00,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll [2009/12/23 09:34:08 | 00,005,632 | ---- | C] (Tracker Software) -- C:\WINDOWS\System32\pxc25pm.dll [2009/12/23 09:33:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Maps [2009/12/23 09:33:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mindjet [2009/12/23 09:33:27 | 00,000,000 | ---D | C] -- C:\Program Files\Mindjet [2009/12/23 09:21:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\{7C480F86-91B2-4DE0-9E83-A05DD0140F5C} [2009/12/23 08:38:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Xara_Xara Xtreme Pro 5 [2009/12/23 08:38:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Magix [2009/12/23 08:38:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\MAGIX [2009/12/23 08:38:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Xara [2009/12/23 08:37:42 | 00,000,000 | ---D | C] -- C:\Program Files\Xara [2009/12/23 08:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Xara [2009/12/23 01:29:02 | 00,000,000 | ---D | C] -- C:\DRIVERS [2009/12/23 01:27:10 | 00,017,844 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\drivers\TPHKDRV.sys [2009/12/23 01:24:45 | 00,108,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\PROCHLP.DLL [2009/12/23 01:24:45 | 00,108,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\IPSSVC.EXE [2009/12/23 01:24:45 | 00,012,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\drivers\PROCDD.SYS [2009/12/23 01:23:36 | 00,000,000 | ---D | C] -- C:\IBMTOOLS [2009/12/23 01:10:50 | 00,000,000 | ---D | C] -- C:\zz_downloads-all [2009/12/23 01:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Tracing [2009/12/23 01:06:38 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2009/12/23 01:05:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft [2009/12/23 01:05:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft [2009/12/23 01:05:14 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live [2009/12/23 00:42:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2009/12/23 00:41:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009/12/23 00:41:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2009/12/23 00:40:57 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009/12/23 00:40:44 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2009/12/23 00:39:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2009/12/23 00:32:39 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys [2009/12/23 00:32:26 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll [2009/12/23 00:32:06 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe [2009/12/23 00:32:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll [2009/12/23 00:32:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll [2009/12/23 00:32:05 | 00,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\nscirda.sys [2009/12/23 00:32:03 | 00,000,000 | ---D | C] -- C:\Program Files\Synaptics [2009/12/23 00:21:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2009/12/23 00:21:50 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild [2009/12/23 00:21:42 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2009/12/23 00:21:25 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2009/12/23 00:21:25 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2009/12/23 00:21:25 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2009/12/23 00:21:25 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [2009/12/23 00:21:24 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2009/12/23 00:21:24 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2009/12/22 23:38:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA [2009/12/22 23:17:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Macromedia [2009/12/22 23:10:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2009/12/22 23:10:39 | 00,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2009/12/22 23:10:39 | 00,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2009/12/22 22:54:01 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2009/12/22 22:34:33 | 00,000,000 | ---D | C] -- C:\Docs [2009/12/22 22:32:47 | 00,000,000 | ---D | C] -- C:\PSTs [2009/12/22 22:21:39 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\IECompatCache [2009/12/22 22:20:47 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\PrivacIE [2009/12/22 22:19:25 | 00,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2009/12/22 22:18:35 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync [2009/12/22 22:18:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009/12/22 22:17:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2009/12/22 22:17:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2009/12/22 22:17:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009/12/22 22:08:54 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009/12/22 22:03:07 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009/12/22 21:57:34 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\IETldCache [2009/12/22 21:55:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Downloads [2009/12/22 21:49:02 | 11,069,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2009/12/22 21:49:02 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2009/12/22 21:49:02 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2009/12/22 21:49:02 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2009/12/22 21:48:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2009/12/22 21:48:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009/12/22 21:48:30 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2009/12/22 21:47:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Temp [2009/12/22 21:20:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2009/12/22 21:16:47 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2009/12/22 21:06:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2009/12/22 20:59:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2009/12/22 20:57:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2009/12/22 20:55:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2009/12/22 20:53:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2009/12/22 19:25:34 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2009/12/22 19:15:17 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2009/12/22 19:15:11 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2009/12/22 19:15:04 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2009/12/22 19:14:57 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2009/12/22 19:14:26 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2009/12/22 19:11:50 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2009/12/22 19:11:48 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2009/12/22 19:11:48 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2009/12/22 19:09:51 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2009/12/22 19:09:51 | 00,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2009/12/22 19:09:51 | 00,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2009/12/22 19:09:51 | 00,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2009/12/22 19:09:51 | 00,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2009/12/22 19:09:51 | 00,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2009/12/22 19:09:50 | 00,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2009/12/22 19:09:50 | 00,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2009/12/22 19:09:50 | 00,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2009/12/22 19:09:50 | 00,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2009/12/22 19:09:49 | 00,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2009/12/22 19:09:49 | 00,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2009/12/22 19:09:49 | 00,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2009/12/22 19:09:48 | 01,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2009/12/22 19:09:48 | 00,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2009/12/22 19:09:48 | 00,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2009/12/22 19:09:44 | 01,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys [2009/12/22 19:09:44 | 00,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys [2009/12/22 19:09:44 | 00,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys [2009/12/22 19:08:59 | 00,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2009/12/22 19:08:59 | 00,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2009/12/22 19:08:59 | 00,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2009/12/22 19:08:59 | 00,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2009/12/22 19:08:59 | 00,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2009/12/22 19:08:59 | 00,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2009/12/22 19:08:59 | 00,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2009/12/22 19:08:59 | 00,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2009/12/22 19:08:59 | 00,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2009/12/22 19:08:59 | 00,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2009/12/22 19:08:59 | 00,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2009/12/22 19:08:59 | 00,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2009/12/22 19:08:59 | 00,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2009/12/22 19:08:59 | 00,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2009/12/22 19:08:59 | 00,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2009/12/22 19:08:59 | 00,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2009/12/22 19:08:59 | 00,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2009/12/22 19:08:59 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2009/12/22 19:08:59 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2009/12/22 19:08:59 | 00,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2009/12/22 19:08:59 | 00,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2009/12/22 18:57:13 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2009/12/22 18:57:05 | 01,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2009/12/22 18:56:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2009/12/22 18:48:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2009/12/22 18:48:26 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2009/12/22 18:46:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Mozilla [2009/12/22 18:46:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla [2009/12/22 18:45:56 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009/12/22 18:34:31 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2009/12/22 18:34:31 | 00,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui [2009/12/22 18:34:31 | 00,017,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui [2009/12/22 18:34:31 | 00,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui [2009/12/22 18:34:31 | 00,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2009/12/22 18:34:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2009/12/22 18:20:18 | 00,000,000 | --SD | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Microsoft [2009/12/22 18:20:18 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\SendTo [2009/12/22 18:20:18 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\Start Menu [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Pictures [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Music [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\Favorites [2009/12/22 18:20:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\UserData [2009/12/22 18:20:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\Cookies [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Templates [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\PrintHood [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\NetHood [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Symantec [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Symantec [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Microsoft [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Identities [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\IBM [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Google [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Google [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Desktop [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\BVRP Software [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\ATI [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\ATI [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\ApplicationHistory [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Access Connections [2009/12/22 18:10:22 | 00,000,000 | -HSD | C] -- C:\Recycled [2009/12/22 18:10:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009/12/22 18:09:39 | 00,582,968 | ---- | C] (Lenovo) -- C:\WINDOWS\System32\tvt_gina.dll [2009/12/22 18:09:39 | 00,292,152 | ---- | C] (Lenovo) -- C:\WINDOWS\System32\tvt_gina_api.dll [2009/12/22 18:09:39 | 00,011,520 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\drivers\ANC.sys [2009/12/22 18:09:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2009/12/22 18:08:40 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009/12/22 18:07:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Lenovo [2009/12/22 18:04:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Symantec Client Security [2009/12/22 18:02:58 | 00,516,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capicom.dll [2009/12/22 18:02:58 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec Client Security [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec [2009/12/22 18:01:25 | 00,000,000 | ---D | C] -- C:\Program Files\IBM ThinkVantage [2009/12/22 18:01:01 | 00,021,060 | ---- | C] (InterVideo, Inc.) -- C:\WINDOWS\System32\drivers\iviaspi.sys [2009/12/22 18:00:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo [2009/12/22 18:00:37 | 00,000,000 | ---D | C] -- C:\Program Files\IBMTOOLS [2009/12/22 18:00:14 | 00,013,440 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\pcdrndisuio.sys [2009/12/22 17:59:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2009/12/22 17:59:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared [2009/12/22 17:59:56 | 00,000,000 | ---D | C] -- C:\Program Files\Sonic [2009/12/22 17:59:55 | 00,094,263 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\DLA.EXE [2009/12/22 17:59:55 | 00,088,704 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVMCDB.SYS [2009/12/22 17:59:55 | 00,061,500 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\DLAAPI_W.DLL [2009/12/22 17:59:55 | 00,040,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVNDDM.SYS [2009/12/22 17:59:55 | 00,022,684 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DLARTL_N.SYS [2009/12/22 17:59:55 | 00,005,628 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS [2009/12/22 17:59:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DLA [2009/12/22 17:59:54 | 00,000,000 | ---D | C] -- C:\Program Files\Multimedia Center for Think Offerings [2009/12/22 17:59:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared [2009/12/22 17:59:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lenovo [2009/12/22 17:59:00 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll [2009/12/22 17:58:36 | 00,922,920 | ---- | C] (LENOVO) -- C:\WINDOWS\System32\ahlprun.exe [2009/12/22 17:58:28 | 01,056,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll [2009/12/22 17:58:28 | 01,049,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71u.dll [2009/12/22 17:57:52 | 00,061,440 | ---- | C] (IBM) -- C:\WINDOWS\System32\IBMJavaPlugin142.cpl [2009/12/22 17:57:52 | 00,042,032 | ---- | C] (IBM) -- C:\WINDOWS\System32\javaw.exe [2009/12/22 17:57:52 | 00,042,032 | ---- | C] (IBM) -- C:\WINDOWS\System32\java.exe [2009/12/22 17:57:45 | 00,000,000 | ---D | C] -- C:\Program Files\IBM [2009/12/22 17:56:59 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkVantage [2009/12/22 17:55:17 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect [2009/12/22 17:50:44 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2009/12/22 17:50:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2009/12/22 17:50:02 | 00,000,000 | ---D | C] -- C:\Program Files\CONEXANT [2009/12/22 17:49:34 | 01,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll [2009/12/22 17:49:34 | 00,053,248 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll [2009/12/22 17:49:34 | 00,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe [2009/12/22 17:49:34 | 00,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe [2009/12/22 17:48:10 | 00,065,536 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP4EX.exe [2009/12/22 17:48:10 | 00,049,152 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\tp4ex.cpl [2009/12/22 17:48:10 | 00,040,960 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP4HOOK.dll [2009/12/22 17:48:10 | 00,040,960 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\tp4cross.exe [2009/12/22 17:47:40 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkVantage Fingerprint Software [2009/12/22 17:47:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2009/12/22 17:47:25 | 00,055,296 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP98.CPL [2009/12/22 17:47:25 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SMAPINT.SYS [2009/12/22 17:46:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE [2009/12/22 17:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Intel [2009/12/22 17:45:54 | 00,000,000 | ---D | C] -- C:\Program Files\Lenovo [2009/12/22 17:45:33 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2009/12/22 17:45:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2009/12/22 17:45:11 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkPad [2009/12/22 17:40:47 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2009/12/22 17:38:41 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2009/12/22 17:38:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2009/12/22 17:38:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp [2009/12/22 17:37:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2009/12/22 17:37:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2009/12/22 17:34:31 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll [2009/12/22 17:33:02 | 00,000,000 | ---D | C] -- C:\Program Files\Analog Devices [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/01/12 13:01:39 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job [2010/01/12 12:53:36 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\OTL.exe [2010/01/12 12:52:48 | 00,000,698 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/01/12 12:52:00 | 00,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1197846292-3383628571-2451298793-1005UA.job [2010/01/12 12:06:00 | 00,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/01/12 10:06:01 | 00,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/01/12 09:52:05 | 00,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2010/01/12 09:41:45 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/01/12 09:41:08 | 00,000,314 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2010/01/12 09:40:32 | 00,108,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010/01/12 09:40:32 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010/01/12 09:39:02 | 00,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010/01/12 09:37:26 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/01/12 09:37:10 | 00,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2010/01/12 09:37:06 | 00,025,224 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI [2010/01/12 09:36:42 | 00,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI [2010/01/12 09:36:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/01/12 09:36:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/01/12 09:36:29 | 32,195,74784 | -HS- | M] () -- C:\hiberfil.sys [2010/01/12 09:35:41 | 04,194,304 | -H-- | M] () -- C:\Documents and Settings\xxxx xxxxxx\NTUSER.DAT [2010/01/12 09:35:19 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\xxxx xxxxxx\ntuser.ini [2010/01/12 09:19:12 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F9310CAE-CC84-4595-AFF0-72A1DBB42BE2}.job [2010/01/11 23:45:09 | 00,044,024 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/01/11 23:44:52 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/01/11 23:44:00 | 00,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/01/11 23:43:56 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/01/11 23:43:56 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/01/11 23:43:20 | 02,068,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/01/11 22:36:30 | 00,001,620 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\CCleaner.lnk [2010/01/11 10:08:11 | 11,258,6752 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\minDrWebLiveCD-5.0.1.iso [2010/01/11 09:40:23 | 27,276,0832 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\BitDefenderRescueCD_v2.0.0_3_08_2009.iso [2010/01/11 00:56:03 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk [2010/01/11 00:51:10 | 00,001,005 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Spybot - Search & Destroy.lnk [2010/01/10 22:17:36 | 00,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/01/10 21:52:00 | 00,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1197846292-3383628571-2451298793-1005Core.job [2010/01/10 19:34:34 | 02,097,152 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\bubblegums_9-1-2010 [2010/01/10 17:26:45 | 00,000,870 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to TpKmapAp.exe.lnk [2010/01/10 00:12:33 | 00,000,928 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Adobe Photoshop CS4.lnk [2010/01/10 00:12:12 | 00,000,952 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Adobe Dreamweaver CS4.lnk [2010/01/10 00:06:32 | 00,000,848 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Start Menu\Programs\Startup\306313.lnk [2010/01/10 00:05:38 | 00,001,972 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mindjet MindManager 8.lnk [2010/01/09 21:21:54 | 00,000,717 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\7-Zip File Manager.lnk [2010/01/09 17:48:15 | 00,001,087 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Untitled-1.gif [2010/01/09 13:10:15 | 00,016,896 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/08 20:51:56 | 00,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2010/01/07 23:08:14 | 00,001,024 | ---- | M] () -- C:\.rnd [2010/01/07 19:54:01 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/01/02 12:59:17 | 00,000,910 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Orange Mobile Partner.lnk [2009/12/28 23:18:36 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin [2009/12/28 22:53:08 | 04,315,988 | -H-- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\IconCache.db [2009/12/28 08:40:53 | 00,318,233 | ---- | M] () -- C:\x1supportfiles.zip [2009/12/26 21:07:26 | 00,506,068 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/12/26 21:07:26 | 00,444,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/12/26 21:07:26 | 00,072,306 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/12/26 13:34:36 | 00,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\3Connect.lnk [2009/12/26 13:32:12 | 00,070,667 | ---- | M] () -- C:\WINDOWS\Huawei ModemsUninstall.exe [2009/12/25 20:04:31 | 00,002,495 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Excel2003.lnk [2009/12/25 19:17:40 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009/12/25 19:17:40 | 00,000,194 | RHS- | M] () -- C:\BOOT.INI [2009/12/25 18:43:45 | 00,000,757 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Control_Alt_W__batch_file.bat.lnk [2009/12/23 22:52:53 | 00,001,026 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to SCANPST.EXE.lnk [2009/12/23 22:07:27 | 00,001,034 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Traigh_NYE_2009-10.xls.lnk [2009/12/23 20:46:13 | 20,299,200 | ---- | M] (TomTom International B.V.) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\TomTomHOME2winlatest.exe [2009/12/23 18:20:30 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AbsoluteFTP.lnk [2009/12/23 18:03:06 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/12/23 17:53:51 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2009/12/23 17:47:30 | 00,000,730 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Edraw Max.lnk [2009/12/23 17:16:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin [2009/12/23 17:00:41 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2009/12/23 17:00:35 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2009/12/23 16:57:09 | 00,000,188 | ---- | M] () -- C:\WINDOWS\x [2009/12/23 16:53:34 | 00,001,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ThinkVantage Productivity Center.lnk [2009/12/23 15:49:03 | 00,030,144 | ---- | M] (Lenovo (United States) Inc.) -- C:\WINDOWS\System32\drivers\psadd.sys [2009/12/23 15:39:48 | 00,000,528 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job [2009/12/23 12:31:55 | 00,001,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Macromedia Dreamweaver 8.lnk [2009/12/23 10:54:31 | 00,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TrueCrypt.lnk [2009/12/23 10:54:30 | 00,223,440 | ---- | M] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys [2009/12/23 10:39:45 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\FolderMatch v3.5.6.lnk [2009/12/23 09:44:37 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009/12/23 09:43:16 | 00,000,808 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Xara Xtreme Pro 5.lnk [2009/12/23 01:30:14 | 00,002,481 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI [2009/12/23 00:41:09 | 00,000,765 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Control_Alt_A__batch_file.bat.lnk [2009/12/23 00:39:36 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2009/12/23 00:39:07 | 00,000,920 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog [2009/12/22 22:42:47 | 00,002,036 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Word 2003.lnk [2009/12/22 22:42:42 | 00,002,016 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\PowerPoint 2003.lnk [2009/12/22 22:42:34 | 00,002,060 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Outlook 2003.lnk [2009/12/22 22:42:15 | 00,002,004 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Microsoft Office Access 2003.lnk [2009/12/22 22:19:31 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2009/12/22 21:49:41 | 00,002,348 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Google Chrome.lnk [2009/12/22 21:19:21 | 00,000,040 | ---- | M] () -- C:\WINDOWS\System32\profile.dat [2009/12/22 21:08:28 | 00,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2009/12/22 20:55:45 | 00,250,048 | RHS- | M] () -- C:\ntldr [2009/12/22 18:46:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009/12/22 18:21:06 | 00,000,135 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\fusioncache.dat [2009/12/22 18:20:27 | 00,000,100 | ---- | M] () -- C:\WINDOWS\System32\drivers\LENOVO_2007_F4G.MRK [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\IO.SYS [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\CONFIG.SYS [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\AUTOEXEC.BAT [2009/12/22 18:20:23 | 00,000,010 | ---- | M] () -- C:\WINDOWS\System32\firstboot.ibm [2009/12/22 18:20:01 | 00,002,359 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009/12/22 18:20:00 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2009/12/22 18:10:22 | 00,000,061 | ---- | M] () -- C:\WINDOWS\smscfg.ini [2009/12/22 18:10:16 | 00,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf [2009/12/22 18:09:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\AccConnAdvanced.html [2009/12/22 18:06:24 | 00,000,000 | -H-- | M] () -- C:\BOOTLOG.PRV [2009/12/22 18:03:28 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2009/12/22 18:00:02 | 00,000,148 | ---- | M] () -- C:\WINDOWS\wininit.ini [2009/12/22 17:58:02 | 00,001,472 | ---- | M] () -- C:\SYSLEVEL.IBM [2009/12/22 17:49:40 | 00,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\IBM_2007_F4G_TP.MRK [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]Last edited by skunksmash; 12 Jan 2010 at 11:56.
-
New #26
Code:part 03 ========== Files/Folders - Created Within 30 Days ========== [2010/01/12 12:53:33 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\OTL.exe [2010/01/12 12:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Desktop\HostsXpert [2010/01/12 10:21:43 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys [2010/01/12 10:21:43 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys [2010/01/12 09:52:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Skype [2010/01/12 09:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010/01/12 09:51:58 | 00,000,000 | R--D | C] -- C:\Program Files\Skype [2010/01/12 09:39:17 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2010/01/12 09:39:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010/01/12 09:39:02 | 00,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010/01/12 09:24:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2010/01/12 09:24:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2010/01/12 09:22:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files [2010/01/12 00:38:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2010/01/11 22:41:31 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Recent [2010/01/11 22:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion [2010/01/11 22:36:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Yahoo! [2010/01/11 22:36:42 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo! [2010/01/11 22:36:29 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/01/11 10:18:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab [2010/01/11 09:40:31 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010/01/11 00:57:54 | 00,195,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe [2010/01/11 00:56:02 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials [2010/01/11 00:54:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2010/01/11 00:53:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\SUPERAntiSpyware.com [2010/01/11 00:53:25 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2010/01/11 00:51:01 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010/01/11 00:51:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2010/01/10 22:17:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Malwarebytes [2010/01/10 22:17:33 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/01/10 22:17:32 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/01/10 22:17:32 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/01/10 22:17:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/01/10 00:04:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\{C0B133B8-33F7-401B-A331-5780D8F885A9} [2010/01/09 21:19:09 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010/01/09 12:52:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet [2010/01/09 11:55:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2010/01/08 20:51:52 | 00,000,000 | ---D | C] -- C:\Program Files\PowerISO [2010/01/07 23:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2010/01/07 23:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\LogMeIn [2010/01/07 23:08:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS [2010/01/07 23:08:20 | 00,083,288 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll [2010/01/07 23:08:20 | 00,028,984 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll [2010/01/07 23:08:19 | 00,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2010/01/07 23:08:15 | 00,087,352 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll [2010/01/07 23:08:02 | 00,000,000 | ---D | C] -- C:\Program Files\LogMeIn [2010/01/07 23:06:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Deployment [2010/01/04 08:55:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel [2010/01/02 12:59:06 | 00,872,192 | R--- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys [2010/01/02 12:59:06 | 00,103,168 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbfake.sys [2010/01/02 12:59:06 | 00,101,376 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [2010/01/02 12:59:06 | 00,100,992 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [2010/01/02 12:59:06 | 00,024,448 | R--- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [2009/12/26 21:35:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2009/12/26 18:59:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/12/26 18:59:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\AdobeUM [2009/12/26 18:58:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Adobe [2009/12/26 16:37:14 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom DesktopSuite [2009/12/26 13:34:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Birdstep Technology [2009/12/26 13:34:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology [2009/12/26 13:32:12 | 00,000,000 | ---D | C] -- C:\Program Files\Huawei Modems [2009/12/26 13:31:47 | 00,000,000 | ---D | C] -- C:\Program Files\3 Mobile Broadband [2009/12/25 22:29:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/12/25 22:27:43 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe [2009/12/25 19:10:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss [2009/12/25 18:45:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Videos [2009/12/24 11:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Adobe [2009/12/24 11:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS [2009/12/24 07:50:28 | 00,000,000 | ---D | C] -- C:\Program Files\AVG [2009/12/24 00:59:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Google Gadgets [2009/12/24 00:33:08 | 00,000,000 | ---D | C] -- C:\zz_AMSS_Photos [2009/12/24 00:07:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic [2009/12/24 00:05:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio [2009/12/24 00:00:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\.oit [2009/12/23 23:20:48 | 00,027,136 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys [2009/12/23 21:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\IBM [2009/12/23 20:47:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\TomTom [2009/12/23 20:46:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\TomTom [2009/12/23 20:46:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TomTom [2009/12/23 20:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V [2009/12/23 20:46:21 | 00,000,000 | ---D | C] -- C:\Program Files\TomTom HOME 2 [2009/12/23 20:44:10 | 20,299,200 | ---- | C] (TomTom International B.V.) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\TomTomHOME2winlatest.exe [2009/12/23 18:51:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Avaya [2009/12/23 18:21:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Van Dyke Technologies [2009/12/23 18:20:30 | 00,000,000 | ---D | C] -- C:\Program Files\AbsoluteFTP [2009/12/23 18:07:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TeamViewer [2009/12/23 18:06:10 | 00,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2009/12/23 18:05:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\temp [2009/12/23 18:03:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\skypePM [2009/12/23 18:00:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype [2009/12/23 17:53:50 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent [2009/12/23 17:53:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\uTorrent [2009/12/23 17:47:02 | 00,000,000 | ---D | C] -- C:\Program Files\Edraw Max [2009/12/23 17:17:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI [2009/12/23 17:02:22 | 00,290,816 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiok3x2.dll [2009/12/23 17:02:21 | 00,126,976 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll [2009/12/23 17:02:21 | 00,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibrtmon.exe [2009/12/23 17:02:20 | 00,049,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll [2009/12/23 17:00:30 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2009/12/23 17:00:07 | 01,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll [2009/12/23 16:52:50 | 00,000,000 | ---D | C] -- C:\Program Files\Digital Line Detect [2009/12/23 16:52:37 | 00,000,000 | ---D | C] -- C:\Program Files\NetWaiting [2009/12/23 16:52:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\InstallShield [2009/12/23 16:51:20 | 00,028,272 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NicCo2.dll [2009/12/23 16:39:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Lenovo [2009/12/23 16:33:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Lenovo [2009/12/23 16:22:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\(null) [2009/12/23 15:49:03 | 00,030,144 | ---- | C] (Lenovo (United States) Inc.) -- C:\WINDOWS\System32\drivers\psadd.sys [2009/12/23 15:46:33 | 00,000,000 | ---D | C] -- C:\SWTOOLS [2009/12/23 15:39:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCDr [2009/12/23 15:38:37 | 00,000,000 | ---D | C] -- C:\Program Files\PC-Doctor [2009/12/23 15:28:37 | 00,094,208 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\PWMCPl.cpl [2009/12/23 15:25:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Intel [2009/12/23 15:25:04 | 05,977,216 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\NETw5x32.sys [2009/12/23 15:25:04 | 02,756,608 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw5r32.dll [2009/12/23 15:25:04 | 00,675,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw5c32.dll [2009/12/23 15:24:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2009/12/23 15:24:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel [2009/12/23 12:32:33 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys [2009/12/23 12:31:19 | 00,000,000 | ---D | C] -- C:\Program Files\Orange Mobile Partner [2009/12/23 12:30:59 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2009/12/23 12:30:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macromedia [2009/12/23 12:30:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia [2009/12/23 12:30:10 | 00,000,000 | ---D | C] -- C:\Program Files\Macromedia [2009/12/23 11:02:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TrueCrypt [2009/12/23 10:54:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TrueCrypt [2009/12/23 10:54:30 | 00,223,440 | ---- | C] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys [2009/12/23 10:54:28 | 00,000,000 | ---D | C] -- C:\Program Files\TrueCrypt [2009/12/23 10:41:23 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2009/12/23 10:06:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/12/23 10:04:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Salty Brine [2009/12/23 10:04:21 | 00,874,248 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com Xceed Home) -- C:\WINDOWS\System32\SmartUI2.ocx [2009/12/23 10:04:21 | 00,659,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX [2009/12/23 10:04:21 | 00,599,800 | ---- | C] (Software FX, Inc.) -- C:\WINDOWS\System32\Cfx4032.ocx [2009/12/23 10:04:21 | 00,396,960 | ---- | C] (Namtuk.com) -- C:\WINDOWS\System32\MyCommandButton.ocx [2009/12/23 10:04:21 | 00,319,488 | ---- | C] (Seekford Solutions, Inc.) -- C:\WINDOWS\System32\SNTP Wizard2.ocx [2009/12/23 10:04:21 | 00,258,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msflxgrd.ocx [2009/12/23 10:04:21 | 00,218,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RICHTX32.OCX [2009/12/23 10:04:21 | 00,159,744 | ---- | C] (MicroDexterity, Inc.) -- C:\WINDOWS\System32\stamin32.dll [2009/12/23 10:04:21 | 00,155,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Comdlg32.ocx [2009/12/23 10:04:21 | 00,136,976 | ---- | C] (Software FX, Inc.) -- C:\WINDOWS\System32\SfxBar.dll [2009/12/23 10:04:20 | 00,000,000 | ---D | C] -- C:\Program Files\FolderMatch [2009/12/23 10:01:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009/12/23 09:44:47 | 00,000,000 | ---D | C] -- C:\Program Files\TextPad [2009/12/23 09:41:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Mindjet [2009/12/23 09:34:08 | 00,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll [2009/12/23 09:34:08 | 00,005,632 | ---- | C] (Tracker Software) -- C:\WINDOWS\System32\pxc25pm.dll [2009/12/23 09:33:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Maps [2009/12/23 09:33:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mindjet [2009/12/23 09:33:27 | 00,000,000 | ---D | C] -- C:\Program Files\Mindjet [2009/12/23 09:21:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\{7C480F86-91B2-4DE0-9E83-A05DD0140F5C} [2009/12/23 08:38:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Xara_Xara Xtreme Pro 5 [2009/12/23 08:38:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Magix [2009/12/23 08:38:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\MAGIX [2009/12/23 08:38:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Xara [2009/12/23 08:37:42 | 00,000,000 | ---D | C] -- C:\Program Files\Xara [2009/12/23 08:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Xara [2009/12/23 01:29:02 | 00,000,000 | ---D | C] -- C:\DRIVERS [2009/12/23 01:27:10 | 00,017,844 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\drivers\TPHKDRV.sys [2009/12/23 01:24:45 | 00,108,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\PROCHLP.DLL [2009/12/23 01:24:45 | 00,108,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\IPSSVC.EXE [2009/12/23 01:24:45 | 00,012,080 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\drivers\PROCDD.SYS [2009/12/23 01:23:36 | 00,000,000 | ---D | C] -- C:\IBMTOOLS [2009/12/23 01:10:50 | 00,000,000 | ---D | C] -- C:\zz_downloads-all [2009/12/23 01:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Tracing [2009/12/23 01:06:38 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2009/12/23 01:05:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft [2009/12/23 01:05:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft [2009/12/23 01:05:14 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live [2009/12/23 00:42:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2009/12/23 00:41:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009/12/23 00:41:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2009/12/23 00:40:57 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009/12/23 00:40:44 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2009/12/23 00:39:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2009/12/23 00:32:39 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys [2009/12/23 00:32:26 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll [2009/12/23 00:32:06 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe [2009/12/23 00:32:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll [2009/12/23 00:32:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll [2009/12/23 00:32:05 | 00,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\nscirda.sys [2009/12/23 00:32:03 | 00,000,000 | ---D | C] -- C:\Program Files\Synaptics [2009/12/23 00:21:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2009/12/23 00:21:50 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild [2009/12/23 00:21:42 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2009/12/23 00:21:25 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2009/12/23 00:21:25 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2009/12/23 00:21:25 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2009/12/23 00:21:25 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [2009/12/23 00:21:24 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2009/12/23 00:21:24 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2009/12/22 23:38:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK [2009/12/22 23:35:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA [2009/12/22 23:17:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Macromedia [2009/12/22 23:10:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2009/12/22 23:10:39 | 00,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2009/12/22 23:10:39 | 00,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2009/12/22 22:54:01 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2009/12/22 22:34:33 | 00,000,000 | ---D | C] -- C:\Docs [2009/12/22 22:32:47 | 00,000,000 | ---D | C] -- C:\PSTs [2009/12/22 22:21:39 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\IECompatCache [2009/12/22 22:20:47 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\PrivacIE [2009/12/22 22:19:25 | 00,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2009/12/22 22:18:35 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync [2009/12/22 22:18:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009/12/22 22:17:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2009/12/22 22:17:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2009/12/22 22:17:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009/12/22 22:08:54 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009/12/22 22:03:07 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009/12/22 21:57:34 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\IETldCache [2009/12/22 21:55:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Downloads [2009/12/22 21:49:02 | 11,069,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2009/12/22 21:49:02 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2009/12/22 21:49:02 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2009/12/22 21:49:02 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2009/12/22 21:48:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2009/12/22 21:48:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009/12/22 21:48:30 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2009/12/22 21:47:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Temp [2009/12/22 21:20:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2009/12/22 21:16:47 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2009/12/22 21:06:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2009/12/22 20:59:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en [2009/12/22 20:59:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2009/12/22 20:57:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2009/12/22 20:55:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2009/12/22 20:53:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2009/12/22 19:25:34 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2009/12/22 19:15:17 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2009/12/22 19:15:11 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2009/12/22 19:15:04 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2009/12/22 19:14:57 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2009/12/22 19:14:26 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2009/12/22 19:11:50 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2009/12/22 19:11:48 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2009/12/22 19:11:48 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2009/12/22 19:09:51 