Hi Askey,
OTL.txt as follow:
OTL logfile created on: 13/09/2010 21:30:55 - Run 3
OTL by OldTimer - Version 3.2.12.0 Folder = D:\Documents and Settings\Paul\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1,007.00 Mb Total Physical Memory | 563.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 147.25 Gb Total Space | 113.20 Gb Free Space | 76.87% Space Free | Partition Type: NTFS
Drive D: | 39.05 Gb Total Space | 33.11 Gb Free Space | 84.79% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive K: | 930.86 Gb Total Space | 539.36 Gb Free Space | 57.94% Space Free | Partition Type: NTFS
Computer Name: N-52643C1385FA4
Current User Name: Paul
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/09/13 21:15:06 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Paul\Desktop\OTL.exe
PRC - [2010/09/12 23:02:52 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/09/12 23:02:51 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/09/12 23:02:50 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/09/12 23:02:47 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/12 23:02:26 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/09/12 23:02:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/09/12 23:01:56 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/09/12 23:01:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2005/11/14 03:40:00 | 005,230,080 | ---- | M] (Linksys) -- D:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GSv2.exe
PRC - [2005/05/20 02:11:06 | 000,925,696 | R--- | M] (Analog Devices, Inc.) -- D:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2004/02/06 22:56:14 | 000,041,025 | ---- | M] (GEMTEKS) -- D:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
========== Modules (SafeList) ========== MOD - [2010/09/13 21:15:06 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Paul\Desktop\OTL.exe
MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Running] -- D:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe WUSB54GSv2.exe -- (WUSB54GSv2SVC)
SRV - [2010/09/12 23:02:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/09/12 23:01:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- D:\WINDOWS\System32\drivers\EntDrv51.sys -- (EntDrv51)
DRV - [2010/09/12 23:03:52 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- D:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/09/12 23:03:51 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/09/12 23:03:43 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/09/12 23:03:42 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 20:02:52 | 000,011,520 | R--- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/05/16 14:01:00 | 006,557,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/04/14 00:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2005/09/15 05:56:48 | 000,141,312 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2005/08/11 06:49:28 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/07/29 10:11:04 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/29 10:11:02 | 000,034,048 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AVG9_TRAY] D:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IMJPMIG8.1] D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKCU..\Run: [BrowserChoice] D:\WINDOWS\System32\browserchoice.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 4326922620 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - D:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/03 21:31:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 22:12:18 | 000,000,088 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\WD SmartWare.exe -- [2009/08/17 18:53:00 | 002,770,432 | R--- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)
========== Files/Folders - Created Within 90 Days ========== [2010/09/13 21:14:58 | 000,576,000 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Paul\Desktop\OTL.exe
[2010/09/13 03:06:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\KB905474
[2010/09/13 00:19:32 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\NtmsData
[2010/09/13 00:01:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Paul\Application Data\Macromedia
[2010/09/12 23:50:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Paul\Application Data\Avira
[2010/09/12 23:44:20 | 000,028,520 | ---- | C] (Avira GmbH) -- D:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/09/12 23:44:19 | 000,124,784 | ---- | C] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avipbb.sys
[2010/09/12 23:44:19 | 000,060,936 | ---- | C] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avgntflt.sys
[2010/09/12 23:44:19 | 000,045,416 | ---- | C] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avgntdd.sys
[2010/09/12 23:44:19 | 000,022,360 | ---- | C] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/09/12 23:44:18 | 000,000,000 | ---D | C] -- D:\Program Files\Avira
[2010/09/12 23:44:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Avira
[2010/09/12 23:38:03 | 000,446,464 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Paul\Desktop\TFC.exe
[2010/09/12 23:17:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Paul\Application Data\Malwarebytes
[2010/09/12 23:17:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/12 23:17:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2010/09/12 23:17:25 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2010/09/12 23:17:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/12 23:16:43 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- D:\Documents and Settings\Paul\Desktop\mbam-setup.exe
[2010/09/12 23:12:02 | 000,000,000 | ---D | C] -- D:\Program Files\Trend Micro
[2010/09/12 23:11:56 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- D:\Documents and Settings\Paul\Desktop\HJTInstall.exe
[2010/09/12 23:09:31 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\appmgmt
[2010/09/12 23:03:53 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\avgrsstx.dll
[2010/09/12 23:03:52 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\drivers\avgrkx86.sys
