Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Catalogue of disaster

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Catalogue of disaster

Unread postby Birdie158 » February 9th, 2011, 12:57 pm

Quite some some reading and list of requirements to get this far - I hope that I have missed nothing essential. PLEASE, point-out anything that is wrong or anything more that I need to do.

Presumably the same problem started 2 days ago, after installing a new HD - that was the first time that I had ever reinstalled from a backup (which I stupidly then deleted), and had assumed that doing such restored my PC to the exact condition at the time of making the backup, in every way. I realised a day later that that did not include various programs - not least antivirus.

The first problem was that the second and sunsequent tabs on Explorer opened to something other than Google, which was supposed to be my only homepage (unless I was opening a link). I can't remember details beyond that it was some kind of greenish swirling logo, possibly mentioning toolbar installation. It did have a check-box at the botom, saying do not show me this again. I checked it and the second and subsequent tabs opened as a blank page from then on.
The tab for the blank pages was labelled something like "blank page", the address was "about:blank".
I ran numerous scans with numerous anti-malware packages and they had no effect.
An hour or two ago, the fault seemed to disappear - new tabs opened to Google. But the tab labels and addresses all started with a small red circle with a black backward (upper case) E in it with the upright of the E making something like a (lower case) k.
I had to go out so switched everything off. When I fired-up again, I could make a network connection, but downloading anything was so slow (or impossible) that I achieved nothing.
I am now running in safe mode to be able to do anything at all.


Email downloads through all this have been erratic. Possibly unconnected? The MS sidebar has also disappeared from startup at times too.
Toolbar chooser (or a similar title) also appeared on my desktop a couple of times, apparently from nowhere.
When the machine ground to a halt, one of the MS utilities that scans for reasons for slow operation (sorry, can't remember which), could find no antivirus running, even though Security Essentials was indicated as running.

I noticed on another thread that you need the text unwrapped - this I have tried via Start, All Prog's...., and it did not work. Because I am in safe mode?
The logfile also seems remarkably short - due to safe mode again?


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:13:22, on 09/02/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18542)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Carl\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8173 bytes

Added ~2 hours after original post -
Started in normal mode and re-ran HijackThis as follows, if it is of any (extra) help (running pretty much normally at the moment) -

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:11:07, on 09/02/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18542)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe
C:\Users\Carl\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9181 bytes


Uninstall list -

Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.0
Advanced Audio FX Engine
Advanced Video FX Engine
AVG 2011
AVG 2011
AVG 2011
BT Broadband Desktop Help
BT Yahoo! Applications
BTHomeHub
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Resource CD
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
Free File Opener version 2011.6.0
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GoToAssist Corporate
GoToAssist Corporate
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Java(TM) 6 Update 23
Java(TM) 6 Update 5
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Marvell Miniport Driver
Microsoft Antimalware
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Security Client
Microsoft Security Essentials
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Modem Diagnostic Tool
QuickSet
RICOH R5U8xx Media Driver ver.3.62.02
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
SigmaTel Audio
Spyware Doctor with AntiVirus 8.0
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WIDCOMM Bluetooth Software 6.0.1.3100
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm
Advertisement
Register to Remove

Re: Catalogue of disaster

Unread postby askey127 » February 12th, 2011, 10:13 pm

Hi Birdie158,
You have too many antivirus programs running. Let's simplify so we can get this running correctly.
-----------------------------------------------
Download Antivir Free
This program is free for personal, non-business use.
Download AntiVir Free from here : http://www.softpedia.com/get/Antivirus/AntiVir-Personal-Edition.shtml
Click the Download button. Then when the "Download Locations" page comes up, choose the first External Mirror (exe)
Save the Installer to your desktop, but don't run it yet. The installer file will be named avira_antivir_personal_en.exe
Double check to be sure you know where to find it.
------------------------------------------------
Remove AVG and Other Programs Using the Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click this Entry, choose Uninstall/Change, and give permission to Continue:

AVG 2011
Java(TM) 6 Update 5
Microsoft Security Essentials
Microsoft Antimalware
Microsoft Security Client
Spyware Doctor with AntiVirus 8.0

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------

REBOOT The Machine

-----------------------------------------------
Install Antivir
Right Click the Avira Antivir Installer you saved on your desktop, choose "Run as administrator", and let it Install Antivir.
-----------------------------------------------
Update and Scan with Antivir
Right click the red umbrella icon and choose Start Antivir.
When the window comes up click Start Update.
When the update is complete, click on Scan System Now.
This full scan could take a hour or more.
It will ask what to do with any items it finds.
IMPORTANT >> For Now, tell it to IGNORE any items it finds. Do not choose Quarantine or Delete.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Catalogue of disaster

Unread postby Birdie158 » February 13th, 2011, 6:24 am

Uninstalling AVG, MS Security Essentials, Java 6-5 and Spyware Doctor was simple enough. However, the other 2 are not listed in the program list accessed via control panel and are not found using the search.
A message also appeared that the firewall was switched off, but it appears as switched on in Wndows Security Centre. I can find no way to switch anything on or off in Windows Security Centre (I recall from previously, that the indicator buttons toggled on-off, when I switched the MS firewall off as I was running via a router).
I have gone ahead and installed Avira anyway - loads of MS warnings kept coming up about security.
Scan running currently
Last edited by Birdie158 on February 13th, 2011, 8:34 am, edited 1 time in total.
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm

Re: Catalogue of disaster

Unread postby askey127 » February 13th, 2011, 8:31 am

Ok. Please go ahead with the Avira Antivir sequences.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Catalogue of disaster

Unread postby Birdie158 » February 13th, 2011, 9:16 am

General verdict - nothing found - report as below

Avira AntiVir Personal
Report file date: 13 February 2011 12:12

Scanning for 2396735 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 1) [6.0.6001]
Boot mode : Normally booted
Username : SYSTEM
Computer name : CARL-PC

Version information:
BUILD.DAT : 10.0.0.611 31824 Bytes 14/01/2011 13:42:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 10/01/2011 14:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 10/01/2011 14:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 14:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 11:59:11
VBASE003.VDF : 7.11.3.1 2048 Bytes 09/02/2011 11:59:11
VBASE004.VDF : 7.11.3.2 2048 Bytes 09/02/2011 11:59:11
VBASE005.VDF : 7.11.3.3 2048 Bytes 09/02/2011 11:59:11
VBASE006.VDF : 7.11.3.4 2048 Bytes 09/02/2011 11:59:11
VBASE007.VDF : 7.11.3.5 2048 Bytes 09/02/2011 11:59:11
VBASE008.VDF : 7.11.3.6 2048 Bytes 09/02/2011 11:59:11
VBASE009.VDF : 7.11.3.7 2048 Bytes 09/02/2011 11:59:11
VBASE010.VDF : 7.11.3.8 2048 Bytes 09/02/2011 11:59:11
VBASE011.VDF : 7.11.3.9 2048 Bytes 09/02/2011 11:59:11
VBASE012.VDF : 7.11.3.10 2048 Bytes 09/02/2011 11:59:11
VBASE013.VDF : 7.11.3.11 2048 Bytes 09/02/2011 11:59:12
VBASE014.VDF : 7.11.3.12 2048 Bytes 09/02/2011 11:59:12
VBASE015.VDF : 7.11.3.13 2048 Bytes 09/02/2011 11:59:12
VBASE016.VDF : 7.11.3.14 2048 Bytes 09/02/2011 11:59:12
VBASE017.VDF : 7.11.3.15 2048 Bytes 09/02/2011 11:59:12
VBASE018.VDF : 7.11.3.16 2048 Bytes 09/02/2011 11:59:12
VBASE019.VDF : 7.11.3.17 2048 Bytes 09/02/2011 11:59:12
VBASE020.VDF : 7.11.3.18 2048 Bytes 09/02/2011 11:59:12
VBASE021.VDF : 7.11.3.19 2048 Bytes 09/02/2011 11:59:12
VBASE022.VDF : 7.11.3.20 2048 Bytes 09/02/2011 11:59:12
VBASE023.VDF : 7.11.3.21 2048 Bytes 09/02/2011 11:59:12
VBASE024.VDF : 7.11.3.22 2048 Bytes 09/02/2011 11:59:12
VBASE025.VDF : 7.11.3.23 2048 Bytes 09/02/2011 11:59:12
VBASE026.VDF : 7.11.3.24 2048 Bytes 09/02/2011 11:59:12
VBASE027.VDF : 7.11.3.25 2048 Bytes 09/02/2011 11:59:13
VBASE028.VDF : 7.11.3.26 2048 Bytes 09/02/2011 11:59:13
VBASE029.VDF : 7.11.3.27 2048 Bytes 09/02/2011 11:59:13
VBASE030.VDF : 7.11.3.28 2048 Bytes 09/02/2011 11:59:13
VBASE031.VDF : 7.11.3.52 116224 Bytes 12/02/2011 11:59:13
Engineversion : 8.2.4.166
AEVDF.DLL : 8.1.2.1 106868 Bytes 10/01/2011 14:23:26
AESCRIPT.DLL : 8.1.3.53 1282427 Bytes 13/02/2011 11:59:19
AESCN.DLL : 8.1.7.2 127349 Bytes 10/01/2011 14:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 10/01/2011 14:23:26
AERDL.DLL : 8.1.9.2 635252 Bytes 10/01/2011 14:23:25
AEPACK.DLL : 8.2.4.9 512374 Bytes 13/02/2011 11:59:18
AEOFFICE.DLL : 8.1.1.16 205179 Bytes 13/02/2011 11:59:18
AEHEUR.DLL : 8.1.2.76 3273078 Bytes 13/02/2011 11:59:17
AEHELP.DLL : 8.1.16.1 246134 Bytes 13/02/2011 11:59:15
AEGEN.DLL : 8.1.5.2 397683 Bytes 13/02/2011 11:59:14
AEEMU.DLL : 8.1.3.0 393589 Bytes 10/01/2011 14:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 13/02/2011 11:59:14
AEBB.DLL : 8.1.1.0 53618 Bytes 10/01/2011 14:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10/01/2011 14:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 10/01/2011 14:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 14:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 10/01/2011 14:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 10/01/2011 14:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 10/01/2011 14:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 10/01/2011 14:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10/01/2011 14:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 10/01/2011 14:23:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 13 February 2011 12:12

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'vssvc.exe' - '49' Module(s) have been scanned
Scan process 'avscan.exe' - '79' Module(s) have been scanned
Scan process 'avscan.exe' - '29' Module(s) have been scanned
Scan process 'avcenter.exe' - '65' Module(s) have been scanned
Scan process 'iexplore.exe' - '119' Module(s) have been scanned
Scan process 'GoogleToolbarUser_32.exe' - '65' Module(s) have been scanned
Scan process 'IEUser.exe' - '65' Module(s) have been scanned
Scan process 'avgnt.exe' - '50' Module(s) have been scanned
Scan process 'sched.exe' - '56' Module(s) have been scanned
Scan process 'avshadow.exe' - '33' Module(s) have been scanned
Scan process 'avguard.exe' - '66' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'wsqmcons.exe' - '28' Module(s) have been scanned
Scan process 'wuauclt.exe' - '35' Module(s) have been scanned
Scan process 'WinMail.exe' - '123' Module(s) have been scanned
Scan process 'BtStackServer.exe' - '72' Module(s) have been scanned
Scan process 'Apntex.exe' - '21' Module(s) have been scanned
Scan process 'HidFind.exe' - '27' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '34' Module(s) have been scanned
Scan process 'quickset.exe' - '81' Module(s) have been scanned
Scan process 'BTTray.exe' - '60' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '56' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '80' Module(s) have been scanned
Scan process 'BTHelpNotifier.exe' - '75' Module(s) have been scanned
Scan process 'OEM02Mon.exe' - '30' Module(s) have been scanned
Scan process 'Apoint.exe' - '34' Module(s) have been scanned
Scan process 'WLTRAY.EXE' - '62' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '25' Module(s) have been scanned
Scan process 'igfxpers.exe' - '20' Module(s) have been scanned
Scan process 'hkcmd.exe' - '23' Module(s) have been scanned
Scan process 'igfxtray.exe' - '24' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '38' Module(s) have been scanned
Scan process 'Explorer.EXE' - '159' Module(s) have been scanned
Scan process 'taskeng.exe' - '81' Module(s) have been scanned
Scan process 'Dwm.exe' - '37' Module(s) have been scanned
Scan process 'taskeng.exe' - '48' Module(s) have been scanned
Scan process 'xaudio.exe' - '14' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '64' Module(s) have been scanned
Scan process 'svchost.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'STacSV.exe' - '35' Module(s) have been scanned
Scan process 'sprtsvc.exe' - '67' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'McciCMService.exe' - '33' Module(s) have been scanned
Scan process 'IAANTMon.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'aestsrv.exe' - '5' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'spoolsv.exe' - '80' Module(s) have been scanned
Scan process 'WLANExt.exe' - '44' Module(s) have been scanned
Scan process 'bcmwltry.exe' - '72' Module(s) have been scanned
Scan process 'WLTRYSVC.EXE' - '15' Module(s) have been scanned
Scan process 'svchost.exe' - '98' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'SLsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '154' Module(s) have been scanned
Scan process 'svchost.exe' - '117' Module(s) have been scanned
Scan process 'svchost.exe' - '70' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned
Scan process 'lsm.exe' - '22' Module(s) have been scanned
Scan process 'lsass.exe' - '62' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '369' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\'


End of the scan: 13 February 2011 12:43
Used time: 31:04 Minute(s)

The scan has been done completely.