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2009/12/22 19:09:51 | 00,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2009/12/22 19:09:51 | 00,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2009/12/22 19:09:51 | 00,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2009/12/22 19:09:51 | 00,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2009/12/22 19:09:51 | 00,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2009/12/22 19:09:50 | 00,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2009/12/22 19:09:50 | 00,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2009/12/22 19:09:50 | 00,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2009/12/22 19:09:50 | 00,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2009/12/22 19:09:49 | 00,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2009/12/22 19:09:49 | 00,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2009/12/22 19:09:49 | 00,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2009/12/22 19:09:48 | 01,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2009/12/22 19:09:48 | 00,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2009/12/22 19:09:48 | 00,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2009/12/22 19:09:44 | 01,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys [2009/12/22 19:09:44 | 00,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys [2009/12/22 19:09:44 | 00,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys [2009/12/22 19:08:59 | 00,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2009/12/22 19:08:59 | 00,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2009/12/22 19:08:59 | 00,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2009/12/22 19:08:59 | 00,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2009/12/22 19:08:59 | 00,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2009/12/22 19:08:59 | 00,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2009/12/22 19:08:59 | 00,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2009/12/22 19:08:59 | 00,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2009/12/22 19:08:59 | 00,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2009/12/22 19:08:59 | 00,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2009/12/22 19:08:59 | 00,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2009/12/22 19:08:59 | 00,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2009/12/22 19:08:59 | 00,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2009/12/22 19:08:59 | 00,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2009/12/22 19:08:59 | 00,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2009/12/22 19:08:59 | 00,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2009/12/22 19:08:59 | 00,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2009/12/22 19:08:59 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2009/12/22 19:08:59 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2009/12/22 19:08:59 | 00,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2009/12/22 19:08:59 | 00,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2009/12/22 18:57:13 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2009/12/22 18:57:05 | 01,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2009/12/22 18:56:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2009/12/22 18:48:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2009/12/22 18:48:26 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2009/12/22 18:46:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Mozilla [2009/12/22 18:46:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Mozilla [2009/12/22 18:45:56 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009/12/22 18:34:31 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2009/12/22 18:34:31 | 00,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui [2009/12/22 18:34:31 | 00,017,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui [2009/12/22 18:34:31 | 00,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui [2009/12/22 18:34:31 | 00,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2009/12/22 18:34:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2009/12/22 18:20:18 | 00,000,000 | --SD | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Microsoft [2009/12/22 18:20:18 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\SendTo [2009/12/22 18:20:18 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\Start Menu [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Pictures [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\My Music [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents [2009/12/22 18:20:18 | 00,000,000 | R--D | C] -- C:\Documents and Settings\xxxx xxxxxx\Favorites [2009/12/22 18:20:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\UserData [2009/12/22 18:20:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\xxxx xxxxxx\Cookies [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Templates [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\PrintHood [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\NetHood [2009/12/22 18:20:18 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Symantec [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Symantec [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Microsoft [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Identities [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\IBM [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\Google [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Google [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Desktop [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\BVRP Software [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\ATI [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\ATI [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\ApplicationHistory [2009/12/22 18:20:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Access Connections [2009/12/22 18:10:22 | 00,000,000 | -HSD | C] -- C:\Recycled [2009/12/22 18:10:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009/12/22 18:09:39 | 00,582,968 | ---- | C] (Lenovo) -- C:\WINDOWS\System32\tvt_gina.dll [2009/12/22 18:09:39 | 00,292,152 | ---- | C] (Lenovo) -- C:\WINDOWS\System32\tvt_gina_api.dll [2009/12/22 18:09:39 | 00,011,520 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\drivers\ANC.sys [2009/12/22 18:09:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2009/12/22 18:08:40 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009/12/22 18:07:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Lenovo [2009/12/22 18:04:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Symantec Client Security [2009/12/22 18:02:58 | 00,516,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capicom.dll [2009/12/22 18:02:58 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec Client Security [2009/12/22 18:02:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec [2009/12/22 18:01:25 | 00,000,000 | ---D | C] -- C:\Program Files\IBM ThinkVantage [2009/12/22 18:01:01 | 00,021,060 | ---- | C] (InterVideo, Inc.) -- C:\WINDOWS\System32\drivers\iviaspi.sys [2009/12/22 18:00:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo [2009/12/22 18:00:37 | 00,000,000 | ---D | C] -- C:\Program Files\IBMTOOLS [2009/12/22 18:00:14 | 00,013,440 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\pcdrndisuio.sys [2009/12/22 17:59:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2009/12/22 17:59:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared [2009/12/22 17:59:56 | 00,000,000 | ---D | C] -- C:\Program Files\Sonic [2009/12/22 17:59:55 | 00,094,263 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\DLA.EXE [2009/12/22 17:59:55 | 00,088,704 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVMCDB.SYS [2009/12/22 17:59:55 | 00,061,500 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\DLAAPI_W.DLL [2009/12/22 17:59:55 | 00,040,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVNDDM.SYS [2009/12/22 17:59:55 | 00,022,684 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DLARTL_N.SYS [2009/12/22 17:59:55 | 00,005,628 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS [2009/12/22 17:59:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DLA [2009/12/22 17:59:54 | 00,000,000 | ---D | C] -- C:\Program Files\Multimedia Center for Think Offerings [2009/12/22 17:59:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared [2009/12/22 17:59:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lenovo [2009/12/22 17:59:00 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll [2009/12/22 17:58:36 | 00,922,920 | ---- | C] (LENOVO) -- C:\WINDOWS\System32\ahlprun.exe [2009/12/22 17:58:28 | 01,056,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll [2009/12/22 17:58:28 | 01,049,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71u.dll [2009/12/22 17:57:52 | 00,061,440 | ---- | C] (IBM) -- C:\WINDOWS\System32\IBMJavaPlugin142.cpl [2009/12/22 17:57:52 | 00,042,032 | ---- | C] (IBM) -- C:\WINDOWS\System32\javaw.exe [2009/12/22 17:57:52 | 00,042,032 | ---- | C] (IBM) -- C:\WINDOWS\System32\java.exe [2009/12/22 17:57:45 | 00,000,000 | ---D | C] -- C:\Program Files\IBM [2009/12/22 17:56:59 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkVantage [2009/12/22 17:55:17 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect [2009/12/22 17:50:44 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2009/12/22 17:50:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2009/12/22 17:50:02 | 00,000,000 | ---D | C] -- C:\Program Files\CONEXANT [2009/12/22 17:49:34 | 01,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll [2009/12/22 17:49:34 | 00,053,248 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll [2009/12/22 17:49:34 | 00,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe [2009/12/22 17:49:34 | 00,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe [2009/12/22 17:48:10 | 00,065,536 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP4EX.exe [2009/12/22 17:48:10 | 00,049,152 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\tp4ex.cpl [2009/12/22 17:48:10 | 00,040,960 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP4HOOK.dll [2009/12/22 17:48:10 | 00,040,960 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\tp4cross.exe [2009/12/22 17:47:40 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkVantage Fingerprint Software [2009/12/22 17:47:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2009/12/22 17:47:25 | 00,055,296 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\System32\TP98.CPL [2009/12/22 17:47:25 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SMAPINT.SYS [2009/12/22 17:46:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE [2009/12/22 17:46:50 | 00,000,000 | ---D | C] -- C:\Program Files\Intel [2009/12/22 17:45:54 | 00,000,000 | ---D | C] -- C:\Program Files\Lenovo [2009/12/22 17:45:33 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2009/12/22 17:45:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2009/12/22 17:45:11 | 00,000,000 | ---D | C] -- C:\Program Files\ThinkPad [2009/12/22 17:40:47 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2009/12/22 17:38:41 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2009/12/22 17:38:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2009/12/22 17:38:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp [2009/12/22 17:37:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2009/12/22 17:37:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2009/12/22 17:34:31 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll [2009/12/22 17:33:02 | 00,000,000 | ---D | C] -- C:\Program Files\Analog Devices [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]Last edited by skunksmash; 12 Jan 2010 at 11:57.