[2010/09/12 23:03:49 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\drivers\avgtdix.sys
[2010/09/12 23:03:42 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\drivers\avgldx86.sys
[2010/09/12 23:03:40 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/09/12 23:03:33 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\Avg
[2010/09/12 23:00:13 | 000,000,000 | ---D | C] -- D:\Program Files\AVG
[2010/09/12 22:59:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\avg9
[2010/09/12 22:51:44 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Paul\IECompatCache
[2010/09/12 22:51:05 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Paul\PrivacIE
[2010/09/12 22:49:50 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Paul\IETldCache
[2010/09/12 22:47:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\ie8updates
[2010/09/12 22:47:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\WBEM
[2010/09/12 22:46:09 | 000,000,000 | -H-D | C] -- D:\WINDOWS\ie8
[2010/09/12 22:45:53 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2010/09/12 22:36:14 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Cisco Systems
[2010/09/12 22:32:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/09/12 22:32:25 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\PreInstall
[2010/09/12 22:32:23 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$hf_mig$
[2010/09/12 22:28:38 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Paul\UserData
[2010/09/12 22:28:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\SoftwareDistribution
[2010/09/12 22:22:24 | 000,015,872 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\System32\GTNDIS5.sys
[2010/09/12 22:22:23 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2010/09/12 22:22:13 | 000,000,000 | ---D | C] -- D:\Program Files\Linksys Wireless-G USB Wireless Network Monitor
[2010/09/12 22:18:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\nview
[2010/09/12 22:15:34 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2010/09/12 22:15:33 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2010/09/12 22:15:28 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2010/09/12 22:15:27 | 000,000,000 | R--D | C] -- D:\Program Files
[2010/09/12 22:15:27 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2010/09/12 22:15:27 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2010/09/12 22:14:55 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Start Menu
[2010/09/12 22:14:55 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents
[2010/09/12 22:14:55 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Templates
[2010/09/12 22:14:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Favorites
[2010/09/12 22:14:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Desktop
[2010/09/12 22:13:01 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2010/09/12 22:13:01 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2010/09/12 22:12:55 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Application Data\Microsoft
[2010/09/12 22:12:55 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Application Data
[2010/09/12 22:12:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2010/09/12 22:12:02 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2010/09/12 22:10:25 | 000,011,520 | R--- | C] (Western Digital Technologies) -- D:\WINDOWS\System32\drivers\wdcsam.sys
[2010/09/12 22:09:15 | 000,000,000 | ---D | C] -- D:\Program Files\Analog Devices
[2010/09/12 22:09:14 | 000,393,088 | R--- | C] (Sensaura) -- D:\WINDOWS\System32\drivers\senfilt.sys
[2010/09/12 22:08:00 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2010/09/12 22:05:26 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2010/09/12 22:05:26 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache
[2010/09/12 22:05:26 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2010/09/12 22:05:26 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\ehome
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2010/09/12 22:05:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[2010/09/12 21:58:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2010/09/12 21:53:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\scripting
[2010/09/12 21:53:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\l2schemas
[2010/09/12 21:53:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-us
[2010/09/12 21:53:29 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en
[2010/09/12 21:53:29 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\bits
[2010/09/12 21:52:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\ServicePackFiles
[2010/09/12 21:50:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\network diagnostic
[2010/09/12 21:49:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ReinstallBackups
[2010/09/12 21:47:52 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$NtServicePackUninstall$
[2010/09/12 21:43:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Paul\Local Settings\Application Data\Western Digital
[2010/09/12 21:42:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Paul\Application Data\Identities
[2010/09/12 21:42:06 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2010/09/12 21:42:03 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Paul\My Documents\My Pictures
[2010/09/12 21:42:03 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Paul\My Documents\My Music
[2010/09/12 21:41:49 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Paul\Application Data\Microsoft
[2010/09/12 21:41:49 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Paul\SendTo
[2010/09/12 21:41:49 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Paul\Recent
[2010/09/12 21:41:49 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Paul\Application Data
[2010/09/12 21:41:49 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Paul\Start Menu
[2010/09/12 21:41:49 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Paul\My Documents
[2010/09/12 21:41:49 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Paul\Favorites