18110 Scanned directories
274330 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
274330 Files not concerned
3205 Archives were scanned
0 Warnings
0 Notes
398854 Objects were scanned with rootkit scan
0 Hidden objects were found
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm

Re: Catalogue of disaster

Unread postby askey127 » February 13th, 2011, 12:32 pm

Birdie158,
----------------------------------------------
Vista SP2 is available from here:
http://www.microsoft.com/downloads/details.aspx?FamilyID=a4dd31d5-f907-4406-9012-a5c3199ea2b3&displaylang=en
If you have a broadband connection, download it, save to your desktop and then right click "Run as administrator" to run it.
Allow it to install a new version of Internet Explorer if it wants.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
(You may not need a separate instruction, since you will likely need to reboot after the installation anyway)
---------------------------------------------
Run a Scan with OTL
  1. Please download OTL.exe by OldTimer and save it to your desktop.
  2. Right click on OTL.exe and select Run As Administrator to run it. If Windows UAC prompts you, please allow it.
  3. Click on the Run Scan button at the top left hand corner.
  4. OTL will start running. When done, 2 Notepad files will open; OTL.txt and Extras.txt.
    They will be saved on your desktop.
    Please post the contents of these files.
    You may use separate replies if you wish.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Catalogue of disaster

Unread postby Birdie158 » February 13th, 2011, 6:23 pm

Old Timer results as follows -

OTL Extras logfile created on: 13/02/2011 22:11:30 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Carl\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 120.01 Gb Total Space | 93.56 Gb Free Space | 77.96% Space Free | Partition Type: NTFS
Drive D: | 109.83 Gb Total Space | 106.21 Gb Free Space | 96.71% Space Free | Partition Type: NTFS

Computer Name: CARL-PC | User Name: Carl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{48E58602-B564-44AA-8455-524E3D0DB26F}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{78604AE9-4241-40B9-864A-7765CB389240}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{78859DE3-9847-40AD-93EE-C6AF8AE9A7DB}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{D6B02CD8-45B3-444D-B1CD-C71F136FAE61}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{D880B011-32B5-4671-8289-1519CEDE209E}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{EBD8669E-91AC-44E9-A966-BE2F5F0FE614}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"BT Broadband Desktop Help" = BT Broadband Desktop Help
"BTHomeHub" = BTHomeHub
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"Free File Opener_is1" = Free File Opener version 2011.6.0
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist Corporate
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Yahoo! Applications" = BT Yahoo! Applications
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13/02/2011 07:22:37 | Computer Name = Carl-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/02/2011 07:41:47 | Computer Name = Carl-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/02/2011 07:48:15 | Computer Name = Carl-PC | Source = LoadPerf | ID = 3012
Description =

Error - 13/02/2011 07:48:15 | Computer Name = Carl-PC | Source = LoadPerf | ID = 3011
Description =

Error - 13/02/2011 17:36:53 | Computer Name = Carl-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 13/02/2011 17:55:04 | Computer Name = Carl-PC | Source = EventSystem | ID = 4621
Description =

Error - 13/02/2011 18:02:14 | Computer Name = Carl-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/02/2011 18:02:47 | Computer Name = Carl-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/02/2011 18:08:54 | Computer Name = Carl-PC | Source = LoadPerf | ID = 3012
Description =

Error - 13/02/2011 18:08:54 | Computer Name = Carl-PC | Source = LoadPerf | ID = 3011
Description =

[ Broadcom Wireless LAN Events ]
Error - 10/02/2011 05:28:14 | Computer Name = Carl-PC | Source = WLAN-Tray | ID = 0
Description = 09:28:13, Thu, Feb 10, 11 Error - Unable to gain access to user store


[ System Events ]
Error - 13/02/2011 07:58:21 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 13/02/2011 17:55:42 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 13/02/2011 18:02:14 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 13/02/2011 18:02:14 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 13/02/2011 18:02:14 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 13/02/2011 18:02:14 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 13/02/2011 18:04:05 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 13/02/2011 18:04:06 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 13/02/2011 18:04:45 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 13/02/2011 18:04:46 | Computer Name = Carl-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm

Re: Catalogue of disaster

Unread postby Birdie158 » February 13th, 2011, 6:26 pm

Too many characters for one reply - OTL as follows in 2 replies-

OTL logfile created on: 13/02/2011 22:11:30 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Carl\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 120.01 Gb Total Space | 93.56 Gb Free Space | 77.96% Space Free | Partition Type: NTFS
Drive D: | 109.83 Gb Total Space | 106.21 Gb Free Space | 96.71% Space Free | Partition Type: NTFS

Computer Name: CARL-PC | User Name: Carl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
PRC - [2011/02/07 18:32:05 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2011/02/07 18:31:49 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/14 16:56:46 | 001,584,640 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/08/14 00:04:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/02/22 17:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/10/25 13:31:20 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/13 15:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/07/24 18:02:42 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/06/06 16:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 14:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2006/11/03 17:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 17:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/09/08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe


========== Modules (SafeList) ==========

MOD - [2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
MOD - [2010/08/31 15:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Unknown | Stopped] -- -- (WPFFontCache_v0400)
SRV - [2011/02/07 16:59:50 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV - [2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/07 11:50:48 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/12/07 11:50:46 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/01/21 02:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 02:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 02:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 02:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 02:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 02:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 02:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 02:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 02:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 02:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 02:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 02:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 02:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 02:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 02:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 02:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 02:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 02:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 02:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 02:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 02:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 02:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/12/26 20:02:52 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/12/06 21:52:42 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/10/11 01:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/17 10:22:00 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 23:21:32 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2007/04/25 12:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/06 17:37:16 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2006/11/06 15:13:52 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/11/06 15:13:50 | 000,080,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2006/11/02 18:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 18:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/02 18:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 09:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 09:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 09:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 09:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 09:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 09:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 09:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 09:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 09:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 09:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 08:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 08:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 08:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 08:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 08:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 08:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 07:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2011/02/07 16:04:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carl\AppData\Roaming\Mozilla\Extensions
[2010/08/21 09:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carl\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/02/13 22:10:44 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
[2011/02/13 21:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/02/13 21:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/02/13 21:57:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/02/13 21:54:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/02/13 21:40:55 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2011/02/13 21:40:45 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2011/02/13 21:40:15 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/02/13 21:40:15 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2011/02/13 21:40:15 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/02/13 21:40:14 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2011/02/13 21:40:14 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011/02/13 21:40:14 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011/02/13 21:40:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2011/02/13 21:40:13 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2011/02/13 21:40:12 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2011/02/13 21:40:12 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011/02/13 21:40:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/02/13 21:40:12 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2011/02/13 21:40:12 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2011/02/13 21:40:10 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2011/02/13 21:40:10 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2011/02/13 21:40:10 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011/02/13 21:40:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2011/02/13 21:40:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2011/02/13 21:40:09 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2011/02/13 21:40:09 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2011/02/13 21:40:09 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2011/02/13 21:40:09 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2011/02/13 21:40:09 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/02/13 21:40:09 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2011/02/13 21:40:09 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2011/02/13 21:40:09 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2011/02/13 21:40:09 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2011/02/13 21:40:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2011/02/13 21:40:09 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011/02/13 21:40:09 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2011/02/13 21:40:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2011/02/13 21:40:08 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2011/02/13 21:40:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2011/02/13 21:40:08 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/02/13 21:40:07 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011/02/13 21:40:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2011/02/13 21:40:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011/02/13 21:40:06 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011/02/13 21:40:06 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011/02/13 21:40:06 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/02/13 21:40:05 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2011/02/13 21:40:05 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2011/02/13 21:40:05 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/02/13 21:40:05 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2011/02/13 21:40:05 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011/02/13 21:40:05 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2011/02/13 21:40:05 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2011/02/13 21:40:04 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2011/02/13 21:40:04 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011/02/13 21:40:03 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2011/02/13 21:40:03 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2011/02/13 21:40:03 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2011/02/13 21:40:03 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2011/02/13 21:40:03 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2011/02/13 21:40:03 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2011/02/13 21:40:03 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011/02/13 21:40:03 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2011/02/13 21:40:03 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2011/02/13 21:40:03 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2011/02/13 21:40:03 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2011/02/13 21:40:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2011/02/13 21:40:03 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2011/02/13 21:40:03 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2011/02/13 21:40:02 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2011/02/13 21:40:02 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2011/02/13 21:40:02 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2011/02/13 21:40:02 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2011/02/13 21:40:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2011/02/13 21:40:01 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/02/13 21:40:01 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/02/13 21:40:01 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2011/02/13 21:40:01 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2011/02/13 21:40:01 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2011/02/13 21:40:01 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2011/02/13 21:40:01 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/02/13 21:40:00 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2011/02/13 21:40:00 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2011/02/13 21:40:00 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/02/13 21:40:00 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2011/02/13 21:40:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/02/13 21:39:59 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/02/13 21:39:58 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/02/13 21:39:58 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2011/02/13 21:39:55 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011/02/13 21:39:49 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2011/02/13 21:39:49 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2011/02/13 21:39:49 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2011/02/13 21:39:49 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2011/02/13 21:39:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2011/02/13 21:39:49 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2011/02/13 21:39:49 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2011/02/13 21:39:49 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2011/02/13 21:39:48 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/02/13 21:39:48 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011/02/13 21:39:48 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011/02/13 21:39:48 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/02/13 21:39:48 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2011/02/13 21:39:48 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2011/02/13 21:39:48 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2011/02/13 21:39:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/02/13 21:39:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2011/02/13 21:39:47 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2011/02/13 21:39:47 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011/02/13 21:39:47 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2011/02/13 21:39:47 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011/02/13 21:39:47 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2011/02/13 21:39:47 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2011/02/13 21:39:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/02/13 21:39:46 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2011/02/13 21:39:46 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2011/02/13 21:39:46 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2011/02/13 21:39:46 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2011/02/13 21:39:46 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2011/02/13 21:39:45 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2011/02/13 21:39:45 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2011/02/13 21:39:45 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2011/02/13 21:39:45 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2011/02/13 21:39:45 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2011/02/13 21:39:45 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2011/02/13 21:39:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2011/02/13 21:39:44 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2011/02/13 21:39:44 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2011/02/13 21:39:44 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2011/02/13 21:39:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2011/02/13 21:39:44 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2011/02/13 21:39:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/02/13 21:39:44 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/02/13 21:39:44 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2011/02/13 21:39:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2011/02/13 21:39:43 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2011/02/13 21:39:42 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/02/13 21:39:42 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2011/02/13 21:39:42 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2011/02/13 21:39:42 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2011/02/13 21:39:42 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2011/02/13 21:39:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2011/02/13 21:39:42 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011/02/13 21:39:42 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2011/02/13 21:39:42 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2011/02/13 21:39:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2011/02/13 21:39:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2011/02/13 21:39:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2011/02/13 21:39:41 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2011/02/13 21:39:41 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2011/02/13 21:39:41 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsquirt.exe
[2011/02/13 21:39:41 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2011/02/13 21:39:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011/02/13 21:39:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2011/02/13 21:39:40 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2011/02/13 21:39:40 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2011/02/13 21:39:40 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2011/02/13 21:39:40 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2011/02/13 21:39:40 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/02/13 21:39:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2011/02/13 21:39:40 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2011/02/13 21:39:40 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2011/02/13 21:39:40 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2011/02/13 21:39:40 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/02/13 21:39:40 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011/02/13 21:39:39 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2011/02/13 21:39:39 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2011/02/13 21:39:38 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011/02/13 21:39:38 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2011/02/13 21:39:38 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2011/02/13 21:39:38 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2011/02/13 21:39:38 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2011/02/13 21:39:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2011/02/13 21:39:37 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2011/02/13 21:39:36 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2011/02/13 21:39:36 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2011/02/13 21:39:36 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2011/02/13 21:39:35 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/02/13 21:39:35 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2011/02/13 21:39:35 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2011/02/13 21:39:35 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2011/02/13 21:39:35 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2011/02/13 21:39:35 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2011/02/13 21:39:35 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2011/02/13 21:39:35 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2011/02/13 21:39:34 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2011/02/13 21:39:34 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2011/02/13 21:39:34 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2011/02/13 21:39:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2011/02/13 21:39:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011/02/13 21:39:34 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2011/02/13 21:39:34 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2011/02/13 21:39:34 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2011/02/13 21:39:34 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/02/13 21:39:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2011/02/13 21:39:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2011/02/13 21:39:33 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2011/02/13 21:39:33 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/02/13 21:39:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/02/13 21:39:32 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/02/13 21:39:32 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011/02/13 21:39:32 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2011/02/13 21:39:32 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2011/02/13 21:39:32 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011/02/13 21:39:32 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011/02/13 21:39:32 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2011/02/13 21:39:32 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2011/02/13 21:39:32 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2011/02/13 21:39:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2011/02/13 21:39:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2011/02/13 21:39:32 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2011/02/13 21:39:31 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/02/13 21:39:31 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2011/02/13 21:39:31 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2011/02/13 21:39:31 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011/02/13 21:39:31 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2011/02/13 21:39:31 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2011/02/13 21:39:31 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2011/02/13 21:39:31 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2011/02/13 21:39:31 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2011/02/13 21:39:31 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/02/13 21:39:29 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/02/13 21:39:29 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2011/02/13 21:39:29 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2011/02/13 21:39:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2011/02/13 21:39:29 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2011/02/13 21:39:29 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2011/02/13 21:39:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2011/02/13 21:39:28 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2011/02/13 21:39:28 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2011/02/13 21:39:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2011/02/13 21:39:28 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/02/13 21:39:28 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/02/13 21:39:27 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2011/02/13 21:39:27 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2011/02/13 21:39:27 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2011/02/13 21:39:27 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/02/13 21:39:26 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2011/02/13 21:39:26 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011/02/13 21:39:26 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2011/02/13 21:39:25 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011/02/13 21:39:25 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2011/02/13 21:39:25 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2011/02/13 21:39:25 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2011/02/13 21:39:24 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2011/02/13 21:39:24 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2011/02/13 21:39:24 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2011/02/13 21:39:24 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2011/02/13 21:39:24 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2011/02/13 21:39:24 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2011/02/13 21:39:24 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2011/02/13 21:39:24 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/02/13 21:39:24 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2011/02/13 21:39:24 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/02/13 21:39:24 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/02/13 21:39:24 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2011/02/13 21:39:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/02/13 21:39:23 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2011/02/13 21:39:23 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011/02/13 21:39:23 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2011/02/13 21:39:23 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2011/02/13 21:39:23 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2011/02/13 21:39:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2011/02/13 21:39:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2011/02/13 21:39:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2011/02/13 21:39:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2011/02/13 21:39:22 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2011/02/13 21:39:22 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2011/02/13 21:39:22 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2011/02/13 21:39:22 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2011/02/13 21:39:22 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/02/13 21:39:22 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/02/13 21:39:21 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/02/13 21:39:21 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2011/02/13 21:39:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/02/13 21:39:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/02/13 21:39:20 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/02/13 21:39:20 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/02/13 21:39:20 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2011/02/13 21:39:20 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2011/02/13 21:39:20 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/02/13 21:39:20 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2011/02/13 21:39:20 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2011/02/13 21:39:20 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/02/13 21:39:20 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/02/13 21:39:20 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2011/02/13 21:39:20 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/02/13 21:39:20 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/02/13 21:39:20 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2011/02/13 21:39:19 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2011/02/13 21:39:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2011/02/13 21:39:18 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2011/02/13 21:39:18 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2011/02/13 21:39:18 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2011/02/13 21:39:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2011/02/13 21:39:17 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/02/13 21:39:17 | 000,398,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/02/13 21:39:17 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2011/02/13 21:39:17 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2011/02/13 21:39:17 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2011/02/13 21:39:17 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/02/13 21:39:17 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2011/02/13 21:39:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2011/02/13 21:39:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2011/02/13 21:39:17 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/02/13 21:39:16 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2011/02/13 21:39:16 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2011/02/13 21:39:16 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/02/13 21:39:15 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011/02/13 21:39:15 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2011/02/13 21:39:15 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2011/02/13 21:39:13 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/02/13 21:39:13 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/02/13 21:39:13 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/02/13 21:39:12 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2011/02/13 21:39:12 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2011/02/13 21:39:12 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2011/02/13 21:39:12 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2011/02/13 21:39:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/02/13 21:39:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2011/02/13 21:39:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011/02/13 21:39:11 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/02/13 21:39:11 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2011/02/13 21:39:10 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2011/02/13 21:39:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2011/02/13 21:39:10 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2011/02/13 21:39:10 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011/02/13 21:39:10 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2011/02/13 21:39:09 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011/02/13 21:39:09 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2011/02/13 21:39:09 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2011/02/13 21:39:09 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/02/13 21:39:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011/02/13 21:39:08 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2011/02/13 21:39:08 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2011/02/13 21:39:07 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2011/02/13 21:39:07 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2011/02/13 21:39:07 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2011/02/13 21:39:07 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2011/02/13 21:39:07 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/02/13 21:39:07 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2011/02/13 21:39:06 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2011/02/13 21:39:06 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011/02/13 21:39:06 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2011/02/13 21:39:06 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2011/02/13 21:39:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2011/02/13 21:39:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2011/02/13 21:39:05 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2011/02/13 21:39:05 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2011/02/13 21:39:05 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011/02/13 21:39:05 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2011/02/13 21:39:05 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2011/02/13 21:39:04 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/02/13 21:39:03 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2011/02/13 21:39:03 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2011/02/13 21:39:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2011/02/13 21:39:02 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2011/02/13 21:39:02 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2011/02/13 21:39:02 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2011/02/13 21:39:01 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2011/02/13 21:39:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011/02/13 21:39:01 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2011/02/13 21:39:00 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2011/02/13 21:39:00 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2011/02/13 21:39:00 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2011/02/13 21:39:00 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2011/02/13 21:39:00 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2011/02/13 21:39:00 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2011/02/13 21:39:00 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2011/02/13 21:39:00 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2011/02/13 21:39:00 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2011/02/13 21:39:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2011/02/13 21:38:59 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011/02/13 21:38:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011/02/13 21:38:59 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/02/13 21:38:59 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2011/02/13 21:38:59 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/02/13 21:38:58 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2011/02/13 21:38:58 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011/02/13 21:38:58 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2011/02/13 21:38:58 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2011/02/13 21:38:58 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2011/02/13 21:38:58 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2011/02/13 21:38:57 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011/02/13 21:38:57 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011/02/13 21:38:57 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/02/13 21:38:57 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011/02/13 21:38:56 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/02/13 21:38:55 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2011/02/13 21:38:55 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/02/13 21:38:55 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011/02/13 21:38:54 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2011/02/13 21:38:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2011/02/13 21:38:54 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2011/02/13 21:38:53 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2011/02/13 21:38:53 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011/02/13 21:38:53 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/02/13 21:38:43 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2011/02/13 21:38:42 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2011/02/13 21:38:38 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2011/02/13 21:38:38 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2011/02/13 21:38:38 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2011/02/13 21:38:38 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2011/02/13 21:38:37 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2011/02/13 21:38:34 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2011/02/13 21:38:34 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2011/02/13 21:38:34 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2011/02/13 21:38:30 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2011/02/13 21:38:30 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2011/02/13 21:38:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011/02/13 21:38:29 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2011/02/13 21:38:29 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2011/02/13 21:38:28 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2011/02/13 21:38:28 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2011/02/13 21:38:28 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2011/02/13 21:38:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2011/02/13 21:38:19 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2011/02/13 21:38:17 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2011/02/13 21:38:17 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2011/02/13 21:38:15 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2011/02/13 21:38:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2011/02/13 21:38:09 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2011/02/13 21:38:08 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2011/02/13 21:38:08 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011/02/13 21:38:08 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2011/02/13 21:38:08 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2011/02/13 21:38:08 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2011/02/13 21:38:07 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2011/02/13 21:38:06 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2011/02/13 21:38:06 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2011/02/13 21:38:06 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2011/02/13 21:38:06 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2011/02/13 21:38:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2011/02/13 21:38:05 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2011/02/13 21:38:05 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2011/02/13 21:38:05 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2011/02/13 21:38:02 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/02/13 21:38:02 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2011/02/13 21:38:01 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/02/13 21:38:01 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2011/02/13 21:38:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2011/02/13 21:38:00 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2011/02/13 21:36:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/02/13 21:35:05 | 365,230,920 | ---- | C] (Microsoft Corporation) -- C:\Users\Carl\Desktop\Windows6.0-KB948465-X86.exe
[2011/02/13 12:11:54 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Avira
[2011/02/13 11:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/02/13 11:58:28 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/02/13 11:58:28 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/02/13 11:58:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/02/13 11:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/02/13 11:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/02/13 09:42:02 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/02/13 09:42:02 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/02/13 09:42:02 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/02/12 17:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/02/09 16:10:27 | 000,000,000 | ---D | C] -- C:\Users\Carl\Desktop\HijackThis
[2011/02/09 16:10:19 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxres.dll
[2011/02/09 12:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
[2011/02/09 12:00:26 | 001,129,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fm20.dll
[2011/02/09 12:00:26 | 000,147,456 | ---- | C] (Info-ZIP) -- C:\Windows\System32\vbzip10.dll
[2011/02/09 12:00:26 | 000,026,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fm20enu.dll
[2011/02/09 10:15:50 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/02/09 10:15:50 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/02/09 09:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/02/09 09:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/02/09 09:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2011/02/09 09:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2011/02/09 01:20:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011/02/09 00:56:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/02/09 00:56:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011/02/09 00:48:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/09 00:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2011/02/08 23:45:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/02/08 23:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/02/08 23:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/02/08 22:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\AA Antimalware
[2011/02/08 21:35:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/02/08 21:35:24 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/02/08 21:31:56 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Sunbelt Software
[2011/02/08 21:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/02/08 20:49:00 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Malwarebytes
[2011/02/08 20:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/08 19:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/02/08 19:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/02/08 10:13:51 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/02/08 10:13:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011/02/08 10:13:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011/02/08 10:13:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011/02/08 10:13:44 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/02/08 10:13:22 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/02/08 10:13:14 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/02/08 10:13:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/02/08 10:13:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/02/08 10:13:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/02/08 10:13:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/02/08 10:13:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/02/08 10:13:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/02/08 10:13:12 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/02/08 10:12:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/02/08 10:12:53 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/02/08 10:12:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2011/02/08 10:12:52 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/02/08 10:12:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2011/02/08 10:12:48 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/02/08 10:12:36 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/02/08 10:12:36 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/02/08 10:12:35 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/02/08 10:12:35 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2011/02/08 10:12:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2011/02/08 10:12:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2011/02/08 10:12:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/02/08 10:12:31 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/02/08 10:12:24 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/02/08 10:12:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2011/02/08 10:12:19 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2011/02/08 10:12:13 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/02/08 10:12:07 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011/02/08 10:12:04 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011/02/08 10:12:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/02/08 10:12:03 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/02/08 10:12:00 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/02/08 10:11:49 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011/02/08 10:11:48 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/02/08 10:11:47 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/02/08 10:11:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/02/08 10:11:41 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/02/08 10:11:38 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/02/08 10:11:38 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/02/08 10:11:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2011/02/08 10:11:22 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/02/08 10:11:14 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2011/02/08 10:11:14 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/02/08 10:11:13 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/02/08 10:11:10 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/02/08 10:11:09 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/02/08 10:11:09 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/02/08 10:11:02 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/02/08 10:11:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/02/08 10:11:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/02/08 10:10:53 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/02/08 10:10:49 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/02/08 10:10:49 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/02/08 10:10:48 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/02/08 10:10:47 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/02/08 10:10:47 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/02/08 10:10:47 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/02/08 10:10:46 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/02/08 10:10:46 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/02/08 10:10:45 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/02/08 10:10:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/02/08 10:10:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011/02/08 10:10:21 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011/02/08 10:10:20 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/02/08 10:10:19 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/02/08 10:10:15 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/02/08 10:10:15 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/02/08 10:10:14 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/02/08 10:10:14 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/02/08 10:10:13 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/02/08 10:10:13 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/02/08 10:10:13 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/02/08 10:09:50 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011/02/08 10:09:49 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/02/08 10:09:43 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/02/08 10:09:42 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011/02/08 10:09:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011/02/08 10:09:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/02/08 10:09:41 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/02/08 10:09:33 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/02/08 10:07:56 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\IsolatedStorage
[2011/02/08 10:07:55 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\FreeFileOpener
[2011/02/08 10:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free File Opener
[2011/02/08 10:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Free File Opener
[2011/02/07 22:43:44 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/02/07 22:43:30 | 000,000,000 | -HSD | C] -- C:\Boot
[2011/02/07 22:43:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2011/02/07 19:58:13 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Dell
[2011/02/07 19:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Wireless
[2011/02/07 19:47:19 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm

Re: Catalogue of disaster

Unread postby Birdie158 » February 13th, 2011, 6:27 pm

[2011/02/07 19:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/02/07 19:14:24 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/02/07 19:14:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/02/07 19:14:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/02/07 19:14:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/02/07 19:07:32 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/02/07 19:00:21 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/02/07 18:51:41 | 000,000,000 | ---D | C] -- C:\Users\Carl\Documents\Bluetooth Exchange Folder
[2011/02/07 18:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/02/07 17:54:51 | 000,000,000 | R--D | C] -- C:\Users\Carl\Contacts
[2011/02/07 17:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2011/02/07 17:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Broadband Desktop Help
[2011/02/07 17:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2011/02/07 17:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2011/02/07 16:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BTHomeHub
[2011/02/07 16:57:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/02/07 16:15:59 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011/02/07 16:15:59 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011/02/07 16:15:52 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011/02/07 16:15:52 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011/02/07 16:15:52 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011/02/07 16:15:48 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011/02/07 16:15:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/02/07 15:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/02/07 15:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2011/02/07 15:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/02/07 15:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE
[2011/02/07 15:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/02/07 15:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2011/02/07 15:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2011/02/07 15:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2011/02/07 15:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/02/07 15:51:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2011/02/07 15:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2011/02/07 15:50:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2011/02/07 15:50:27 | 005,627,904 | ---- | C] (Reallusion Inc.) -- C:\Windows\System32\LiveCamVirtual.ocx
[2011/02/07 15:49:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.DLL
[2011/02/07 15:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Creative Live! Cam
[2011/02/07 15:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2011/02/07 15:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/02/07 15:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2011/02/07 15:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/02/07 15:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/02/07 15:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/02/07 15:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem Diagnostic Tool
[2011/02/07 15:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Modem Diagnostic Tool
[2011/02/07 15:38:38 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\SupportSoft
[2011/02/07 15:38:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2011/02/07 15:38:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/02/07 15:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2011/02/07 15:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2011/02/07 15:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2011/02/07 15:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2011/02/07 15:34:46 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\System32\cximage.dll
[2011/02/07 15:34:46 | 000,393,216 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.dll
[2011/02/07 15:34:46 | 000,335,872 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.crl
[2011/02/07 15:34:46 | 000,235,648 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Dev.sys
[2011/02/07 15:34:46 | 000,141,376 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Afx.sys
[2011/02/07 15:34:46 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe
[2011/02/07 15:34:46 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.dll
[2011/02/07 15:34:46 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
[2011/02/07 15:34:46 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CtCamMgr.dll
[2011/02/07 15:34:46 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Hwx.dll
[2011/02/07 15:34:46 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Cfg.exe
[2011/02/07 15:34:46 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Srv.exe
[2011/02/07 15:34:46 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.crl
[2011/02/07 15:34:46 | 000,007,424 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys
[2011/02/07 15:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2011/02/07 15:33:46 | 000,172,032 | ---- | C] (Conexant Systems, Inc) -- C:\Windows\System32\Uci32114.dll
[2011/02/07 15:33:46 | 000,094,208 | ---- | C] (Conexant) -- C:\Windows\System32\mdmxsdk.dll
[2011/02/07 15:33:46 | 000,008,192 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys
[2011/02/07 15:33:45 | 000,986,624 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys
[2011/02/07 15:33:45 | 000,659,968 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys
[2011/02/07 15:33:45 | 000,206,848 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys
[2011/02/07 15:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell
[2011/02/07 15:32:16 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\TMP
[2011/02/07 15:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2011/02/07 15:28:04 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01005.dll
[2011/02/07 15:28:04 | 000,164,400 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys
[2011/02/07 15:28:04 | 000,100,542 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\Vxdif.dll
[2011/02/07 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Carl\Bluetooth Software
[2011/02/07 15:25:08 | 000,080,176 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys
[2011/02/07 15:25:08 | 000,078,128 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys
[2011/02/07 15:25:08 | 000,016,560 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys
[2011/02/07 15:25:05 | 000,229,376 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupport.dll
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-MX
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-AR
[2011/02/07 15:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2011/02/07 15:22:06 | 005,967,872 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMWLCPL.CPL
[2011/02/07 15:22:06 | 003,895,296 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmttls.dll
[2011/02/07 15:22:06 | 003,579,904 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvsrv.dll
[2011/02/07 15:22:06 | 003,244,032 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvui.dll
[2011/02/07 15:22:06 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vcredist_x86.exe
[2011/02/07 15:22:06 | 001,044,984 | ---- | C] (Broadcom Corp.) -- C:\Windows\System32\drivers\BCMWL6.SYS
[2011/02/07 15:22:06 | 000,987,136 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMLogon.dll
[2011/02/07 15:22:06 | 000,278,528 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmwlu00.exe
[2011/02/07 15:22:06 | 000,087,328 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\bcmwlcoi.dll
[2011/02/07 15:22:06 | 000,065,536 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\wltrynt.dll
[2011/02/07 15:21:59 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\InstallShield
[2011/02/07 15:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell QuickSet
[2011/02/07 15:15:14 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe
[2011/02/07 15:15:06 | 000,111,616 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\drivers\IntcHdmi.sys
[2011/02/07 15:15:05 | 003,293,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2011/02/07 15:15:05 | 002,580,480 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2011/02/07 15:15:05 | 002,016,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys
[2011/02/07 15:15:05 | 000,530,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2011/02/07 15:15:05 | 000,241,664 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
[2011/02/07 15:15:05 | 000,204,800 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2011/02/07 15:15:05 | 000,200,704 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdev.dll
[2011/02/07 15:15:05 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc
[2011/02/07 15:15:05 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2011/02/07 15:15:05 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc
[2011/02/07 15:15:05 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2011/02/07 15:15:05 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc
[2011/02/07 15:15:05 | 000,184,320 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2011/02/07 15:15:05 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc
[2011/02/07 15:15:05 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc
[2011/02/07 15:15:05 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2011/02/07 15:15:05 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
[2011/02/07 15:15:05 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc
[2011/02/07 15:15:05 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc
[2011/02/07 15:15:05 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc
[2011/02/07 15:15:05 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc
[2011/02/07 15:15:05 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
[2011/02/07 15:15:05 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc
[2011/02/07 15:15:05 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc
[2011/02/07 15:15:05 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc
[2011/02/07 15:15:05 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2011/02/07 15:15:05 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc
[2011/02/07 15:15:05 | 000,170,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxzoom.exe
[2011/02/07 15:15:05 | 000,170,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
[2011/02/07 15:15:05 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc
[2011/02/07 15:15:05 | 000,159,744 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc
[2011/02/07 15:15:05 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc
[2011/02/07 15:15:05 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2011/02/07 15:15:05 | 000,131,072 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2011/02/07 15:15:05 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2011/02/07 15:15:05 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2011/02/07 15:15:05 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2011/02/07 15:15:05 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2011/02/07 15:15:05 | 000,069,632 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll
[2011/02/07 15:15:05 | 000,048,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2011/02/07 15:15:05 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2011/02/07 15:15:04 | 002,416,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2011/02/07 15:15:04 | 001,658,880 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll
[2011/02/07 15:15:04 | 000,102,400 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2011/02/07 15:11:51 | 004,947,968 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacgui.cpl
[2011/02/07 15:11:51 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stlang.dll
[2011/02/07 15:11:51 | 000,647,168 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2011/02/07 15:11:51 | 000,131,072 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2011/02/07 15:11:51 | 000,102,400 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
[2011/02/07 15:11:51 | 000,073,728 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
[2011/02/07 15:11:51 | 000,053,248 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2011/02/07 15:11:27 | 000,146,944 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll
[2011/02/07 15:11:26 | 000,595,456 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2011/02/07 15:11:26 | 000,492,544 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctapo32.dll
[2011/02/07 15:11:26 | 000,330,240 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2011/02/07 15:11:26 | 000,328,704 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2011/02/07 15:11:26 | 000,299,520 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2011/02/07 15:11:26 | 000,045,568 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\ctppld.dll
[2011/02/07 15:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2011/02/07 15:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
[2011/02/07 15:08:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2011/02/07 15:08:23 | 000,936,472 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\imsmudlg.exe
[2011/02/07 15:08:23 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2011/02/07 15:08:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2011/02/07 15:08:09 | 000,277,784 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys
[2011/02/07 15:04:40 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2011/02/07 15:04:40 | 000,042,496 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2011/02/07 15:04:40 | 000,039,936 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2011/02/07 15:04:40 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2011/02/07 15:04:40 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/02/07 15:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/02/07 15:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011/02/07 15:00:48 | 000,000,000 | ---D | C] -- C:\Intel
[2011/02/07 14:59:29 | 000,000,000 | ---D | C] -- C:\dell
[2011/02/07 14:57:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2011/02/07 14:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2011/02/07 14:57:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\Searches
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/02/07 14:53:51 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Identities
[2011/02/07 14:53:49 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\VirtualStore
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\Temporary Internet Files
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Templates
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Start Menu
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\SendTo
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Recent
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\PrintHood
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\NetHood
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\My Documents
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Local Settings
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\History
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Cookies
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Application Data
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\Application Data
[2011/02/07 14:53:45 | 000,000,000 | --SD | C] -- C:\Users\Carl\AppData\Roaming\Microsoft
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Videos
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Saved Games
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Music
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Links
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Favorites
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Downloads
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Desktop
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/02/07 14:53:45 | 000,000,000 | -H-D | C] -- C:\Users\Carl\AppData
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Temp
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Microsoft
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Media Center Programs
[2011/02/07 14:51:22 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2011/02/07 14:47:29 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/02/07 14:44:19 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/02/07 14:44:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/01/19 13:38:18 | 000,000,000 | ---D | C] -- C:\Users\Carl\Desktop\HiFi