-
New #27
Code:PART 04 ========== Files - Modified Within 30 Days ========== [2010/01/12 13:01:39 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job [2010/01/12 12:53:36 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\OTL.exe [2010/01/12 12:52:48 | 00,000,698 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/01/12 12:52:00 | 00,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1197846292-3383628571-2451298793-1005UA.job [2010/01/12 12:06:00 | 00,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/01/12 10:06:01 | 00,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/01/12 09:52:05 | 00,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2010/01/12 09:41:45 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/01/12 09:41:08 | 00,000,314 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2010/01/12 09:40:32 | 00,108,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010/01/12 09:40:32 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010/01/12 09:39:02 | 00,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010/01/12 09:37:26 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/01/12 09:37:10 | 00,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2010/01/12 09:37:06 | 00,025,224 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI [2010/01/12 09:36:42 | 00,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI [2010/01/12 09:36:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/01/12 09:36:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/01/12 09:36:29 | 32,195,74784 | -HS- | M] () -- C:\hiberfil.sys [2010/01/12 09:35:41 | 04,194,304 | -H-- | M] () -- C:\Documents and Settings\xxxx xxxxxx\NTUSER.DAT [2010/01/12 09:35:19 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\xxxx xxxxxx\ntuser.ini [2010/01/12 09:19:12 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F9310CAE-CC84-4595-AFF0-72A1DBB42BE2}.job [2010/01/11 23:45:09 | 00,044,024 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/01/11 23:44:52 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/01/11 23:44:00 | 00,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/01/11 23:43:56 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/01/11 23:43:56 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/01/11 23:43:20 | 02,068,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/01/11 22:36:30 | 00,001,620 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\CCleaner.lnk [2010/01/11 10:08:11 | 11,258,6752 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\minDrWebLiveCD-5.0.1.iso [2010/01/11 09:40:23 | 27,276,0832 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\BitDefenderRescueCD_v2.0.0_3_08_2009.iso [2010/01/11 00:56:03 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk [2010/01/11 00:51:10 | 00,001,005 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Spybot - Search & Destroy.lnk [2010/01/10 22:17:36 | 00,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/01/10 21:52:00 | 00,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1197846292-3383628571-2451298793-1005Core.job [2010/01/10 19:34:34 | 02,097,152 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\bubblegums_9-1-2010 [2010/01/10 17:26:45 | 00,000,870 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to TpKmapAp.exe.lnk [2010/01/10 00:12:33 | 00,000,928 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Adobe Photoshop CS4.lnk [2010/01/10 00:12:12 | 00,000,952 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Adobe Dreamweaver CS4.lnk [2010/01/10 00:06:32 | 00,000,848 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Start Menu\Programs\Startup\306313.lnk [2010/01/10 00:05:38 | 00,001,972 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mindjet MindManager 8.lnk [2010/01/09 21:21:54 | 00,000,717 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\7-Zip File Manager.lnk [2010/01/09 17:48:15 | 00,001,087 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Untitled-1.gif [2010/01/09 13:10:15 | 00,016,896 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/08 20:51:56 | 00,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2010/01/07 23:08:14 | 00,001,024 | ---- | M] () -- C:\.rnd [2010/01/07 19:54:01 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/01/02 12:59:17 | 00,000,910 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Orange Mobile Partner.lnk [2009/12/28 23:18:36 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin [2009/12/28 22:53:08 | 04,315,988 | -H-- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\IconCache.db [2009/12/28 08:40:53 | 00,318,233 | ---- | M] () -- C:\x1supportfiles.zip [2009/12/26 21:07:26 | 00,506,068 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/12/26 21:07:26 | 00,444,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/12/26 21:07:26 | 00,072,306 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/12/26 13:34:36 | 00,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\3Connect.lnk [2009/12/26 13:32:12 | 00,070,667 | ---- | M] () -- C:\WINDOWS\Huawei ModemsUninstall.exe [2009/12/25 20:04:31 | 00,002,495 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Excel2003.lnk [2009/12/25 19:17:40 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009/12/25 19:17:40 | 00,000,194 | RHS- | M] () -- C:\BOOT.INI [2009/12/25 18:43:45 | 00,000,757 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Control_Alt_W__batch_file.bat.lnk [2009/12/23 22:52:53 | 00,001,026 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to SCANPST.EXE.lnk [2009/12/23 22:07:27 | 00,001,034 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Traigh_NYE_2009-10.xls.lnk [2009/12/23 20:46:13 | 20,299,200 | ---- | M] (TomTom International B.V.) -- C:\Documents and Settings\xxxx xxxxxx\Desktop\TomTomHOME2winlatest.exe [2009/12/23 18:20:30 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AbsoluteFTP.lnk [2009/12/23 18:03:06 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/12/23 17:53:51 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2009/12/23 17:47:30 | 00,000,730 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Edraw Max.lnk [2009/12/23 17:16:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin [2009/12/23 17:00:41 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2009/12/23 17:00:35 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2009/12/23 16:57:09 | 00,000,188 | ---- | M] () -- C:\WINDOWS\x [2009/12/23 16:53:34 | 00,001,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ThinkVantage Productivity Center.lnk [2009/12/23 15:49:03 | 00,030,144 | ---- | M] (Lenovo (United States) Inc.) -- C:\WINDOWS\System32\drivers\psadd.sys [2009/12/23 15:39:48 | 00,000,528 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job [2009/12/23 12:31:55 | 00,001,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Macromedia Dreamweaver 8.lnk [2009/12/23 10:54:31 | 00,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TrueCrypt.lnk [2009/12/23 10:54:30 | 00,223,440 | ---- | M] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys [2009/12/23 10:39:45 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\FolderMatch v3.5.6.lnk [2009/12/23 09:44:37 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009/12/23 09:43:16 | 00,000,808 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Xara Xtreme Pro 5.lnk [2009/12/23 01:30:14 | 00,002,481 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI [2009/12/23 00:41:09 | 00,000,765 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Control_Alt_A__batch_file.bat.lnk [2009/12/23 00:39:36 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2009/12/23 00:39:07 | 00,000,920 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog [2009/12/22 22:42:47 | 00,002,036 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Word 2003.lnk [2009/12/22 22:42:42 | 00,002,016 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\PowerPoint 2003.lnk [2009/12/22 22:42:34 | 00,002,060 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Outlook 2003.lnk [2009/12/22 22:42:15 | 00,002,004 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Microsoft Office Access 2003.lnk [2009/12/22 22:19:31 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2009/12/22 21:49:41 | 00,002,348 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Google Chrome.lnk [2009/12/22 21:19:21 | 00,000,040 | ---- | M] () -- C:\WINDOWS\System32\profile.dat [2009/12/22 21:08:28 | 00,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2009/12/22 20:55:45 | 00,250,048 | RHS- | M] () -- C:\ntldr [2009/12/22 18:46:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009/12/22 18:21:06 | 00,000,135 | ---- | M] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\fusioncache.dat [2009/12/22 18:20:27 | 00,000,100 | ---- | M] () -- C:\WINDOWS\System32\drivers\LENOVO_2007_F4G.MRK [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\IO.SYS [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\CONFIG.SYS [2009/12/22 18:20:26 | 00,000,000 | -H-- | M] () -- C:\AUTOEXEC.BAT [2009/12/22 18:20:23 | 00,000,010 | ---- | M] () -- C:\WINDOWS\System32\firstboot.ibm [2009/12/22 18:20:01 | 00,002,359 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009/12/22 18:20:00 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2009/12/22 18:10:22 | 00,000,061 | ---- | M] () -- C:\WINDOWS\smscfg.ini [2009/12/22 18:10:16 | 00,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf [2009/12/22 18:09:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\AccConnAdvanced.html [2009/12/22 18:06:24 | 00,000,000 | -H-- | M] () -- C:\BOOTLOG.PRV [2009/12/22 18:03:28 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2009/12/22 18:00:02 | 00,000,148 | ---- | M] () -- C:\WINDOWS\wininit.ini [2009/12/22 17:58:02 | 00,001,472 | ---- | M] () -- C:\SYSLEVEL.IBM [2009/12/22 17:49:40 | 00,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\IBM_2007_F4G_TP.MRK [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/01/12 09:52:05 | 00,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2010/01/12 09:40:32 | 00,108,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2010/01/12 09:40:32 | 00,095,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2010/01/11 23:43:09 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2010/01/11 23:43:09 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2010/01/11 22:36:30 | 00,001,620 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\CCleaner.lnk [2010/01/11 10:07:49 | 11,258,6752 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\minDrWebLiveCD-5.0.1.iso [2010/01/11 09:39:46 | 27,276,0832 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\BitDefenderRescueCD_v2.0.0_3_08_2009.iso [2010/01/11 09:13:11 | 32,195,74784 | -HS- | C] () -- C:\hiberfil.sys [2010/01/11 01:01:13 | 00,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/01/11 00:56:03 | 00,000,892 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk [2010/01/11 00:51:10 | 00,001,005 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Spybot - Search & Destroy.lnk [2010/01/10 22:17:36 | 00,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/01/10 19:34:21 | 02,097,152 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\bubblegums_9-1-2010 [2010/01/10 17:26:45 | 00,000,870 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to TpKmapAp.exe.lnk [2010/01/10 00:12:33 | 00,000,928 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Adobe Photoshop CS4.lnk [2010/01/10 00:12:12 | 00,000,952 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Adobe Dreamweaver CS4.lnk [2010/01/10 00:06:32 | 00,000,848 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Start Menu\Programs\Startup\306313.lnk [2010/01/10 00:05:38 | 00,001,972 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mindjet MindManager 8.lnk [2010/01/09 21:21:54 | 00,000,717 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\7-Zip File Manager.lnk [2010/01/09 17:48:15 | 00,001,087 