[2010/09/12 21:41:49 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Paul\Cookies
[2010/09/12 21:41:49 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Paul\Templates
[2010/09/12 21:41:49 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Paul\PrintHood
[2010/09/12 21:41:49 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Paul\NetHood
[2010/09/12 21:41:49 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Paul\Local Settings
[2010/09/12 21:41:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Paul\Local Settings\Application Data\Microsoft
[2010/09/12 21:41:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Paul\Desktop
[2010/09/12 21:41:10 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2010/09/12 21:41:08 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2010/09/12 21:41:08 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/09/12 21:41:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/09/12 21:40:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/09/12 21:40:50 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/09/12 21:39:32 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2010/09/12 21:39:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2010/09/12 21:38:43 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2010/09/12 21:38:12 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2010/09/12 21:38:12 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2010/09/12 21:38:12 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2010/09/12 21:36:56 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM
[2010/09/12 21:36:48 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2010/09/12 21:36:48 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2010/09/12 21:36:38 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2010/09/12 21:36:13 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2010/09/12 21:35:25 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2010/09/12 21:35:21 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2010/09/12 21:35:19 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2010/09/12 21:35:12 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2010/09/12 21:35:10 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2010/09/12 21:34:57 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2010/09/12 21:34:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2010/09/12 21:34:37 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2010/09/12 21:34:32 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2010/09/12 21:34:21 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2010/09/12 21:34:19 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2010/09/12 21:34:18 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents\My Pictures
[2010/09/12 21:33:52 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2010/09/12 21:33:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2010/09/12 21:33:40 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents\My Music
[2010/09/12 21:33:40 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2010/09/12 21:33:40 | 000,000,000 | ---D | C] -- D:\Program Files\Online Services
[2010/09/12 21:33:34 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2010/09/12 21:33:30 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2010/09/12 21:32:43 | 000,000,000 | ---D | C] -- D:\Program Files\MSN
[2010/09/12 21:32:40 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2010/09/12 21:32:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2010/09/12 21:32:32 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2010/09/12 21:32:17 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents\My Videos
========== Files - Modified Within 90 Days ========== [2010/09/13 21:17:05 | 064,580,852 | ---- | M] () -- D:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/13 21:15:06 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Paul\Desktop\OTL.exe
[2010/09/13 21:12:28 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010/09/13 21:11:51 | 000,186,097 | ---- | M] () -- D:\WINDOWS\System32\nvapps.xml
[2010/09/13 21:11:43 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010/09/13 21:11:38 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010/09/13 07:07:15 | 001,048,576 | -H-- | M] () -- D:\Documents and Settings\Paul\NTUSER.DAT
[2010/09/13 07:07:15 | 000,000,178 | -HS- | M] () -- D:\Documents and Settings\Paul\ntuser.ini
[2010/09/13 07:07:08 | 004,279,638 | -H-- | M] () -- D:\Documents and Settings\Paul\Local Settings\Application Data\IconCache.db
[2010/09/13 03:28:18 | 000,311,604 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010/09/13 03:28:18 | 000,039,992 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010/09/13 03:28:17 | 000,356,120 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/13 03:24:04 | 000,001,503 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Browser Choice.lnk
[2010/09/13 03:23:42 | 000,097,456 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/13 03:07:06 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2010/09/12 23:44:30 | 000,001,707 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/09/12 23:39:19 | 000,446,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Paul\Desktop\TFC.exe
[2010/09/12 23:34:56 | 044,089,904 | ---- | M] () -- D:\Documents and Settings\Paul\Desktop\avira_antivir_personal_en.exe
[2010/09/12 23:17:30 | 000,000,696 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/12 23:17:02 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- D:\Documents and Settings\Paul\Desktop\mbam-setup.exe
[2010/09/12 23:12:04 | 000,001,734 | ---- | M] () -- D:\Documents and Settings\Paul\Desktop\HijackThis.lnk
[2010/09/12 23:11:59 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- D:\Documents and Settings\Paul\Desktop\HJTInstall.exe
[2010/09/12 23:03:56 | 000,001,507 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2010/09/12 23:03:55 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\avgrsstx.dll
[2010/09/12 23:03:52 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\drivers\avgrkx86.sys