========== Files - Modified Within 30 Days ==========

[2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
[2011/02/13 22:08:57 | 001,045,052 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/02/13 22:08:57 | 000,325,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/02/13 22:04:14 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/02/13 22:04:10 | 000,000,943 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/13 22:04:05 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/13 22:03:44 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/13 22:03:44 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/13 22:01:27 | 000,280,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/02/13 22:01:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/13 22:00:55 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/13 21:59:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/02/13 21:36:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/13 11:58:34 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/02/13 10:05:33 | 343,267,838 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/02/13 10:01:42 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/02/13 09:42:22 | 001,656,302 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/02/12 21:36:57 | 000,000,217 | ---- | M] () -- C:\Users\Carl\Desktop\Google.url
[2011/02/12 18:08:38 | 000,000,280 | ---- | M] () -- C:\Users\Carl\Desktop\TV Guide.url
[2011/02/12 10:10:40 | 000,000,378 | ---- | M] () -- C:\Users\Carl\AppData\Roaming\wklnhst.dat
[2011/02/10 19:28:20 | 000,002,473 | ---- | M] () -- C:\Users\Carl\Desktop\Microsoft Works Word Processor.lnk
[2011/02/10 12:35:07 | 000,000,020 | ---- | M] () -- C:\Windows\System32\SYSTEM
[2011/02/09 09:56:13 | 000,000,212 | ---- | M] () -- C:\Users\Carl\Desktop\Google Pack.url
[2011/02/09 09:10:57 | 000,014,744 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/02/08 21:35:23 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/02/08 10:06:41 | 000,000,914 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/02/08 10:06:41 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Free File Opener.lnk
[2011/02/07 22:43:31 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/02/07 22:05:27 | 000,002,453 | ---- | M] () -- C:\Users\Carl\Desktop\Microsoft Works Spreadsheet.lnk
[2011/02/07 20:49:56 | 000,000,545 | ---- | M] () -- C:\Users\Carl\Desktop\My Documents.lnk
[2011/02/07 20:38:48 | 000,000,283 | ---- | M] () -- C:\Users\Carl\Desktop\Coalville, United Kingdom 7 Day Weather Forecast - WeatherBug.com.url
[2011/02/07 19:52:18 | 000,022,729 | ---- | M] () -- C:\newkey
[2011/02/07 19:52:18 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2011/02/07 19:14:15 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/02/07 19:14:14 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/02/07 19:14:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/02/07 19:14:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/02/07 18:55:16 | 000,000,159 | ---- | M] () -- C:\Users\Carl\Desktop\PC Advisor.url
[2011/02/07 18:46:47 | 000,000,648 | ---- | M] () -- C:\Users\Carl\Desktop\Convert.lnk
[2011/02/07 18:41:15 | 000,000,737 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\convert - Shortcut.lnk
[2011/02/07 18:27:12 | 000,000,104 | ---- | M] () -- C:\Users\Carl\Desktop\E-mail.lnk
[2011/02/07 15:56:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/02/07 15:51:23 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2011/02/07 15:28:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2011/02/07 15:24:53 | 000,000,743 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/02/07 15:22:16 | 000,744,318 | ---- | M] () -- C:\Windows\System32\oem12.inf
[2011/02/07 15:21:10 | 000,001,927 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2011/02/07 15:17:57 | 000,016,052 | ---- | M] () -- C:\Windows\System32\results.xml
[2011/02/07 15:13:38 | 000,000,680 | ---- | M] () -- C:\Users\Carl\AppData\Local\d3d9caps.dat
[2011/02/07 14:48:56 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/01/24 19:24:07 | 000,035,902 | ---- | M] () -- C:\Users\Carl\AppData\Roaming\wklnhst (2).dat

========== Files Created - No Company Name ==========

[2011/02/13 21:40:05 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/02/13 21:40:02 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/02/13 21:40:02 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/02/13 21:39:49 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/02/13 21:39:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/02/13 21:39:46 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/02/13 21:39:06 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/02/13 21:38:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/02/13 21:38:30 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/02/13 21:38:19 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2011/02/13 21:38:05 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/02/13 11:58:34 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/02/13 11:41:03 | 3210,784,768 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/13 10:04:43 | 343,267,838 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/02/10 12:35:07 | 000,000,020 | ---- | C] () -- C:\Windows\System32\SYSTEM
[2011/02/09 10:00:37 | 001,656,302 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011/02/09 09:56:12 | 000,000,212 | ---- | C] () -- C:\Users\Carl\Desktop\Google Pack.url
[2011/02/09 09:56:11 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/02/09 09:54:14 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2011/02/09 07:59:18 | 000,014,744 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/02/09 01:39:00 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/02/09 01:38:57 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/02/08 10:12:53 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/02/08 10:06:41 | 000,000,914 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/02/08 10:06:41 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Free File Opener.lnk
[2011/02/07 22:43:31 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2011/02/07 22:43:30 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2011/02/07 22:43:12 | 000,000,024 | RH-- | C] () -- C:\Windows\dell_version
[2011/02/07 20:50:01 | 000,000,545 | ---- | C] () -- C:\Users\Carl\Desktop\My Documents.lnk
[2011/02/07 20:38:48 | 000,000,283 | ---- | C] () -- C:\Users\Carl\Desktop\Coalville, United Kingdom 7 Day Weather Forecast - WeatherBug.com.url
[2011/02/07 19:04:13 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/02/07 18:55:16 | 000,000,159 | ---- | C] () -- C:\Users\Carl\Desktop\PC Advisor.url
[2011/02/07 18:46:47 | 000,000,648 | ---- | C] () -- C:\Users\Carl\Desktop\Convert.lnk
[2011/02/07 18:41:15 | 000,000,737 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\convert - Shortcut.lnk
[2011/02/07 18:31:59 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/07 18:31:58 | 000,000,876 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/07 18:30:18 | 000,002,473 | ---- | C] () -- C:\Users\Carl\Desktop\Microsoft Works Word Processor.lnk
[2011/02/07 18:29:17 | 000,002,453 | ---- | C] () -- C:\Users\Carl\Desktop\Microsoft Works Spreadsheet.lnk
[2011/02/07 18:27:12 | 000,000,104 | ---- | C] () -- C:\Users\Carl\Desktop\E-mail.lnk
[2011/02/07 16:19:23 | 000,000,378 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\wklnhst.dat
[2011/02/07 15:56:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/02/07 15:51:23 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2011/02/07 15:47:29 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/02/07 15:47:02 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2011/02/07 15:34:46 | 000,260,330 | ---- | C] () -- C:\Windows\System32\OEM02Cvw.bff
[2011/02/07 15:34:46 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02Pvc.bmp
[2011/02/07 15:34:46 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02PC.bmp
[2011/02/07 15:34:46 | 000,004,510 | ---- | C] () -- C:\Windows\OEM002.uns
[2011/02/07 15:33:45 | 000,144,360 | ---- | C] () -- C:\Windows\System32\drivers\del1028.cty
[2011/02/07 15:28:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2011/02/07 15:24:53 | 000,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/02/07 15:22:25 | 000,744,318 | ---- | C] () -- C:\Windows\System32\oem12.inf
[2011/02/07 15:22:06 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2011/02/07 15:22:06 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2011/02/07 15:22:06 | 000,001,591 | ---- | C] () -- C:\Windows\System32\Uninst_EAPModules.bat
[2011/02/07 15:22:06 | 000,000,416 | ---- | C] () -- C:\Windows\System32\vcredist_x86.bat
[2011/02/07 15:22:00 | 000,022,729 | ---- | C] () -- C:\newkey
[2011/02/07 15:22:00 | 000,022,729 | ---- | C] () -- C:\newfile.enc
[2011/02/07 15:21:10 | 000,001,927 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2011/02/07 15:17:57 | 000,016,052 | ---- | C] () -- C:\Windows\System32\results.xml
[2011/02/07 15:15:06 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2011/02/07 15:15:05 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2011/02/07 15:15:05 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2011/02/07 15:15:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2011/02/07 15:15:05 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2011/02/07 15:15:05 | 000,027,152 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2011/02/07 15:15:05 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2011/02/07 15:15:05 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2011/02/07 15:07:20 | 000,000,943 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/07 15:04:40 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2011/02/07 14:54:00 | 000,000,949 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/02/07 14:53:59 | 000,000,944 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/02/07 14:53:50 | 000,000,915 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/02/07 14:53:47 | 000,000,680 | ---- | C] () -- C:\Users\Carl\AppData\Local\d3d9caps.dat
[2011/02/07 14:53:45 | 000,000,258 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/02/07 14:53:45 | 000,000,240 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/02/07 14:48:27 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/12/01 16:27:05 | 000,035,902 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\wklnhst (2).dat
[2009/12/01 13:53:47 | 000,066,368 | ---- | C] () -- C:\Users\Carl\AppData\Local\GDIPFONTCACHEV1 (2).DAT
[2009/12/01 13:53:29 | 000,006,648 | ---- | C] () -- C:\Users\Carl\AppData\Local\d3d9caps (2).dat
[2006/11/03 17:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm

Re: Catalogue of disaster

Unread postby askey127 » February 17th, 2011, 7:53 am

Birdie,
That was a very large set of logs - probably due to the Service Pack.
Looks quite good. Sorry it took so long.
----------------------------------------------
Perform a Custom Scan or Fix with OTL
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
    
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{78604AE9-4241-40B9-864A-7765CB389240}" =-
    "{D6B02CD8-45B3-444D-B1CD-C71F136FAE61}" =-
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Catalogue of disaster

Unread postby Birdie158 » February 19th, 2011, 3:49 pm

Thanks again.
No problem over time - just walk away and leave.......
I will go through the suggested sequence when I have a chance in the next day or so - busy currently - posted this mostly to keep the thread running.
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm

Re: Catalogue of disaster

Unread postby askey127 » February 19th, 2011, 6:01 pm

Just post the OTL log when you get it done.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Catalogue of disaster

Unread postby Birdie158 » February 22nd, 2011, 3:23 pm

OTL logfile created on: 22/02/2011 19:21:19 - Run 3
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Carl\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 120.01 Gb Total Space | 84.17 Gb Free Space | 70.14% Space Free | Partition Type: NTFS
Drive D: | 109.83 Gb Total Space | 107.56 Gb Free Space | 97.93% Space Free | Partition Type: NTFS

Computer Name: CARL-PC | User Name: Carl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
PRC - [2011/02/07 18:32:05 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2011/02/07 18:31:49 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/24 09:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/08/24 09:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/14 16:56:46 | 001,584,640 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
PRC - [2009/04/10 23:28:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/02/22 17:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/10/25 13:31:20 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/13 15:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/07/24 18:02:42 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/06/06 16:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 14:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2006/11/03 17:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 17:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/09/08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe


========== Modules (SafeList) ==========

MOD - [2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
MOD - [2010/08/31 15:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2011/02/07 16:59:50 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2011/01/20 13:44:03 | 000,797,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/08/24 09:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV - [2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/11/18 00:36:02 | 000,021,744 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc.pkms -- (PCDSRVC{E9D79540-57D5953E-06020101}_0)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/07 11:50:48 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/12/07 11:50:46 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/01/21 02:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 02:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 02:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 02:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 02:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 02:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 02:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 02:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 02:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 02:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 02:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 02:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 02:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 02:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 02:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 02:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 02:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 02:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 02:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 02:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 02:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 02:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/12/26 20:02:52 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/12/06 21:52:42 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/10/11 01:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/17 10:22:00 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 23:21:32 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2007/04/25 12:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/06 17:37:16 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2006/11/06 15:13:52 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/11/06 15:13:50 | 000,080,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2006/11/02 18:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 18:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/02 18:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 09:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 09:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 09:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 09:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 09:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 09:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 09:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 09:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 09:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 09:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 08:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 08:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 08:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 08:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 08:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 08:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 07:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2