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\My Documents\Untitled-1.gif [2010/01/08 20:51:56 | 00,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2010/01/07 23:08:13 | 00,001,024 | ---- | C] () -- C:\.rnd [2010/01/02 12:59:17 | 00,000,910 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Orange Mobile Partner.lnk [2009/12/28 08:40:53 | 00,318,233 | ---- | C] () -- C:\x1supportfiles.zip [2009/12/26 13:34:36 | 00,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\3Connect.lnk [2009/12/26 13:32:12 | 00,070,667 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe [2009/12/26 13:32:07 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdvrmng.sys [2009/12/25 11:54:07 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/12/24 01:12:41 | 00,016,896 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/23 23:25:54 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin [2009/12/23 22:52:53 | 00,001,026 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to SCANPST.EXE.lnk [2009/12/23 22:07:27 | 00,001,034 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Traigh_NYE_2009-10.xls.lnk [2009/12/23 18:20:30 | 00,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AbsoluteFTP.lnk [2009/12/23 18:03:06 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/12/23 17:53:51 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2009/12/23 17:47:30 | 00,000,730 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Edraw Max.lnk [2009/12/23 17:16:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2009/12/23 17:02:23 | 00,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2009/12/23 17:02:23 | 00,152,496 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap [2009/12/23 17:02:22 | 03,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2009/12/23 17:02:21 | 00,015,577 | ---- | C] () -- C:\WINDOWS\atiogl.xml [2009/12/23 17:00:41 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2009/12/23 17:00:35 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2009/12/23 16:56:52 | 00,000,188 | ---- | C] () -- C:\WINDOWS\x [2009/12/23 16:56:27 | 00,004,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2009/12/23 16:51:27 | 00,001,904 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din [2009/12/23 16:23:22 | 01,102,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/12/23 15:39:48 | 00,000,528 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job [2009/12/23 15:39:48 | 00,000,340 | ---- | C] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job [2009/12/23 12:31:55 | 00,001,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Macromedia Dreamweaver 8.lnk [2009/12/23 10:54:31 | 00,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TrueCrypt.lnk [2009/12/23 10:39:45 | 00,000,790 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\FolderMatch v3.5.6.lnk [2009/12/23 10:01:03 | 00,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009/12/23 10:01:03 | 00,000,892 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009/12/23 09:44:39 | 00,000,545 | ---- | C] () -- C:\WINDOWS\TXTPAD.PIF [2009/12/23 09:44:37 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2009/12/23 09:43:16 | 00,000,808 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Xara Xtreme Pro 5.lnk [2009/12/23 01:30:14 | 00,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2009/12/23 01:27:10 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll [2009/12/23 01:27:10 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll [2009/12/23 01:24:45 | 00,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI [2009/12/23 00:40:36 | 00,000,765 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Control_Alt_A__batch_file.bat.lnk [2009/12/23 00:40:29 | 00,000,757 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Shortcut to Control_Alt_W__batch_file.bat.lnk [2009/12/23 00:39:36 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2009/12/22 22:42:47 | 00,002,036 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Word 2003.lnk [2009/12/22 22:42:42 | 00,002,016 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\PowerPoint 2003.lnk [2009/12/22 22:42:34 | 00,002,060 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Outlook 2003.lnk [2009/12/22 22:42:29 | 00,002,495 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Excel2003.lnk [2009/12/22 22:42:15 | 00,002,004 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Microsoft Office Access 2003.lnk [2009/12/22 22:21:39 | 00,000,436 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F9310CAE-CC84-4595-AFF0-72A1DBB42BE2}.job [2009/12/22 21:55:37 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/12/22 21:49:41 | 00,002,348 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Desktop\Google Chrome.lnk [2009/12/22 21:47:23 | 00,001,006 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1197846292-3383628571-2451298793-1005UA.job [2009/12/22 21:47:21 | 00,000,954 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1197846292-3383628571-2451298793-1005Core.job [2009/12/22 19:09:48 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2009/12/22 19:09:41 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2009/12/22 19:08:59 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2009/12/22 18:46:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/12/22 18:45:59 | 00,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2009/12/22 18:20:26 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\drivers\LENOVO_2007_F4G.MRK [2009/12/22 18:20:23 | 00,000,010 | ---- | C] () -- C:\WINDOWS\System32\firstboot.ibm [2009/12/22 18:20:18 | 00,000,278 | -HS- | C] () -- C:\Documents and Settings\xxxx xxxxxx\ntuser.ini [2009/12/22 18:20:18 | 00,000,135 | ---- | C] () -- C:\Documents and Settings\xxxx xxxxxx\Local Settings\Application Data\fusioncache.dat [2009/12/22 18:20:17 | 04,194,304 | -H-- | C] () -- C:\Documents and Settings\xxxx xxxxxx\NTUSER.DAT [2009/12/22 18:20:00 | 00,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2009/12/22 18:15:03 | 00,002,359 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2009/12/22 18:10:20 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2009/12/22 18:09:55 | 00,000,314 | ---- | C] () -- C:\WINDOWS\tasks\PMTask.job [2009/12/22 18:09:52 | 00,028,672 | ---- | C] () -- C:\WINDOWS\PWMBTHLP.EXE [2009/12/22 18:09:52 | 00,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS [2009/12/22 18:09:39 | 00,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys [2009/12/22 18:09:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\AccConnAdvanced.html [2009/12/22 18:06:24 | 00,000,000 | -H-- | C] () -- C:\BOOTLOG.PRV [2009/12/22 18:03:47 | 00,000,040 | ---- | C] () -- C:\WINDOWS\System32\profile.dat [2009/12/22 18:03:27 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2009/12/22 18:00:54 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009/12/22 18:00:54 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009/12/22 18:00:54 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009/12/22 18:00:54 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009/12/22 18:00:54 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009/12/22 18:00:54 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009/12/22 18:00:14 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys [2009/12/22 17:59:55 | 00,000,148 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/12/22 17:59:00 | 00,009,679 | ---- | C] () -- C:\WINDOWS\System32\msxml4r.cat [2009/12/22 17:59:00 | 00,009,675 | ---- | C] () -- C:\WINDOWS\System32\msxml4.cat [2009/12/22 17:59:00 | 00,003,489 | ---- | C] () -- C:\WINDOWS\System32\msxml4.Manifest [2009/12/22 17:59:00 | 00,000,500 | ---- | C] () -- C:\WINDOWS\System32\msxml4r.Manifest [2009/12/22 17:58:28 | 00,001,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ThinkVantage Productivity Center.lnk [2009/12/22 17:58:02 | 00,001,472 | ---- | C] () -- C:\SYSLEVEL.IBM [2009/12/22 17:55:22 | 00,000,920 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog [2009/12/22 17:52:27 | 00,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf [2009/12/22 17:49:38 | 00,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\IBM_2007_F4G_TP.MRK [2009/12/22 17:48:10 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll [2009/12/22 17:48:10 | 00,008,177 | ---- | C] () -- C:\WINDOWS\System32\TP4EX.HLP [2009/12/22 17:48:10 | 00,005,928 | ---- | C] () -- C:\WINDOWS\System32\TP4LATCH.WAV [2009/12/22 17:48:10 | 00,004,458 | ---- | C] () -- C:\WINDOWS\System32\TP4CLICK.WAV [2009/12/22 17:47:25 | 00,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2009/12/22 17:46:31 | 00,025,214 | ---- | C] () -- C:\WINDOWS\System32\TpShocks.ICO [2009/12/22 17:45:54 | 00,147,520 | ---- | C] () -- C:\WINDOWS\_tpiu000.exe [2009/12/22 17:45:33 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\TpKmpSvc.exe [2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/05/14 14:29:30 | 00,008,520 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll [2007/04/27 11:43:58 | 00,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2007/01/29 11:36:32 | 00,025,224 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI [2005/11/01 22:59:16 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2005/10/17 23:22:24 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL [2005/09/06 18:05:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004/08/09 19:03:43 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini [2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/05/16 06:29:04 | 00,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2001/11/24 01:18:00 | 00,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2001/11/14 20:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [1980/01/01 08:00:00 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll ========== LOP Check ========== [2010/01/11 10:08:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\.oit [2009/12/23 18:51:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Avaya [2009/12/26 13:34:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Birdstep Technology [2009/12/22 17:57:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\IBM [2009/12/23 17:17:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Lenovo [2009/12/23 08:38:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\MAGIX [2010/01/10 22:15:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TeamViewer [2009/12/23 20:46:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TomTom [2009/12/23 11:02:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\TrueCrypt [2010/01/12 13:02:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\uTorrent [2009/12/23 18:21:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\xxxx xxxxxx\Application Data\Van Dyke Technologies [2009/12/26 13:34:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology [2009/12/23 16:53:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo [2010/01/07 23:08:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2009/12/23 08:38:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Magix [2009/12/23 09:33:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mindjet [2009/12/23 15:41:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr [2009/12/26 18:59:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/12/23 10:54:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrueCrypt [2009/12/23 08:37:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xara [2010/01/12 09:41:45 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2009/12/23 15:39:48 | 00,000,528 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job [2010/01/12 09:41:08 | 00,000,314 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job [2010/01/12 13:01:39 | 00,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job [2010/01/12 09:19:12 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9310CAE-CC84-4595-AFF0-72A1DBB42BE2}.job ========== Purity Check ========== < End of report >Last edited by skunksmash; 12 Jan 2010 at 11:57.