[2010/09/12 23:03:51 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\drivers\avgtdix.sys
[2010/09/12 23:03:43 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\drivers\avgldx86.sys
[2010/09/12 23:03:42 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/09/12 23:03:40 | 000,113,461 | ---- | M] () -- D:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/09/12 22:50:21 | 000,020,456 | ---- | M] () -- D:\Documents and Settings\Paul\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/12 22:49:59 | 000,000,815 | ---- | M] () -- D:\Documents and Settings\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/12 22:44:53 | 000,000,512 | ---- | M] () -- D:\WINDOWS\randseed.rnd
[2010/09/12 22:32:50 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010/09/12 22:21:45 | 000,001,413 | ---- | M] () -- D:\WINDOWS\System32\WLAN.INI
[2010/09/12 22:15:27 | 000,000,231 | ---- | M] () -- D:\WINDOWS\system.ini
[2010/09/12 22:10:57 | 000,019,280 | ---- | M] () -- D:\WINDOWS\Ascd_tmp.ini
[2010/09/12 21:59:42 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2010/09/12 21:42:14 | 000,000,079 | ---- | M] () -- D:\Documents and Settings\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/12 21:40:54 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2010/09/12 21:40:05 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2010/09/12 21:37:51 | 000,002,577 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010/09/12 21:37:51 | 000,000,477 | ---- | M] () -- D:\WINDOWS\win.ini
[2010/09/12 21:37:51 | 000,000,000 | ---- | M] () -- D:\WINDOWS\control.ini
[2010/09/12 21:37:42 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2010/09/12 21:37:42 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2010/09/12 21:37:34 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2010/09/12 21:36:48 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/12 21:36:48 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/12 21:33:59 | 000,021,640 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010/09/12 21:33:50 | 000,000,037 | ---- | M] () -- D:\WINDOWS\vbaddin.ini
[2010/09/12 21:33:50 | 000,000,036 | ---- | M] () -- D:\WINDOWS\vb.ini
========== Files Created - No Company Name ========== [2010/09/13 03:24:04 | 000,001,503 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Browser Choice.lnk
[2010/09/13 03:06:03 | 000,000,260 | ---- | C] () -- D:\WINDOWS\tasks\WGASetup.job
[2010/09/12 23:44:30 | 000,001,707 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/09/12 23:34:55 | 044,089,904 | ---- | C] () -- D:\Documents and Settings\Paul\Desktop\avira_antivir_personal_en.exe
[2010/09/12 23:17:30 | 000,000,696 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/12 23:12:04 | 000,001,734 | ---- | C] () -- D:\Documents and Settings\Paul\Desktop\HijackThis.lnk
[2010/09/12 23:03:55 | 000,001,507 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2010/09/12 23:03:39 | 000,113,461 | ---- | C] () -- D:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/09/12 23:03:33 | 064,580,852 | ---- | C] () -- D:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/12 22:36:37 | 000,000,512 | ---- | C] () -- D:\WINDOWS\randseed.rnd
[2010/09/12 22:28:43 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2010/09/12 22:28:41 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/09/12 22:28:36 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2010/09/12 22:28:34 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/09/12 22:28:32 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\korwbrkr.lex
[2010/09/12 22:28:32 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/09/12 22:28:32 | 000,002,060 | ---- | C] () -- D:\WINDOWS\System32\noise.jpn
[2010/09/12 22:28:32 | 000,001,486 | ---- | C] () -- D:\WINDOWS\System32\noise.kor
[2010/09/12 22:28:22 | 000,211,938 | ---- | C] () -- D:\WINDOWS\System32\lcphrase.tbl
[2010/09/12 22:28:22 | 000,146,126 | ---- | C] () -- D:\WINDOWS\System32\array30.tab
[2010/09/12 22:28:22 | 000,110,566 | ---- | C] () -- D:\WINDOWS\System32\arphr.tbl
[2010/09/12 22:28:22 | 000,043,242 | ---- | C] () -- D:\WINDOWS\System32\phoncode.tbl
[2010/09/12 22:28:22 | 000,024,114 | ---- | C] () -- D:\WINDOWS\System32\lcptr.tbl
[2010/09/12 22:28:22 | 000,018,600 | ---- | C] () -- D:\WINDOWS\System32\arrayhw.tab
[2010/09/12 22:28:22 | 000,016,312 | ---- | C] () -- D:\WINDOWS\System32\arptr.tbl
[2010/09/12 22:28:22 | 000,004,071 | ---- | C] () -- D:\WINDOWS\System32\phon.tbl
[2010/09/12 22:28:22 | 000,002,714 | ---- | C] () -- D:\WINDOWS\System32\phonptr.tbl
[2010/09/12 22:28:22 | 000,000,700 | ---- | C] () -- D:\WINDOWS\System32\dayiptr.tbl
[2010/09/12 22:28:22 | 000,000,520 | ---- | C] () -- D:\WINDOWS\System32\dayiphr.tbl
[2010/09/12 22:28:21 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls
[2010/09/12 22:28:21 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\c_10002.nls
[2010/09/12 22:28:21 | 000,116,285 | ---- | C] () -- D:\WINDOWS\System32\msdayi.tbl
[2010/09/12 22:28:21 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/09/12 22:28:21 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\bopomofo.nls
[2010/09/12 22:28:21 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls
[2010/09/12 22:28:21 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\big5.nls
[2010/09/12 22:28:21 | 000,044,370 | ---- | C] () -- D:\WINDOWS\System32\acode.tbl
[2010/09/12 22:28:21 | 000,044,370 | ---- | C] () -- D:\WINDOWS\System32\a234.tbl
[2010/09/12 22:28:21 | 000,001,460 | ---- | C] () -- D:\WINDOWS\System32\a15.tbl
[2010/09/12 22:28:20 | 000,016,254 | ---- | C] () -- D:\WINDOWS\System32\PINTLPAE.HLP
[2010/09/12 22:28:20 | 000,014,821 | ---- | C] () -- D:\WINDOWS\System32\PINTLPAD.HLP
[2010/09/12 22:28:15 | 001,223,500 | ---- | C] () -- D:\WINDOWS\System32\WINZM.MB
[2010/09/12 22:28:14 | 001,783,864 | ---- | C] () -- D:\WINDOWS\System32\WINPY.MB
[2010/09/12 22:28:14 | 001,564,868 | ---- | C] () -- D:\WINDOWS\System32\WINSP.MB
[2010/09/12 22:28:13 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls
[2010/09/12 22:28:13 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\c_10008.nls
[2010/09/12 22:28:13 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\prcp.nls
[2010/09/12 22:28:13 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls
[2010/09/12 22:28:13 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\prc.nls
[2010/09/12 22:28:13 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls
[2010/09/12 22:28:10 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2010/09/12 22:28:10 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2010/09/12 22:28:04 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls
[2010/09/12 22:28:04 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\c_1361.nls
[2010/09/12 22:28:04 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls
[2010/09/12 22:28:04 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\c_10003.nls
[2010/09/12 22:28:03 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\ksc.nls
[2010/09/12 22:28:03 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls
[2010/09/12 22:27:58 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/09/12 22:27:32 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls
[2010/09/12 22:27:32 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\c_20932.nls
[2010/09/12 22:27:32 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls
[2010/09/12 22:27:32 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\c_20949.nls
[2010/09/12 22:27:32 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls
[2010/09/12 22:27:32 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\c_20936.nls
[2010/09/12 22:27:31 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls
[2010/09/12 22:27:31 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\c_20000.nls
[2010/09/12 22:27:31 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls
[2010/09/12 22:27:31 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\c_10001.nls
[2010/09/12 22:27:31 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls
[2010/09/12 22:27:31 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_21027.nls
[2010/09/12 22:27:31 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls
[2010/09/12 22:27:31 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_20290.nls
[2010/09/12 22:27:31 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\xjis.nls
[2010/09/12 22:27:31 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls
[2010/09/12 22:22:24 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\GTW32N50.dll
[2010/09/12 22:22:24 | 000,031,930 | ---- | C] () -- D:\WINDOWS\System32\GTNDIS3.VXD
[2010/09/12 22:22:24 | 000,007,423 | ---- | C] () -- D:\WINDOWS\System32\WUSB54GSv2.cat
[2010/09/12 22:22:24 | 000,007,419 | ---- | C] () -- D:\WINDOWS\System32\WUSB54GS.cat
[2010/09/12 22:22:23 | 000,651,264 | ---- | C] () -- D:\WINDOWS\System32\libeay32.dll
[2010/09/12 22:22:23 | 000,147,456 | ---- | C] () -- D:\WINDOWS\System32\ssleay32.dll
[2010/09/12 22:21:45 | 000,001,413 | ---- | C] () -- D:\WINDOWS\System32\WLAN.INI
[2010/09/12 22:18:43 | 000,186,097 | ---- | C] () -- D:\WINDOWS\System32\nvapps.xml
[2010/09/12 22:18:42 | 000,018,070 | ---- | C] () -- D:\WINDOWS\System32\nvdisp.nvu
[2010/09/12 22:15:36 | 000,001,374 | ---- | C] () -- D:\WINDOWS\imsins.BAK
[2010/09/12 22:15:30 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd
[2010/09/12 22:15:30 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf
[2010/09/12 22:15:29 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/09/12 22:15:29 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/09/12 22:15:26 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28603.nls
[2010/09/12 22:15:26 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_28603.nls
[2010/09/12 22:15:24 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28599.nls
[2010/09/12 22:15:24 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_28599.nls
[2010/09/12 22:15:23 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_857.nls
[2010/09/12 22:15:23 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_857.nls
[2010/09/12 22:15:23 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10081.nls
[2010/09/12 22:15:23 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10081.nls
[2010/09/12 22:15:20 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28595.nls
[2010/09/12 22:15:20 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28595.NLS
[2010/09/12 22:15:20 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10017.nls
[2010/09/12 22:15:20 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10017.nls
[2010/09/12 22:15:20 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10007.nls
[2010/09/12 22:15:20 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10007.nls
[2010/09/12 22:15:17 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_875.nls
[2010/09/12 22:15:17 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_875.nls
[2010/09/12 22:15:17 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28597.nls
[2010/09/12 22:15:17 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28597.NLS
[2010/09/12 22:15:17 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10006.nls
[2010/09/12 22:15:17 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10006.nls
[2010/09/12 22:15:16 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_869.nls
[2010/09/12 22:15:16 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_869.nls
[2010/09/12 22:15:16 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_737.nls
[2010/09/12 22:15:16 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_737.nls
[2010/09/12 22:15:14 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_866.nls
[2010/09/12 22:15:14 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_866.nls
[2010/09/12 22:15:14 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_855.nls
[2010/09/12 22:15:14 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_855.nls
[2010/09/12 22:15:14 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28594.nls
[2010/09/12 22:15:14 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28594.NLS