[2011/02/07 16:04:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carl\AppData\Roaming\Mozilla\Extensions
[2010/08/21 09:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carl\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/02/22 09:50:39 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [dellsupportcenter] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Carl\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Carl\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4aa6be4e-3e64-11e0-9757-001fe1de2b87}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/02/22 19:03:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/02/22 09:49:23 | 000,000,000 | ---D | C] -- C:\Users\Carl\Documents\TomTom
[2011/02/22 09:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom
[2011/02/22 09:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2011/02/19 10:40:56 | 000,000,000 | ---D | C] -- C:\Users\Carl\Documents\Dell Webcam Center
[2011/02/19 10:40:55 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Creative
[2011/02/15 09:31:19 | 000,000,000 | ---D | C] -- C:\Users\Carl\Documents\Bluetooth Exchange Folder
[2011/02/14 17:16:42 | 000,000,000 | R--D | C] -- C:\Users\Carl\Pictures
[2011/02/14 13:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/02/14 13:37:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/02/14 13:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/02/14 09:59:49 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/02/14 09:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2011/02/14 09:53:03 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\PCDr
[2011/02/13 22:10:44 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
[2011/02/13 21:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/02/13 21:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/02/13 21:57:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/02/13 21:54:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/02/13 21:36:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/02/13 12:11:54 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Avira
[2011/02/13 11:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/02/13 11:58:28 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/02/13 11:58:28 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/02/13 11:58:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/02/13 11:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/02/13 11:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/02/12 17:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/02/09 16:10:27 | 000,000,000 | ---D | C] -- C:\Users\Carl\Desktop\HijackThis
[2011/02/09 12:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
[2011/02/09 12:00:26 | 000,147,456 | ---- | C] (Info-ZIP) -- C:\Windows\System32\vbzip10.dll
[2011/02/09 09:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/02/09 09:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2011/02/09 09:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2011/02/09 00:48:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/09 00:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2011/02/08 23:45:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/02/08 23:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/02/08 23:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/02/08 22:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\AA Antimalware
[2011/02/08 21:35:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/02/08 21:35:24 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/02/08 21:31:56 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Sunbelt Software
[2011/02/08 21:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/02/08 20:49:00 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Malwarebytes
[2011/02/08 20:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/08 19:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/02/08 19:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/02/08 10:07:56 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\IsolatedStorage
[2011/02/08 10:07:55 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\FreeFileOpener
[2011/02/08 10:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free File Opener
[2011/02/08 10:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Free File Opener
[2011/02/07 22:43:44 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/02/07 22:43:30 | 000,000,000 | -HSD | C] -- C:\Boot
[2011/02/07 22:43:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2011/02/07 19:58:13 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Dell
[2011/02/07 19:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Wireless
[2011/02/07 19:47:19 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
[2011/02/07 19:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/02/07 18:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/02/07 17:54:51 | 000,000,000 | R--D | C] -- C:\Users\Carl\Contacts
[2011/02/07 17:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2011/02/07 17:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Broadband Desktop Help
[2011/02/07 17:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2011/02/07 17:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2011/02/07 16:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BTHomeHub
[2011/02/07 16:57:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/02/07 15:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/02/07 15:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2011/02/07 15:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/02/07 15:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE
[2011/02/07 15:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/02/07 15:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2011/02/07 15:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2011/02/07 15:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2011/02/07 15:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/02/07 15:51:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2011/02/07 15:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2011/02/07 15:50:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2011/02/07 15:50:27 | 005,627,904 | ---- | C] (Reallusion Inc.) -- C:\Windows\System32\LiveCamVirtual.ocx
[2011/02/07 15:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Creative Live! Cam
[2011/02/07 15:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2011/02/07 15:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/02/07 15:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2011/02/07 15:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/02/07 15:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/02/07 15:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/02/07 15:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem Diagnostic Tool
[2011/02/07 15:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Modem Diagnostic Tool
[2011/02/07 15:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2011/02/07 15:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2011/02/07 15:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2011/02/07 15:34:46 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\System32\cximage.dll
[2011/02/07 15:34:46 | 000,007,424 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys
[2011/02/07 15:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2011/02/07 15:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell
[2011/02/07 15:32:16 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\TMP
[2011/02/07 15:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2011/02/07 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Carl\Bluetooth Software
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-MX
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-AR
[2011/02/07 15:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2011/02/07 15:21:59 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\InstallShield
[2011/02/07 15:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell QuickSet
[2011/02/07 15:11:51 | 004,947,968 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacgui.cpl
[2011/02/07 15:11:51 | 000,102,400 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
[2011/02/07 15:11:27 | 000,146,944 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll
[2011/02/07 15:11:26 | 000,595,456 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2011/02/07 15:11:26 | 000,330,240 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2011/02/07 15:11:26 | 000,328,704 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2011/02/07 15:11:26 | 000,299,520 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2011/02/07 15:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2011/02/07 15:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
[2011/02/07 15:08:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2011/02/07 15:08:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2011/02/07 15:04:40 | 000,042,496 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2011/02/07 15:04:40 | 000,039,936 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2011/02/07 15:04:40 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2011/02/07 15:04:40 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/02/07 15:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/02/07 15:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011/02/07 15:00:48 | 000,000,000 | ---D | C] -- C:\Intel
[2011/02/07 14:59:29 | 000,000,000 | ---D | C] -- C:\dell
[2011/02/07 14:57:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2011/02/07 14:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2011/02/07 14:57:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\Searches
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/02/07 14:53:51 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Identities
[2011/02/07 14:53:49 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\VirtualStore
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\Temporary Internet Files
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Templates
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Start Menu
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\SendTo
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Recent
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\PrintHood
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\NetHood
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\My Documents
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Local Settings
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\History
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Cookies
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Application Data
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\Application Data
[2011/02/07 14:53:45 | 000,000,000 | --SD | C] -- C:\Users\Carl\AppData\Roaming\Microsoft
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Videos
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Saved Games
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Music
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Links
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Favorites
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Downloads
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Desktop
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/02/07 14:53:45 | 000,000,000 | -H-D | C] -- C:\Users\Carl\AppData
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Temp
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Microsoft
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Media Center Programs
[2011/02/07 14:51:22 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2011/02/07 14:47:29 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/02/07 14:44:19 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/02/07 14:44:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2011/02/22 19:19:07 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/02/22 19:16:56 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/22 19:16:48 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/22 19:16:48 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/22 19:16:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/22 19:16:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/02/22 19:14:25 | 001,748,820 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/02/22 19:14:25 | 000,689,272 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/02/22 18:52:18 | 000,002,728 | ---- | M] () -- C:\Users\Carl\AppData\Roaming\wklnhst.dat
[2011/02/22 18:36:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/22 09:27:40 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/02/21 13:01:51 | 000,002,453 | ---- | M] () -- C:\Users\Carl\Desktop\Microsoft Works Spreadsheet.lnk
[2011/02/19 21:27:05 | 000,000,274 | ---- | M] () -- C:\Users\Carl\Desktop\Please recommend a little known album - but one you really like and reckon deserves a bit more attention, you know, best music-album you've never heard sort of thing... - music Discussion Forum.url
[2011/02/19 10:46:20 | 000,000,000 | -H-- | M] () -- C:\Users\Carl\Documents\Default.rdp
[2011/02/18 21:12:43 | 000,000,207 | ---- | M] () -- C:\Users\Carl\Desktop\Fetchbook.url
[2011/02/18 15:20:59 | 000,000,198 | ---- | M] () -- C:\Users\Carl\Desktop\Real Deal Competition - ITV Lifestyle.url
[2011/02/17 12:29:14 | 000,000,212 | ---- | M] () -- C:\Users\Carl\Desktop\Google Pack.url
[2011/02/17 10:14:39 | 000,000,189 | ---- | M] () -- C:\Users\Carl\Desktop\AA Autoroute.url
[2011/02/17 09:53:44 | 000,000,943 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/16 14:53:32 | 000,002,473 | ---- | M] () -- C:\Users\Carl\Desktop\Microsoft Works Word Processor.lnk
[2011/02/15 09:56:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/02/14 17:16:25 | 000,000,938 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/02/14 17:16:16 | 000,003,584 | ---- | M] () -- C:\Users\Carl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/14 17:14:52 | 000,000,863 | ---- | M] () -- C:\Users\Carl\Desktop\My Documents.lnk
[2011/02/14 15:59:03 | 000,000,245 | ---- | M] () -- C:\Users\Carl\Desktop\Money Saving Expert Consumer Revenge - Credit Cards, Shopping, Bank Charges, Cheap Flights and more.url
[2011/02/14 13:39:39 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/02/14 10:09:56 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/02/14 10:09:50 | 000,280,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
[2011/02/13 11:58:34 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/02/13 10:01:42 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/02/13 09:42:22 | 001,656,302 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/02/12 21:36:57 | 000,000,217 | ---- | M] () -- C:\Users\Carl\Desktop\Google.url
[2011/02/12 18:08:38 | 000,000,280 | ---- | M] () -- C:\Users\Carl\Desktop\TV Guide.url
[2011/02/10 12:35:07 | 000,000,020 | ---- | M] () -- C:\Windows\System32\SYSTEM
[2011/02/09 09:10:57 | 000,014,744 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/02/08 21:35:23 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/02/08 10:06:41 | 000,000,914 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/02/08 10:06:41 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Free File Opener.lnk
[2011/02/07 22:43:31 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/02/07 20:38:48 | 000,000,283 | ---- | M] () -- C:\Users\Carl\Desktop\Coalville, United Kingdom 7 Day Weather Forecast - WeatherBug.com.url
[2011/02/07 19:52:18 | 000,022,729 | ---- | M] () -- C:\newkey
[2011/02/07 19:52:18 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2011/02/07 18:55:16 | 000,000,159 | ---- | M] () -- C:\Users\Carl\Desktop\PC Advisor.url
[2011/02/07 18:46:47 | 000,000,648 | ---- | M] () -- C:\Users\Carl\Desktop\Convert.lnk
[2011/02/07 18:41:15 | 000,000,737 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\convert - Shortcut.lnk
[2011/02/07 18:27:12 | 000,000,104 | ---- | M] () -- C:\Users\Carl\Desktop\E-mail.lnk
[2011/02/07 15:56:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/02/07 15:51:23 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2011/02/07 15:28:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2011/02/07 15:24:53 | 000,000,743 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/02/07 15:22:16 | 000,744,318 | ---- | M] () -- C:\Windows\System32\oem12.inf
[2011/02/07 15:21:10 | 000,001,927 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2011/02/07 15:17:57 | 000,016,052 | ---- | M] () -- C:\Windows\System32\results.xml
[2011/02/07 15:13:38 | 000,000,680 | ---- | M] () -- C:\Users\Carl\AppData\Local\d3d9caps.dat
[2011/02/07 14:48:56 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/01/24 19:24:07 | 000,035,902 | ---- | M] () -- C:\Users\Carl\AppData\Roaming\wklnhst (2).dat