-
New #28
Code:Extras.txt also from my WinXP PC OTL Extras logfile created on: 12/01/2010 13:03:02 - Run 1 OTL by OldTimer - Version 3.1.24.0 Folder = C:\Documents and Settings\XXXX XXXXXX\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 79.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 69.64 Gb Total Space | 40.46 Gb Free Space | 58.10% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XXXX08 Current User Name: XXXX XXXXXX Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe" = C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update -- File not found "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe" = C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update -- File not found "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation) "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated) "C:\Documents and Settings\XXXX XXXXXX\Local Settings\Temp\nvvscv.exe" = C:\Documents and Settings\XXXX XXXXXX\Local Settings\Temp\nvvscv.exe:*:Enabled:87521 -- File not found "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe" = C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS4 -- (Adobe Systems, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00997239-8A42-DEA0-7FA0-1AF26D4174D4}" = CCC Help Dutch "{01B98AF5-3F68-2B2A-96A9-756427755EE1}" = CCC Help Japanese "{0236C1B8-A699-4A8F-9121-36B41FFDB33A}" = Mindjet MindManager 8 "{03694711-6C4B-0CF0-5774-22130FCE0B85}" = Catalyst Control Center Graphics Light "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data "{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0F27E26B-6B0D-3339-9C3D-9D9553F0474A}" = Catalyst Control Center Localization All "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message "{11E48F3E-8975-FEDB-D68C-ED6A5C3DEA43}" = CCC Help Korean "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility "{137DCFE3-F690-9908-5E9E-9CB49FA89D2B}" = ccc-core-preinstall "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = ThinkPad Keyboard Customizer Utility "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2ABCF36B-7253-88EE-E3EE-0239EED2C935}" = CCC Help Spanish "{2BF52D77-1DF7-4391-85B3-AE45CEE8BD86}" = Xara Xtreme Pro 5 "{2C996783-CAE7-C5B5-DDF5-88613DCFC907}" = Skins "{2ECFBC62-FC62-CA66-8C85-FC867A6E2ECB}" = CCC Help Portuguese "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{3694899E-5C7F-4EAA-A26B-ED163D5DCADB}" = InterVideo WinDVD Creator "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = ThinkPad Bluetooth with Enhanced Data Rate Software "{43507E5B-94A0-4E56-9C7B-FAAAFBDB5904}" = Intel(R) PROSet/Wireless WiFi Software "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System "{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}" = Microsoft Security Essentials "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{53823917-21A6-A0EE-9F4B-F9F153C8C075}" = Catalyst Control Center Graphics Full Existing "{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager "{57FA0525-01F9-4051-8DE9-CBF43CAC68D9}" = Catalyst Control Center - Branding "{6029C599-81E1-4C1C-8BD6-A7298CA88546}" = Mindjet MindManager Pro 7 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{69F30A63-7771-9A9E-3881-4C71B1904492}" = ccc-utility "{6B707CD5-2425-00B2-B5C8-677862351118}" = CCC Help German "{71A4AF1A-9C08-9EC0-D246-C120866B798C}" = Catalyst Control Center Core Implementation "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76F571DE-144F-E890-CDFA-020241BC5201}" = ccc-core-static "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{797A9B18-BC2A-C4DD-AF56-0E89699B8030}" = CCC Help Chinese Traditional "{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad UltraNav Wizard "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9FABBC7B-287C-90FD-050E-FB51EA2FF60F}" = CCC Help Italian "{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}" = Microsoft Antimalware "{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Power Manager "{A2D1C130-C6AB-D8FD-10FC-942FFB9A64F8}" = CCC Help Chinese Standard "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A7ACD5B8-72E1-5E50-E8CF-748E5F224F27}" = Catalyst Control Center Graphics Full New "{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BBE9576A-0405-F53B-1B69-65D993A13A01}" = CCC Help English "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes "{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CDBFC424-DD00-497F-9BDC-4E4178332336}" = ThinkVantage Fingerprint Software 5.4 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF292E8C-9606-3B51-6EEF-6AA7D254A30A}" = CCC Help Swedish "{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D728E945-256D-4477-B377-6BBA693714AC}" = Productivity Center Supplement for ThinkPad "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E5072660-B723-422B-BB74-EAA300BF716B}" = System Migration Assistant "{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center "{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2 "{EA664480-3844-11D5-8C25-444553540000}" = TrackPoint Accessibility Features "{F015E93D-8D56-D76A-6B7D-A3C171471DEC}" = CCC Help French "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad Configuration "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "7-Zip" = 7-Zip 9.10 beta "AbsoluteFTP" = Van Dyke Technologies AbsoluteFTP 1.9 "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4 "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "AwayTask" = Maintenance Manager "CCleaner" = CCleaner "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem "Edraw Max_is1" = Edraw Max 5.1 "FolderMatch_is1" = FolderMatch v3.5.6 "Huawei Modems" = Huawei modem "ie8" = Windows Internet Explorer 8 "InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2 "InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010 "LiveReg" = LiveReg (Symantec Corporation) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Essentials" = Microsoft Security Essentials "Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "OnScreenDisplay" = On Screen Display "Orange Mobile Partner" = Orange Mobile Partner "PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox "PCMCIAPW" = ThinkPad PC Card Power Policy "PDF-XChange 3_is1" = PDF-XChange 3 "Power Management Driver" = ThinkPad Power Management Driver "PowerISO" = PowerISO "ProInst" = Intel PROSet Wireless "PROSet" = Intel(R) Network Connections Drivers "Remove Multimedia Center" = Remove Multimedia Center "SynTPDeinstKey" = ThinkPad UltraNav Driver "TextPad" = TextPad "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier "ThinkPadSoftwareInstaller" = Software Installer "TomTom HOME" = TomTom HOME 2.7.3.1894 "TrueCrypt" = TrueCrypt "uTorrent" = µTorrent "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows XP Service Pack" = Windows XP Service Pack 3 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Yahoo! Companion" = Yahoo! Toolbar ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 04/01/2010 16:06:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 04/01/2010 17:06:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 04/01/2010 18:06:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 04/01/2010 18:52:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 04/01/2010 19:06:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 04/01/2010 19:52:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 06/01/2010 06:52:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 07/01/2010 13:06:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 08/01/2010 11:52:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = Error - 08/01/2010 12:52:05 | Computer Name = XXXX08 | Source = Google Update | ID = 20 Description = [ System Events ] Error - 08/01/2010 14:06:23 | Computer Name = XXXX08 | Source = ipnathlp | ID = 31008 Description = The DNS proxy agent was unable to read the local list of name-resolution servers from the registry. The data is the error code. Error - 08/01/2010 14:06:27 | Computer Name = XXXX08 | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.111.11 for the Network Card with network address 00164155A02E has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message). Error - 08/01/2010 16:57:38 | Computer Name = XXXX08 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect. Error - 10/01/2010 06:39:17 | Computer Name = XXXX08 | Source = MRxSmb | ID = 8003 Description = The master browser has received a server announcement from the computer XXXX09 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5B9DCF4C-D22B-4A7D-88. The master browser is stopping or an election is being forced. Error - 10/01/2010 13:13:34 | Computer Name = XXXX08 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect. Error - 10/01/2010 13:30:02 | Computer Name = XXXX08 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect. Error - 10/01/2010 13:30:02 | Computer Name = XXXX08 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the System Update service to connect. Error - 10/01/2010 13:30:02 | Computer Name = XXXX08 | Source = Service Control Manager | ID = 7000 Description = The System Update service failed to start due to the following error: %%1053 Error - 10/01/2010 20:43:17 | Computer Name = XXXX08 | Source = sr | ID = 1 Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. Error - 10/01/2010 20:44:49 | Computer Name = XXXX08 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect. < End of report >Last edited by skunksmash; 12 Jan 2010 at 11:58.
-
-
New #30
Obviously I shall re-install if I absolutely have to - but that could be DAYS of work to reinstall everything correctly. PLUS it is not an answer if it turns out that my data has been infected!
Ship
Quote
Related Discussions