[2010/09/12 22:15:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_852.nls
[2010/09/12 22:15:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_852.nls
[2010/09/12 22:15:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10082.nls
[2010/09/12 22:15:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10082.nls
[2010/09/12 22:15:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10029.nls
[2010/09/12 22:15:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10029.nls
[2010/09/12 22:15:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10010.nls
[2010/09/12 22:15:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10010.nls
[2010/09/12 22:15:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20127.nls
[2010/09/12 22:15:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_20127.nls
[2010/09/12 22:15:04 | 000,001,688 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT
[2010/09/12 22:13:16 | 000,797,189 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/09/12 22:13:16 | 000,399,645 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/09/12 22:13:16 | 000,037,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2010/09/12 22:13:16 | 000,013,472 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/09/12 22:13:16 | 000,008,574 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/09/12 22:13:16 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/09/12 22:13:16 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/09/12 22:13:15 | 001,042,903 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2010/09/12 22:12:49 | 000,003,632 | ---- | C] () -- D:\WINDOWS\System32\nvnrm.nvu
[2010/09/12 22:12:46 | 000,001,348 | R--- | C] () -- D:\WINDOWS\System32\nvsmb.nvu
[2010/09/12 22:12:24 | 000,097,456 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/12 22:11:34 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2010/09/12 22:11:21 | 000,810,056 | R--- | C] () -- D:\WINDOWS\System32\alert.bmp
[2010/09/12 22:11:21 | 000,000,150 | R--- | C] () -- D:\WINDOWS\System32\raidmgmt.ini
[2010/09/12 21:53:45 | 000,613,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/09/12 21:53:45 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/09/12 21:53:45 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/09/12 21:53:45 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/09/12 21:53:45 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/09/12 21:53:45 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/09/12 21:53:45 | 000,086,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/09/12 21:53:45 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/09/12 21:53:45 | 000,067,374 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.adm
[2010/09/12 21:53:45 | 000,023,195 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplay.chm
[2010/09/12 21:53:45 | 000,010,457 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmptour.hta
[2010/09/12 21:53:45 | 000,001,771 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmptour.css
[2010/09/12 21:53:45 | 000,000,855 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/09/12 21:53:45 | 000,000,420 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmploc.js
[2010/09/12 21:53:44 | 000,572,557 | ---- | C] () -- D:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/09/12 21:53:44 | 000,375,519 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/09/12 21:53:44 | 000,354,468 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/09/12 21:53:44 | 000,300,969 | ---- | C] () -- D:\WINDOWS\System32\dllcache\viz.wmv
[2010/09/12 21:53:44 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/09/12 21:53:44 | 000,077,307 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/09/12 21:53:44 | 000,066,725 | ---- | C] () -- D:\WINDOWS\System32\dllcache\revert.wmz
[2010/09/12 21:53:44 | 000,029,070 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmp.inf
[2010/09/12 21:53:44 | 000,023,829 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tourbg.gif
[2010/09/12 21:53:44 | 000,017,489 | ---- | C] () -- D:\WINDOWS\System32\dllcache\videobg.gif
[2010/09/12 21:53:44 | 000,017,272 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmdm.inf
[2010/09/12 21:53:44 | 000,008,677 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm7.gif
[2010/09/12 21:53:44 | 000,007,892 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm9.gif
[2010/09/12 21:53:44 | 000,007,636 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm2.gif
[2010/09/12 21:53:44 | 000,007,369 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm4.gif
[2010/09/12 21:53:44 | 000,006,769 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/09/12 21:53:44 | 000,006,241 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm3.gif
[2010/09/12 21:53:44 | 000,006,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm6.gif
[2010/09/12 21:53:44 | 000,005,789 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm1.gif
[2010/09/12 21:53:44 | 000,005,290 | ---- | C] () -- D:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/09/12 21:53:44 | 000,004,193 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm8.gif
[2010/09/12 21:53:44 | 000,003,187 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tour.js
[2010/09/12 21:53:44 | 000,002,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm5.gif
[2010/09/12 21:53:44 | 000,002,469 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplay.gif
[2010/09/12 21:53:44 | 000,002,450 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpause.gif
[2010/09/12 21:53:44 | 000,002,375 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplayh.gif
[2010/09/12 21:53:44 | 000,002,371 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/09/12 21:53:44 | 000,001,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst6.wpl
[2010/09/12 21:53:44 | 000,001,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst5.wpl
[2010/09/12 21:53:44 | 000,001,474 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst3.wpl
[2010/09/12 21:53:44 | 000,001,451 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst12.wpl