========== Files Created - No Company Name ==========

[2011/02/19 21:27:05 | 000,000,274 | ---- | C] () -- C:\Users\Carl\Desktop\Please recommend a little known album - but one you really like and reckon deserves a bit more attention, you know, best music-album you've never heard sort of thing... - music Discussion Forum.url
[2011/02/19 10:46:20 | 000,000,000 | -H-- | C] () -- C:\Users\Carl\Documents\Default.rdp
[2011/02/18 21:12:43 | 000,000,207 | ---- | C] () -- C:\Users\Carl\Desktop\Fetchbook.url
[2011/02/17 09:50:20 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/02/15 09:56:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/02/14 17:16:25 | 000,000,938 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/02/14 17:16:13 | 000,003,584 | ---- | C] () -- C:\Users\Carl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/14 13:39:39 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/02/14 13:39:39 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/02/14 10:00:02 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/02/14 10:00:01 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/02/13 21:40:05 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/02/13 21:40:02 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/02/13 21:40:02 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/02/13 21:39:49 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/02/13 21:39:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/02/13 21:39:46 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/02/13 21:39:06 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/02/13 21:38:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/02/13 21:38:30 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/02/13 21:38:19 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2011/02/13 21:38:05 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/02/13 11:58:34 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/02/10 12:35:07 | 000,000,020 | ---- | C] () -- C:\Windows\System32\SYSTEM
[2011/02/09 10:00:37 | 001,656,302 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011/02/09 09:56:12 | 000,000,212 | ---- | C] () -- C:\Users\Carl\Desktop\Google Pack.url
[2011/02/09 09:54:14 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2011/02/09 07:59:18 | 000,014,744 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/02/09 01:39:00 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/02/09 01:38:57 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/02/08 10:12:53 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/02/08 10:06:41 | 000,000,914 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/02/08 10:06:41 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Free File Opener.lnk
[2011/02/07 22:43:31 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2011/02/07 22:43:30 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2011/02/07 22:43:12 | 000,000,024 | RH-- | C] () -- C:\Windows\dell_version
[2011/02/07 20:50:01 | 000,000,863 | ---- | C] () -- C:\Users\Carl\Desktop\My Documents.lnk
[2011/02/07 20:38:48 | 000,000,283 | ---- | C] () -- C:\Users\Carl\Desktop\Coalville, United Kingdom 7 Day Weather Forecast - WeatherBug.com.url
[2011/02/07 19:04:13 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/02/07 18:55:16 | 000,000,159 | ---- | C] () -- C:\Users\Carl\Desktop\PC Advisor.url
[2011/02/07 18:46:47 | 000,000,648 | ---- | C] () -- C:\Users\Carl\Desktop\Convert.lnk
[2011/02/07 18:41:15 | 000,000,737 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\convert - Shortcut.lnk
[2011/02/07 18:31:59 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/07 18:31:58 | 000,000,876 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/07 18:30:18 | 000,002,473 | ---- | C] () -- C:\Users\Carl\Desktop\Microsoft Works Word Processor.lnk
[2011/02/07 18:29:17 | 000,002,453 | ---- | C] () -- C:\Users\Carl\Desktop\Microsoft Works Spreadsheet.lnk
[2011/02/07 18:27:12 | 000,000,104 | ---- | C] () -- C:\Users\Carl\Desktop\E-mail.lnk
[2011/02/07 16:19:23 | 000,002,728 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\wklnhst.dat
[2011/02/07 15:56:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/02/07 15:51:23 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2011/02/07 15:47:29 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/02/07 15:47:02 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2011/02/07 15:34:46 | 000,260,330 | ---- | C] () -- C:\Windows\System32\OEM02Cvw.bff
[2011/02/07 15:34:46 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02Pvc.bmp
[2011/02/07 15:34:46 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02PC.bmp
[2011/02/07 15:34:46 | 000,004,510 | ---- | C] () -- C:\Windows\OEM002.uns
[2011/02/07 15:33:45 | 000,144,360 | ---- | C] () -- C:\Windows\System32\drivers\del1028.cty
[2011/02/07 15:28:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2011/02/07 15:24:53 | 000,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/02/07 15:22:25 | 000,744,318 | ---- | C] () -- C:\Windows\System32\oem12.inf
[2011/02/07 15:22:06 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2011/02/07 15:22:06 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2011/02/07 15:22:06 | 000,001,591 | ---- | C] () -- C:\Windows\System32\Uninst_EAPModules.bat
[2011/02/07 15:22:06 | 000,000,416 | ---- | C] () -- C:\Windows\System32\vcredist_x86.bat
[2011/02/07 15:22:00 | 000,022,729 | ---- | C] () -- C:\newkey
[2011/02/07 15:22:00 | 000,022,729 | ---- | C] () -- C:\newfile.enc
[2011/02/07 15:21:10 | 000,001,927 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2011/02/07 15:17:57 | 000,016,052 | ---- | C] () -- C:\Windows\System32\results.xml
[2011/02/07 15:15:06 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2011/02/07 15:15:05 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2011/02/07 15:15:05 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2011/02/07 15:15:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2011/02/07 15:15:05 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2011/02/07 15:15:05 | 000,027,152 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2011/02/07 15:15:05 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2011/02/07 15:15:05 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2011/02/07 15:07:20 | 000,000,943 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/07 15:04:40 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2011/02/07 14:54:00 | 000,000,949 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/02/07 14:53:59 | 000,000,944 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/02/07 14:53:50 | 000,000,915 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/02/07 14:53:47 | 000,000,680 | ---- | C] () -- C:\Users\Carl\AppData\Local\d3d9caps.dat
[2011/02/07 14:53:45 | 000,000,258 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/02/07 14:53:45 | 000,000,240 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/02/07 14:48:27 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/12/01 16:27:05 | 000,035,902 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\wklnhst (2).dat
[2009/12/01 13:53:47 | 000,066,368 | ---- | C] () -- C:\Users\Carl\AppData\Local\GDIPFONTCACHEV1 (2).DAT
[2009/12/01 13:53:29 | 000,006,648 | ---- | C] () -- C:\Users\Carl\AppData\Local\d3d9caps (2).dat
[2006/11/03 17:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2011/02/07 16:04:22 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\AVG10
[2011/02/07 16:04:22 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/02/07 16:04:22 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/02/07 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\DriverCure
[2011/02/08 10:08:06 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\FreeFileOpener
[2011/02/08 10:07:56 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\IsolatedStorage
[2011/02/14 09:55:32 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\PCDr
[2011/02/07 17:47:31 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\Template
[2011/02/07 17:47:31 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\TMP
[2011/02/07 16:04:25 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\TomTom
[2011/02/14 10:09:56 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/02/22 19:16:02 | 000,028,336 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/02/22 09:27:40 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm

Re: Catalogue of disaster

Unread postby askey127 » February 23rd, 2011, 6:26 pm

Birdie158,
Looks good.
----------------------------------------------
Perform a Custom Scan or Fix with OTL
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2
    
    :Files
    C:\Users\Carl\AppData\Roaming\AVG10
    C:\Users\Carl\AppData\Roaming\PCDr
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Tell me how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Catalogue of disaster

Unread postby Birdie158 » February 26th, 2011, 6:13 am

The machine seems to be running well. Every so often some very minor oddity happens (so minor that I cannot recall any details), but I am unconvinced that they aren't associated with the limitations of MS Works. For instance, opening a Works WP document of more than about 35-40K, or copying even small amounts of text from a website, into a Works WP document, will very often take an eternity, or fail entirely.

Scan result as follows -

OTL logfile created on: 26/02/2011 10:01:28 - Run 4
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Carl\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 120.01 Gb Total Space | 79.61 Gb Free Space | 66.33% Space Free | Partition Type: NTFS
Drive D: | 109.83 Gb Total Space | 107.50 Gb Free Space | 97.88% Space Free | Partition Type: NTFS

Computer Name: CARL-PC | User Name: Carl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
PRC - [2011/02/07 18:32:05 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/24 09:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/08/24 09:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/14 16:56:46 | 001,584,640 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/02/22 17:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/10/25 13:31:20 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/13 15:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/07/24 18:02:42 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/06/06 16:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 14:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2006/11/03 17:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 17:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/09/08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe


========== Modules (SafeList) ==========

MOD - [2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
MOD - [2010/08/31 15:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2011/02/07 16:59:50 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2011/01/20 13:44:03 | 000,797,184 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/08/24 09:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV - [2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/11/18 00:36:02 | 000,021,744 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc.pkms -- (PCDSRVC{E9D79540-57D5953E-06020101}_0)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/07 11:50:48 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/12/07 11:50:46 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/01/21 02:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 02:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 02:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 02:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 02:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 02:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 02:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 02:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 02:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 02:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 02:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 02:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 02:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 02:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 02:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 02:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 02:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 02:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 02:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 02:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 02:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 02:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/12/26 20:02:52 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/12/06 21:52:42 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/10/11 01:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/17 10:22:00 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 23:21:32 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2007/04/25 12:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/06 17:37:16 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2006/11/06 15:13:52 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/11/06 15:13:50 | 000,080,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2006/11/02 18:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 18:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/02 18:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 09:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 09:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 09:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 09:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 09:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 09:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 09:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 09:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 09:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 09:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 08:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 08:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 08:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 08:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 08:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 08:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 07:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2