[2010/09/12 21:53:44 | 000,001,448 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst4.wpl
[2010/09/12 21:53:44 | 000,001,398 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taon.gif
[2010/09/12 21:53:44 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taonh.gif
[2010/09/12 21:53:44 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoff.gif
[2010/09/12 21:53:44 | 000,001,367 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoffh.gif
[2010/09/12 21:53:44 | 000,001,250 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst1.wpl
[2010/09/12 21:53:44 | 000,001,148 | ---- | C] () -- D:\WINDOWS\System32\dllcache\snd.htm
[2010/09/12 21:53:44 | 000,001,049 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst2.wpl
[2010/09/12 21:53:44 | 000,001,046 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst7.wpl
[2010/09/12 21:53:44 | 000,001,036 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst8.wpl
[2010/09/12 21:53:44 | 000,000,908 | ---- | C] () -- D:\WINDOWS\System32\dllcache\skins.inf
[2010/09/12 21:53:44 | 000,000,789 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst11.wpl
[2010/09/12 21:53:44 | 000,000,787 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst10.wpl
[2010/09/12 21:53:44 | 000,000,784 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst9.wpl
[2010/09/12 21:53:44 | 000,000,783 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst13.wpl
[2010/09/12 21:53:44 | 000,000,775 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst14.wpl
[2010/09/12 21:53:44 | 000,000,733 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst15.wpl
[2010/09/12 21:53:43 | 000,457,607 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/09/12 21:53:43 | 000,381,425 | ---- | C] () -- D:\WINDOWS\System32\dllcache\copycd.wmv
[2010/09/12 21:53:43 | 000,184,959 | ---- | C] () -- D:\WINDOWS\System32\dllcache\compact.wmz
[2010/09/12 21:53:43 | 000,097,117 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/09/12 21:53:43 | 000,022,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npds.zip
[2010/09/12 21:53:43 | 000,018,286 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/09/12 21:53:43 | 000,009,585 | ---- | C] () -- D:\WINDOWS\System32\dllcache\controls.css
[2010/09/12 21:53:43 | 000,008,298 | ---- | C] () -- D:\WINDOWS\System32\dllcache\contents.htm
[2010/09/12 21:53:43 | 000,006,878 | ---- | C] () -- D:\WINDOWS\System32\dllcache\controls.js
[2010/09/12 21:53:43 | 000,005,971 | ---- | C] () -- D:\WINDOWS\System32\dllcache\events.js
[2010/09/12 21:53:43 | 000,002,778 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/09/12 21:53:43 | 000,002,545 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogo.gif
[2010/09/12 21:53:43 | 000,001,885 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/09/12 21:53:43 | 000,000,999 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bktrh.gif
[2010/09/12 21:53:43 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnth.gif
[2010/09/12 21:53:43 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnt.gif
[2010/09/12 21:53:43 | 000,000,772 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cntd.gif
[2010/09/12 21:53:43 | 000,000,760 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapph.gif
[2010/09/12 21:53:43 | 000,000,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapp.gif
[2010/09/12 21:53:43 | 000,000,403 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/09/12 21:50:56 | 000,129,045 | ---- | C] () -- D:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/09/12 21:50:56 | 000,064,352 | ---- | C] () -- D:\WINDOWS\System32\drivers\ativmc20.cod
[2010/09/12 21:50:55 | 000,067,866 | ---- | C] () -- D:\WINDOWS\System32\drivers\netwlan5.img
[2010/09/12 21:46:34 | 000,019,280 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2010/09/12 21:46:32 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys
[2010/09/12 21:46:24 | 000,005,824 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/09/12 21:42:14 | 000,000,079 | ---- | C] () -- D:\Documents and Settings\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/12 21:42:06 | 000,000,815 | ---- | C] () -- D:\Documents and Settings\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/12 21:41:50 | 000,001,024 | -H-- | C] () -- D:\Documents and Settings\Paul\ntuser.dat.LOG
[2010/09/12 21:41:50 | 000,000,178 | -HS- | C] () -- D:\Documents and Settings\Paul\ntuser.ini
[2010/09/12 21:41:49 | 001,048,576 | -H-- | C] () -- D:\Documents and Settings\Paul\NTUSER.DAT
[2010/09/12 21:40:54 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2010/09/12 21:40:05 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2010/09/12 21:38:43 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls
[2010/09/12 21:38:43 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls
[2010/09/12 21:38:42 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls
[2010/09/12 21:38:42 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls
[2010/09/12 21:38:42 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls
[2010/09/12 21:38:42 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls
[2010/09/12 21:38:42 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls
[2010/09/12 21:38:42 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls
[2010/09/12 21:38:41 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls
[2010/09/12 21:38:40 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls
[2010/09/12 21:38:39 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls
[2010/09/12 21:38:39 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls
[2010/09/12 21:38:39 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls
[2010/09/12 21:38:39 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls
[2010/09/12 21:38:39 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls
[2010/09/12 21:38:39 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls
[2010/09/12 21:38:39 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls
[2010/09/12 21:38:38 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls
[2010/09/12 21:38:37 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls
[2010/09/12 21:38:37 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls
[2010/09/12 21:38:37 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls
[2010/09/12 21:38:37 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls
[2010/09/12 21:38:37 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls
[2010/09/12 21:37:51 | 000,002,577 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT
[2010/09/12 21:37:42 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2010/09/12 21:37:42 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2010/09/12 21:37:41 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2010/09/12 21:36:48 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/12 21:36:48 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/12 21:36:43 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/12 21:36:25 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex
[2010/09/12 21:35:38 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2010/09/12 21:35:38 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2010/09/12 21:35:28 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf
[2010/09/12 21:33:59 | 000,021,640 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010/09/12 21:33:12 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Santa Fe Stucco.bmp
[2010/09/12 21:33:12 | 000,026,680 | ---- | C] () -- D:\WINDOWS\River Sumida.bmp
[2010/09/12 21:33:12 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rhododendron.bmp
[2010/09/12 21:33:12 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Zapotec.bmp
[2010/09/12 21:33:11 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Soap Bubbles.bmp
[2010/09/12 21:33:11 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Prairie Wind.bmp
[2010/09/12 21:33:11 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Greenstone.bmp
[2010/09/12 21:33:11 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Gone Fishing.bmp
[2010/09/12 21:33:11 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Coffee Bean.bmp
[2010/09/12 21:33:11 | 000,016,730 | ---- | C] () -- D:\WINDOWS\FeatherTexture.bmp
[2010/09/12 21:33:11 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Blue Lace 16.bmp
[2010/09/12 21:33:10 | 000,093,702 | ---- | C] () -- D:\WINDOWS\System32\subrange.uce
[2010/09/12 21:33:10 | 000,060,458 | ---- | C] () -- D:\WINDOWS\System32\ideograf.uce
[2010/09/12 21:33:10 | 000,024,006 | ---- | C] () -- D:\WINDOWS\System32\gb2312.uce
[2010/09/12 21:33:10 | 000,022,984 | ---- | C] () -- D:\WINDOWS\System32\bopomofo.uce
[2010/09/12 21:33:10 | 000,016,740 | ---- | C] () -- D:\WINDOWS\System32\shiftjis.uce
[2010/09/12 21:33:10 | 000,012,876 | ---- | C] () -- D:\WINDOWS\System32\korean.uce
[2010/09/12 21:33:10 | 000,008,484 | ---- | C] () -- D:\WINDOWS\System32\kanji_2.uce
[2010/09/12 21:33:10 | 000,006,948 | ---- | C] () -- D:\WINDOWS\System32\kanji_1.uce
[2010/09/12 21:33:08 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2010/09/12 21:33:08 | 000,001,161 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2010/09/12 21:33:06 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2010/09/12 21:32:59 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc
[2008/05/16 14:01:00 | 001,703,936 | ---- | C] () -- D:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 14:01:00 | 001,486,848 | ---- | C] () -- D:\WINDOWS\System32\nview.dll
[2008/05/16 14:01:00 | 001,019,904 | ---- | C] () -- D:\WINDOWS\System32\nvwimg.dll
[2008/05/16 14:01:00 | 000,466,944 | ---- | C] () -- D:\WINDOWS\System32\nvshell.dll
[2008/05/16 14:01:00 | 000,286,720 | ---- | C] () -- D:\WINDOWS\System32\nvnt4cpl.dll
========== LOP Check ========== [2010/09/12 23:00:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\avg9
[2010/09/13 21:12:28 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2010/09/13 21:11:36 | 1610,612,736 | -HS- | M] () -- D:\pagefile.sys
[2010/09/13 21:11:50 | 000,002,812 | ---- | M] () -- D:\SMax.log
[2010/09/12 22:14:52 | 000,002,812 | ---- | M] () -- D:\SMax.log.bak
< %systemroot%\Fonts\*.com > < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >[2010/09/12 21:37:23 | 000,000,067 | -HS- | M] () -- D:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav >[2010/09/12 22:11:36 | 000,094,208 | ---- | M] () -- D:\WINDOWS\system32\config\default.sav
[2010/09/12 22:11:36 | 000,659,456 | ---- | M] () -- D:\WINDOWS\system32\config\software.sav
[2010/09/12 22:11:36 | 000,917,504 | ---- | M] () -- D:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[2010/09/12 21:54:00 | 000,000,272 | -HS- | M] () -- D:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %PROGRAMFILES%\Internet Explorer\*.dat > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[2010/09/12 21:59:35 | 000,000,119 | -HS- | M] () -- D:\Documents and Settings\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2010/09/12 21:42:14 | 000,000,079 | ---- | M] () -- D:\Documents and Settings\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >[2010/09/12 23:15:53 | 000,050,688 | ---- | M] (Atribune.org) -- D:\Documents and Settings\Paul\Desktop\ATF_Cleaner.exe
[2010/09/12 23:34:56 | 044,089,904 | ---- | M] () -- D:\Documents and Settings\Paul\Desktop\avira_antivir_personal_en.exe
[2010/09/12 23:11:59 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- D:\Documents and Settings\Paul\Desktop\HJTInstall.exe
[2010/09/12 23:17:02 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- D:\Documents and Settings\Paul\Desktop\mbam-setup.exe
[2010/09/13 21:15:06 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Paul\Desktop\OTL.exe
[2010/09/12 22:54:58 | 006,275,448 | ---- | M] (Microsoft Corporation) -- D:\Documents and Settings\Paul\Desktop\Silverlight.exe
[2010/09/12 23:39:19 | 000,446,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Paul\Desktop\TFC.exe
< %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src > < %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32\test\*.* > < %systemroot%\system32\Rundll32\*.* > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-13 02:07:11
< End of report >