[2011/02/07 16:04:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carl\AppData\Roaming\Mozilla\Extensions
[2010/08/21 09:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carl\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/02/22 09:50:39 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [dellsupportcenter] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Carl\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Carl\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4aa6be4e-3e64-11e0-9757-001fe1de2b87}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/02/26 09:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/02/26 09:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2011/02/24 09:39:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/02/22 19:03:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/02/22 09:49:23 | 000,000,000 | ---D | C] -- C:\Users\Carl\Documents\TomTom
[2011/02/22 09:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom
[2011/02/22 09:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2011/02/19 10:40:56 | 000,000,000 | ---D | C] -- C:\Users\Carl\Documents\Dell Webcam Center
[2011/02/19 10:40:55 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Creative
[2011/02/15 09:31:19 | 000,000,000 | ---D | C] -- C:\Users\Carl\Documents\Bluetooth Exchange Folder
[2011/02/14 17:16:42 | 000,000,000 | R--D | C] -- C:\Users\Carl\Pictures
[2011/02/14 13:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/02/14 13:37:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/02/14 13:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/02/14 09:59:49 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/02/14 09:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2011/02/13 22:10:44 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
[2011/02/13 21:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/02/13 21:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/02/13 21:57:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/02/13 21:54:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/02/13 21:36:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/02/13 12:11:54 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Avira
[2011/02/13 11:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/02/13 11:58:28 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/02/13 11:58:28 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/02/13 11:58:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/02/13 11:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/02/13 11:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/02/12 17:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/02/09 12:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
[2011/02/09 12:00:26 | 000,147,456 | ---- | C] (Info-ZIP) -- C:\Windows\System32\vbzip10.dll
[2011/02/09 09:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/02/09 09:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2011/02/09 09:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2011/02/09 00:48:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/09 00:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2011/02/08 23:45:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/02/08 23:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/02/08 23:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/02/08 22:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\AA Antimalware
[2011/02/08 21:35:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/02/08 21:35:24 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/02/08 21:31:56 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Sunbelt Software
[2011/02/08 21:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/02/08 20:49:00 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Malwarebytes
[2011/02/08 20:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/08 19:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/02/08 19:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/02/08 10:07:56 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\IsolatedStorage
[2011/02/08 10:07:55 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\FreeFileOpener
[2011/02/08 10:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free File Opener
[2011/02/08 10:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Free File Opener
[2011/02/07 22:43:44 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/02/07 22:43:30 | 000,000,000 | -HSD | C] -- C:\Boot
[2011/02/07 22:43:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2011/02/07 19:58:13 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Dell
[2011/02/07 19:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Wireless
[2011/02/07 19:47:19 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
[2011/02/07 19:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/02/07 18:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/02/07 17:54:51 | 000,000,000 | R--D | C] -- C:\Users\Carl\Contacts
[2011/02/07 17:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2011/02/07 17:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Broadband Desktop Help
[2011/02/07 17:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2011/02/07 17:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2011/02/07 16:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BTHomeHub
[2011/02/07 16:57:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/02/07 15:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/02/07 15:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2011/02/07 15:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/02/07 15:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE
[2011/02/07 15:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/02/07 15:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2011/02/07 15:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2011/02/07 15:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2011/02/07 15:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/02/07 15:51:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2011/02/07 15:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2011/02/07 15:50:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2011/02/07 15:50:27 | 005,627,904 | ---- | C] (Reallusion Inc.) -- C:\Windows\System32\LiveCamVirtual.ocx
[2011/02/07 15:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Creative Live! Cam
[2011/02/07 15:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2011/02/07 15:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/02/07 15:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2011/02/07 15:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/02/07 15:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/02/07 15:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/02/07 15:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem Diagnostic Tool
[2011/02/07 15:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Modem Diagnostic Tool
[2011/02/07 15:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2011/02/07 15:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2011/02/07 15:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2011/02/07 15:34:46 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\System32\cximage.dll
[2011/02/07 15:34:46 | 000,007,424 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys
[2011/02/07 15:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2011/02/07 15:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell
[2011/02/07 15:32:16 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\TMP
[2011/02/07 15:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2011/02/07 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Carl\Bluetooth Software
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-MX
[2011/02/07 15:24:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-AR
[2011/02/07 15:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2011/02/07 15:21:59 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\InstallShield
[2011/02/07 15:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell QuickSet
[2011/02/07 15:11:51 | 004,947,968 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacgui.cpl
[2011/02/07 15:11:51 | 000,102,400 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
[2011/02/07 15:11:27 | 000,146,944 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll
[2011/02/07 15:11:26 | 000,595,456 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2011/02/07 15:11:26 | 000,330,240 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2011/02/07 15:11:26 | 000,328,704 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2011/02/07 15:11:26 | 000,299,520 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2011/02/07 15:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2011/02/07 15:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
[2011/02/07 15:08:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2011/02/07 15:08:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2011/02/07 15:04:40 | 000,042,496 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2011/02/07 15:04:40 | 000,039,936 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2011/02/07 15:04:40 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2011/02/07 15:04:40 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/02/07 15:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/02/07 15:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011/02/07 15:00:48 | 000,000,000 | ---D | C] -- C:\Intel
[2011/02/07 14:59:29 | 000,000,000 | ---D | C] -- C:\dell
[2011/02/07 14:57:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2011/02/07 14:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2011/02/07 14:57:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\Searches
[2011/02/07 14:53:59 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/02/07 14:53:51 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Identities
[2011/02/07 14:53:49 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\VirtualStore
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\Temporary Internet Files
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Templates
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Start Menu
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\SendTo
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Recent
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\PrintHood
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\NetHood
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\My Documents
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Local Settings
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\History
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Cookies
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\Application Data
[2011/02/07 14:53:46 | 000,000,000 | -HSD | C] -- C:\Users\Carl\AppData\Local\Application Data
[2011/02/07 14:53:45 | 000,000,000 | --SD | C] -- C:\Users\Carl\AppData\Roaming\Microsoft
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Videos
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Saved Games
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Music
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Links
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Favorites
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Downloads
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\Desktop
[2011/02/07 14:53:45 | 000,000,000 | R--D | C] -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/02/07 14:53:45 | 000,000,000 | -H-D | C] -- C:\Users\Carl\AppData
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Temp
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Local\Microsoft
[2011/02/07 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\Carl\AppData\Roaming\Media Center Programs
[2011/02/07 14:51:22 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2011/02/07 14:47:29 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/02/07 14:44:19 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/02/07 14:44:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2011/02/26 10:03:44 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/02/26 10:00:37 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/26 10:00:27 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/26 10:00:27 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/26 10:00:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/26 09:59:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/02/26 09:40:20 | 000,000,222 | ---- | M] () -- C:\Users\Carl\Desktop\BT.com.url
[2011/02/26 09:36:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/26 09:14:45 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/02/26 09:09:57 | 002,037,542 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/02/26 09:09:57 | 000,837,354 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/02/25 20:42:12 | 000,000,247 | ---- | M] () -- C:\Users\Carl\Desktop\Ch 2 Opening the Bird (604) Partners in Animal Health.url
[2011/02/25 19:25:05 | 000,002,473 | ---- | M] () -- C:\Users\Carl\Desktop\Microsoft Works Word Processor.lnk
[2011/02/25 18:09:22 | 000,002,936 | ---- | M] () -- C:\Users\Carl\AppData\Roaming\wklnhst.dat
[2011/02/25 18:08:28 | 000,002,453 | ---- | M] () -- C:\Users\Carl\Desktop\Microsoft Works Spreadsheet.lnk
[2011/02/24 10:33:54 | 000,000,189 | ---- | M] () -- C:\Users\Carl\Desktop\AA Autoroute.url
[2011/02/23 15:07:37 | 000,000,198 | ---- | M] () -- C:\Users\Carl\Desktop\Real Deal Competition - ITV Lifestyle.url
[2011/02/22 21:33:38 | 000,000,198 | ---- | M] () -- C:\Users\Carl\Desktop\music from CSI NY - Epilogue - heardontv.com.url
[2011/02/22 21:32:17 | 000,000,280 | ---- | M] () -- C:\Users\Carl\Desktop\TV Guide.url
[2011/02/22 19:28:31 | 000,000,217 | ---- | M] () -- C:\Users\Carl\Desktop\Google.url
[2011/02/19 10:46:20 | 000,000,000 | -H-- | M] () -- C:\Users\Carl\Documents\Default.rdp
[2011/02/18 21:12:43 | 000,000,207 | ---- | M] () -- C:\Users\Carl\Desktop\Fetchbook.url
[2011/02/17 09:53:44 | 000,000,943 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/15 09:56:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/02/14 17:16:25 | 000,000,938 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/02/14 17:16:16 | 000,003,584 | ---- | M] () -- C:\Users\Carl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/14 17:14:52 | 000,000,863 | ---- | M] () -- C:\Users\Carl\Desktop\My Documents.lnk
[2011/02/14 15:59:03 | 000,000,245 | ---- | M] () -- C:\Users\Carl\Desktop\Money Saving Expert Consumer Revenge - Credit Cards, Shopping, Bank Charges, Cheap Flights and more.url
[2011/02/14 10:09:56 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/02/14 10:09:50 | 000,280,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/02/13 22:10:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Carl\Desktop\OTL.exe
[2011/02/13 10:01:42 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/02/13 09:42:22 | 001,656,302 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/02/10 12:35:07 | 000,000,020 | ---- | M] () -- C:\Windows\System32\SYSTEM
[2011/02/09 09:10:57 | 000,014,744 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/02/08 21:35:23 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/02/08 10:06:41 | 000,000,914 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/02/07 22:43:31 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/02/07 20:38:48 | 000,000,283 | ---- | M] () -- C:\Users\Carl\Desktop\Coalville, United Kingdom 7 Day Weather Forecast - WeatherBug.com.url
[2011/02/07 19:52:18 | 000,022,729 | ---- | M] () -- C:\newkey
[2011/02/07 19:52:18 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2011/02/07 18:55:16 | 000,000,159 | ---- | M] () -- C:\Users\Carl\Desktop\PC Advisor.url
[2011/02/07 18:46:47 | 000,000,648 | ---- | M] () -- C:\Users\Carl\Desktop\Convert.lnk
[2011/02/07 18:41:15 | 000,000,737 | ---- | M] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\convert - Shortcut.lnk
[2011/02/07 18:27:12 | 000,000,104 | ---- | M] () -- C:\Users\Carl\Desktop\E-mail.lnk
[2011/02/07 15:56:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/02/07 15:51:23 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2011/02/07 15:28:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2011/02/07 15:24:53 | 000,000,743 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/02/07 15:22:16 | 000,744,318 | ---- | M] () -- C:\Windows\System32\oem12.inf
[2011/02/07 15:21:10 | 000,001,927 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2011/02/07 15:17:57 | 000,016,052 | ---- | M] () -- C:\Windows\System32\results.xml
[2011/02/07 15:13:38 | 000,000,680 | ---- | M] () -- C:\Users\Carl\AppData\Local\d3d9caps.dat
[2011/02/07 14:48:56 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2011/02/26 09:40:20 | 000,000,222 | ---- | C] () -- C:\Users\Carl\Desktop\BT.com.url
[2011/02/26 09:19:33 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/02/26 09:19:33 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/02/26 09:19:33 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2011/02/25 20:42:12 | 000,000,247 | ---- | C] () -- C:\Users\Carl\Desktop\Ch 2 Opening the Bird (604) Partners in Animal Health.url
[2011/02/24 09:37:34 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/02/24 09:37:34 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/02/24 09:37:34 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/02/19 10:46:20 | 000,000,000 | -H-- | C] () -- C:\Users\Carl\Documents\Default.rdp
[2011/02/18 21:12:43 | 000,000,207 | ---- | C] () -- C:\Users\Carl\Desktop\Fetchbook.url
[2011/02/17 09:50:20 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/02/15 09:56:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/02/14 17:16:25 | 000,000,938 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/02/14 17:16:13 | 000,003,584 | ---- | C] () -- C:\Users\Carl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/14 13:39:39 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/02/14 10:00:02 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/02/14 10:00:01 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/02/13 21:40:05 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/02/13 21:40:02 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/02/13 21:40:02 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/02/13 21:39:49 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/02/13 21:39:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/02/13 21:39:46 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/02/13 21:39:06 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/02/13 21:38:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/02/13 21:38:30 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/02/13 21:38:19 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2011/02/13 21:38:05 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/02/10 12:35:07 | 000,000,020 | ---- | C] () -- C:\Windows\System32\SYSTEM
[2011/02/09 10:00:37 | 001,656,302 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011/02/09 09:54:14 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2011/02/09 07:59:18 | 000,014,744 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/02/09 01:39:00 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/02/09 01:38:57 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/02/08 10:12:53 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/02/08 10:06:41 | 000,000,914 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/02/07 22:43:31 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2011/02/07 22:43:30 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2011/02/07 22:43:12 | 000,000,024 | RH-- | C] () -- C:\Windows\dell_version
[2011/02/07 20:50:01 | 000,000,863 | ---- | C] () -- C:\Users\Carl\Desktop\My Documents.lnk
[2011/02/07 20:38:48 | 000,000,283 | ---- | C] () -- C:\Users\Carl\Desktop\Coalville, United Kingdom 7 Day Weather Forecast - WeatherBug.com.url
[2011/02/07 19:04:13 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/02/07 18:55:16 | 000,000,159 | ---- | C] () -- C:\Users\Carl\Desktop\PC Advisor.url
[2011/02/07 18:46:47 | 000,000,648 | ---- | C] () -- C:\Users\Carl\Desktop\Convert.lnk
[2011/02/07 18:41:15 | 000,000,737 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\convert - Shortcut.lnk
[2011/02/07 18:31:59 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/07 18:31:58 | 000,000,876 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/07 18:30:18 | 000,002,473 | ---- | C] () -- C:\Users\Carl\Desktop\Microsoft Works Word Processor.lnk
[2011/02/07 18:29:17 | 000,002,453 | ---- | C] () -- C:\Users\Carl\Desktop\Microsoft Works Spreadsheet.lnk
[2011/02/07 18:27:12 | 000,000,104 | ---- | C] () -- C:\Users\Carl\Desktop\E-mail.lnk
[2011/02/07 16:19:23 | 000,002,936 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\wklnhst.dat
[2011/02/07 15:56:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/02/07 15:51:23 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2011/02/07 15:47:29 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/02/07 15:47:02 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2011/02/07 15:34:46 | 000,260,330 | ---- | C] () -- C:\Windows\System32\OEM02Cvw.bff
[2011/02/07 15:34:46 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02Pvc.bmp
[2011/02/07 15:34:46 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02PC.bmp
[2011/02/07 15:34:46 | 000,004,510 | ---- | C] () -- C:\Windows\OEM002.uns
[2011/02/07 15:33:45 | 000,144,360 | ---- | C] () -- C:\Windows\System32\drivers\del1028.cty
[2011/02/07 15:28:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2011/02/07 15:24:53 | 000,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/02/07 15:22:25 | 000,744,318 | ---- | C] () -- C:\Windows\System32\oem12.inf
[2011/02/07 15:22:06 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2011/02/07 15:22:06 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2011/02/07 15:22:06 | 000,001,591 | ---- | C] () -- C:\Windows\System32\Uninst_EAPModules.bat
[2011/02/07 15:22:06 | 000,000,416 | ---- | C] () -- C:\Windows\System32\vcredist_x86.bat
[2011/02/07 15:22:00 | 000,022,729 | ---- | C] () -- C:\newkey
[2011/02/07 15:22:00 | 000,022,729 | ---- | C] () -- C:\newfile.enc
[2011/02/07 15:21:10 | 000,001,927 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2011/02/07 15:17:57 | 000,016,052 | ---- | C] () -- C:\Windows\System32\results.xml
[2011/02/07 15:15:06 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2011/02/07 15:15:05 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2011/02/07 15:15:05 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2011/02/07 15:15:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2011/02/07 15:15:05 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2011/02/07 15:15:05 | 000,027,152 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2011/02/07 15:15:05 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2011/02/07 15:15:05 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2011/02/07 15:07:20 | 000,000,943 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/07 15:04:40 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2011/02/07 14:54:00 | 000,000,949 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/02/07 14:53:59 | 000,000,944 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/02/07 14:53:50 | 000,000,915 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/02/07 14:53:47 | 000,000,680 | ---- | C] () -- C:\Users\Carl\AppData\Local\d3d9caps.dat
[2011/02/07 14:53:45 | 000,000,258 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/02/07 14:53:45 | 000,000,240 | ---- | C] () -- C:\Users\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/02/07 14:48:27 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/12/01 16:27:05 | 000,035,902 | ---- | C] () -- C:\Users\Carl\AppData\Roaming\wklnhst (2).dat
[2009/12/01 13:53:47 | 000,066,368 | ---- | C] () -- C:\Users\Carl\AppData\Local\GDIPFONTCACHEV1 (2).DAT
[2009/12/01 13:53:29 | 000,006,648 | ---- | C] () -- C:\Users\Carl\AppData\Local\d3d9caps (2).dat
[2006/11/03 17:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2011/02/07 16:04:22 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/02/07 16:04:22 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/02/07 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\DriverCure
[2011/02/08 10:08:06 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\FreeFileOpener
[2011/02/08 10:07:56 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\IsolatedStorage
[2011/02/07 17:47:31 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\Template
[2011/02/07 17:47:31 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\TMP
[2011/02/07 16:04:25 | 000,000,000 | ---D | M] -- C:\Users\Carl\AppData\Roaming\TomTom
[2011/02/14 10:09:56 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/02/26 09:59:45 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/02/26 09:14:45 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



< End of report >
Birdie158
Active Member
 
Posts: 11
Joined: February 9th, 2011, 12:31 pm
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 49 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware