Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Repost to Gary R.AVG Free Finds/Secures/And Then Finds Again

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Gary R » July 5th, 2013, 12:49 pm

I think your profile folder for firefox may be corrupted, and needs to be removed. It's not usually removed when you uninstall Firefox, so that it can be used by any new Firefox installation. Unfortunately this will also remove all your bookmarks and other personal settings.

To do this, follow the instructions for uninstalling Firefox on the following page ... https://support.mozilla.org/en-US/kb/un ... r-computer ... paying particular attention to the section that says ...

If you want to remove your Firefox user data and settings, put a check mark in the box that says Remove my Firefox personal data and customizations. If you select this option, Firefox will not preserve your bookmarks, saved passwords, and other data if it is installed again.


Also delete ... C:\Program Files\Mozilla Firefox

Reboot your computer

Now install the latest version of Firefox.

Let me know if this resolves your problems with Firefox.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 5th, 2013, 3:29 pm

Gary...I did a CLEAN uninstall, deleted "C:\Program Files\Mozilla Firefox" and rebooted. I then reinstalled Firefox 22. I had originally installed Firefox 17.0.1 because my Real Player Downloader plugin would not work with the newer versions and I guess my Firefox maintenance or auto update installed 22.0. So far---so good!!
BTW: Another problem I had was when typing a letter in Hotmail....the cursor would jump from where I was typing to the middle of a previous sentence. That made a real mess out of my letters....lol. I realize that I may have to reinstall some plugins but getting past the p.i.t.a. I was having is worth it. I will return in a few days...or less...if the problem persists.
Thank you again....Steve
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Gary R » July 5th, 2013, 4:07 pm

Try accessing Hotmail using Internet Explorer, and see if the problem is still present. It may be site specific rather than browser specific, if it's site specific then there's nothing I can do to help, if it only occurs with Firefox, then at least we know that that's where the problem lies.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 8th, 2013, 11:21 pm

It is happening on all sites. As a matter of fact....as I type this...the screen scrolled to the top of the page. It also does that on Facebook. This is a laptop...and I use a wireless mouse...Could it be that my touch pad is stuck in a way as to affect this?
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Gary R » July 9th, 2013, 1:19 am

Is it happening with both IE and Firefox, or just with Firefox ?
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 11th, 2013, 1:32 pm

Sorry again...Crystal Broadband just got my Internet connection back on. More off than on. The jumping around....It is happening on both Firefox and I.E. Darn!! The cursor just jumped to the middle of the last sentence and jumbled it completely. What the heck?...Really never seen this before.
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Gary R » July 11th, 2013, 4:30 pm

Please run a new scan with OTL and post me the OTL.txt log please.

Next

Please download MiniToolBox to your Desktop.

  • Double click MiniToolBox.exe to launch the program.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer Errors
    • List Users Partitions and Memory size.
    • List Minidump Files
  • Click Go to start the scan.
  • When finished a log Result.txt will open.
  • Please post it in your next reply.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 11th, 2013, 4:53 pm

I admire your persistence, Gary. We have that in common. Thank you!!
MiniToolBox by Farbar Version: 16-06-2013
Ran by Administrator (administrator) on 11-07-2013 at 16:49:26
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection 2 (Connected)
Dell Wireless 1350 WLAN Mini-PCI Card = Wireless Network Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : stephen

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-11-43-6B-CF-A3

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.130.20

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.130.1

DHCP Server . . . . . . . . . . . : 192.168.130.1

DNS Servers . . . . . . . . . . . : 12.127.17.71

12.127.16.67

Lease Obtained. . . . . . . . . . : Thursday, July 11, 2013 1:47:59 PM

Lease Expires . . . . . . . . . . : Friday, July 12, 2013 1:47:59 PM



Ethernet adapter Wireless Network Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Dell Wireless 1350 WLAN Mini-PCI Card

Physical Address. . . . . . . . . : 00-0B-7D-15-4E-9E

Server: dns-rs1.bgtmo.ip.att.net
Address: 12.127.17.71

Name: google.com
Addresses: 74.125.227.103, 74.125.227.104, 74.125.227.105, 74.125.227.110
74.125.227.96, 74.125.227.97, 74.125.227.98, 74.125.227.99, 74.125.227.100
74.125.227.101, 74.125.227.102



Pinging google.com [74.125.227.14] with 32 bytes of data:



Reply from 74.125.227.14: bytes=32 time=54ms TTL=53

Reply from 74.125.227.14: bytes=32 time=49ms TTL=53



Ping statistics for 74.125.227.14:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 49ms, Maximum = 54ms, Average = 51ms

Server: dns-rs1.bgtmo.ip.att.net
Address: 12.127.17.71

Name: yahoo.com
Addresses: 206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=49ms TTL=48

Reply from 98.139.183.24: bytes=32 time=68ms TTL=48



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 49ms, Maximum = 68ms, Average = 58ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 43 6b cf a3 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 0b 7d 15 4e 9e ...... Dell Wireless 1350 WLAN Mini-PCI Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.130.1 192.168.130.20 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.130.0 255.255.255.0 192.168.130.20 192.168.130.20 20
192.168.130.20 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.130.255 255.255.255.255 192.168.130.20 192.168.130.20 20
224.0.0.0 240.0.0.0 192.168.130.20 192.168.130.20 20
255.255.255.255 255.255.255.255 192.168.130.20 3 1
255.255.255.255 255.255.255.255 192.168.130.20 192.168.130.20 1
Default Gateway: 192.168.130.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/11/2013 11:30:40 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe . Error code = 0x80070020

Error: (07/10/2013 07:34:18 PM) (Source: Application Hang) (User: )
Description: Hanging application StreamTorrent.exe, version 1.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/09/2013 01:34:47 PM) (Source: Application Hang) (User: )
Description: Hanging application AcroRd32.exe, version 11.0.3.37, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/09/2013 00:06:11 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/08/2013 00:37:42 PM) (Source: Application Hang) (User: )
Description: Fault bucket -637767468.

Error: (07/08/2013 00:36:47 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 22.0.0.4917, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/08/2013 10:39:58 AM) (Source: ESENT) (User: )
Description: SearchIndexer (3500) An attempt to delete the file "C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS004BD.log" failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (06/28/2013 01:40:42 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MY DOCUMENTS\DOWNLOADS\OFFICE2003-KB980373-FULLFILE-ENU.EXE> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/25/2013 01:31:52 PM) (Source: Application Hang) (User: )
Description: Hanging application psi.exe, version 3.0.0.7009, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/25/2013 00:37:15 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


System errors:
=============
Error: (07/11/2013 01:58:38 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.

Error: (07/11/2013 01:55:30 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error:
%%1053

Error: (07/11/2013 01:55:29 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

Error: (07/11/2013 01:54:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (07/11/2013 01:53:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (07/11/2013 01:53:05 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Windows Search service to connect.

Error: (07/11/2013 01:53:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service failed to start due to the following error:
%%1053

Error: (07/11/2013 01:53:05 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Windows Image Acquisition (WIA) service to connect.

Error: (07/11/2013 11:40:43 AM) (Source: Service Control Manager) (User: )
Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).

Error: (07/11/2013 11:40:26 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater15.3.0 service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (07/11/2013 11:30:40 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe . Error code = 0x80070020
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe

Error: (07/10/2013 07:34:18 PM) (Source: Application Hang)(User: )
Description: StreamTorrent.exe1.0.0.1hungapp0.0.0.000000000

Error: (07/09/2013 01:34:47 PM) (Source: Application Hang)(User: )
Description: AcroRd32.exe11.0.3.37hungapp0.0.0.000000000

Error: (07/09/2013 00:06:11 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (07/08/2013 00:37:42 PM) (Source: Application Hang)(User: )
Description: -637767468

Error: (07/08/2013 00:36:47 PM) (Source: Application Hang)(User: )
Description: firefox.exe22.0.0.4917hungapp0.0.0.000000000

Error: (07/08/2013 10:39:58 AM) (Source: ESENT)(User: )
Description: SearchIndexer3500C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS004BD.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (06/28/2013 01:40:42 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MY DOCUMENTS\DOWNLOADS\OFFICE2003-KB980373-FULLFILE-ENU.EXE

Error: (06/25/2013 01:31:52 PM) (Source: Application Hang)(User: )
Description: psi.exe3.0.0.7009hungapp0.0.0.000000000

Error: (06/25/2013 00:37:15 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


========================= Memory info: ===================================

Percentage of memory in use: 87%
Total physical RAM: 1278.33 MB
Available physical RAM: 164.3 MB
Total Pagefile: 3052.89 MB
Available Pagefile: 2122.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.1 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:27.94 GB) (Free:14.63 GB) NTFS

========================= Users: ========================================

User accounts for \\STEPHEN

Administrator Guest HelpAssistant
SUPPORT_388945a0


**** End of log ****
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Gary R » July 12th, 2013, 1:18 am

You didn't run the OTL scan I asked for, please run a scan using the instructions below and post me the logs.

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 12th, 2013, 6:56 am

OTL logfile created on: 7/12/2013 6:00:13 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.65 Gb Available Physical Memory | 52.40% Memory free
2.98 Gb Paging File | 2.43 Gb Available in Paging File | 81.50% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.94 Gb Total Space | 14.20 Gb Free Space | 50.84% Space Free | Partition Type: NTFS

Computer Name: STEPHEN | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/12 05:55:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2013/07/06 22:40:30 | 002,236,080 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/07/04 00:53:03 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/06/26 11:31:02 | 000,152,240 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
PRC - [2013/06/21 11:45:27 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/04/26 18:24:42 | 000,423,144 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/04/10 11:07:36 | 001,428,472 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/04/04 03:15:08 | 001,117,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/03/28 02:48:36 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/03/18 02:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2013/02/19 04:00:58 | 000,448,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/06 22:40:30 | 002,236,080 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/06/26 11:31:17 | 000,145,072 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\SiteSafety.dll
MOD - [2013/06/26 11:31:16 | 000,521,392 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\log4cplusU.dll
MOD - [2013/06/26 11:31:02 | 000,152,240 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
MOD - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2012/12/09 21:46:38 | 000,600,868 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2005/12/19 09:08:16 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/06/26 11:31:07 | 001,598,128 | ---- | M] (AVG Secure Search) [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe -- (vToolbarUpdater15.3.0)
SRV - [2013/06/21 11:45:27 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/19 16:33:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/04/10 11:07:36 | 001,428,472 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/06/26 11:31:18 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2011/08/09 17:33:58 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/12/18 10:00:14 | 000,424,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
DRV - [2003/09/26 10:41:10 | 000,044,032 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2003/08/29 04:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1004336348-1708537768-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bennettenterprises.us/
IE - HKU\S-1-5-21-1004336348-1708537768-839522115-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1004336348-1708537768-839522115-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1004336348-1708537768-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1373211876&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1"
FF - prefs.js..extensions.enabledAddons: yesscript%40userstyles.org:1.9.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\15.3.0.11 [2013/06/26 11:32:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013/06/28 14:17:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/04 00:58:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/04 00:58:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/11 14:16:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/07/05 15:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2013/07/11 15:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mas5fdvc.default-1373211752729\extensions
[2013/07/11 15:49:39 | 000,053,101 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mas5fdvc.default-1373211752729\extensions\yesscript@userstyles.org.xpi
[2013/07/07 13:43:54 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mas5fdvc.default-1373211752729\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/07/11 14:16:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/07/06 10:38:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/06 10:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/06 10:38:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/06 10:41:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/11/29 04:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/29 04:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/06/26 11:32:58 | 000,003,724 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml
[2012/11/29 04:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/07/01 10:48:23 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKU\S-1-5-21-1004336348-1708537768-839522115-500..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-1708537768-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 1561544293 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 2180462955 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 12.127.17.71 12.127.16.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E016FA6-BD3C-4881-993B-B4A14B29EF9D}: DhcpNameServer = 12.127.17.71 12.127.16.67
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/06/17 15:24:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/12 05:55:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/07/11 20:28:56 | 000,000,000 | R-SD | C] -- C:\Documents and Settings\Administrator\My Documents\My Stationery
[2013/07/11 19:51:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/07/11 19:51:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/07/11 19:25:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Tracing
[2013/07/11 19:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/07/11 18:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2013/07/11 18:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2013/07/11 18:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2013/07/11 18:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Live
[2013/07/11 18:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/07/11 16:45:26 | 000,760,775 | ---- | C] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\MiniToolBox.exe
[2013/07/11 14:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2013/07/11 10:55:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/10 19:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\New Folder (2)
[2013/07/10 19:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\StreamTorrent 1.0
[2013/07/10 19:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\StreamTorrent 1.0
[2013/07/10 19:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2013/07/10 19:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\SopCast
[2013/07/10 14:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/07/09 17:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2013/07/09 13:05:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2013/07/07 12:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVG
[2013/07/07 11:42:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Old Firefox Data
[2013/07/07 11:39:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/07/06 23:17:17 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/07/06 22:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2013/07/06 21:02:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2013/07/06 10:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/07/06 08:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2013/07/06 00:50:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
[2013/07/06 00:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2013/07/06 00:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/07/05 19:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\StreamTorrent
[2013/07/04 07:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2013/07/04 01:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\RealNetworks
[2013/07/04 00:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/07/04 00:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013/07/04 00:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/07/04 00:54:17 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/07/04 00:53:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/07/04 00:53:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/07/04 00:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
[2013/07/04 00:53:17 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/07/04 00:50:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Real
[2013/07/03 19:06:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\ide-sata photos
[2013/06/28 18:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\New Folder (3)
[2013/06/28 16:37:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Skype
[2013/06/28 16:36:53 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/06/28 16:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2013/06/28 16:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Received Files
[2013/06/28 16:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Yahoo!
[2013/06/28 15:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2013/06/28 14:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Gretech Corporation
[2013/06/28 14:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers
[2013/06/28 14:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013/06/28 14:17:19 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013/06/28 14:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
[2013/06/28 14:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Help
[2013/06/26 11:32:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013/06/26 10:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2013/06/26 09:32:34 | 000,017,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2013/06/26 09:32:33 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2013/06/25 18:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\GRETECH
[2013/06/25 18:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2013/06/25 15:56:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\XP RESTORE CLONE
[2013/06/25 15:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
[2013/06/25 14:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2013/06/25 14:52:19 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/06/25 14:52:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2013/06/25 14:50:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/06/25 14:49:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple
[2013/06/25 14:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013/06/25 14:49:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2013/06/25 14:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2013/06/25 10:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\FIX IT
[2013/06/25 09:59:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/06/24 16:16:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2013/06/24 16:16:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2013/06/24 16:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2013/06/24 16:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2013/06/24 16:14:13 | 000,118,272 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpz3l5mu.dll
[2013/06/24 16:13:48 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013/06/24 16:12:40 | 000,271,704 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2013/06/24 16:12:32 | 000,729,088 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax7.dll
[2013/06/24 16:12:32 | 000,581,632 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl6.dll
[2013/06/24 16:12:32 | 000,372,736 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
[2013/06/24 16:12:32 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2013/06/24 16:12:32 | 000,303,104 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst15.dll
[2013/06/24 14:49:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory
[2013/06/24 14:27:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2013/06/24 14:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013/06/24 14:27:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2013/06/24 14:26:56 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013/06/24 13:53:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2013/06/24 11:17:11 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2013/06/24 10:46:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2013/06/24 10:45:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2013/06/24 10:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2013/06/24 10:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2013/06/24 10:43:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/06/24 10:42:10 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2013/06/24 10:42:09 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2013/06/24 10:42:07 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2013/06/24 10:41:38 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013/06/24 10:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2013/06/24 10:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013/06/24 10:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013/06/24 10:33:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2013/06/21 12:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun
[2013/06/21 12:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013/06/21 11:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2013/06/21 11:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/06/21 11:46:17 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/21 11:46:17 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/21 11:46:16 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/21 11:46:16 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/21 11:46:06 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/21 11:46:06 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/21 11:46:05 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/21 11:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/06/21 11:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2013/06/20 20:58:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/06/20 20:58:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/06/20 20:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/06/20 20:08:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PCHealth
[2013/06/20 15:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities
[2013/06/20 12:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\2CoastPlain RPO Meetings-Posts_files
[2013/06/19 19:00:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\CP-RPO Stuff
[2013/06/19 18:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\ART From Publisher 97
[2013/06/19 18:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2013/06/19 18:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2013/06/19 18:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/06/19 18:40:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2013/06/19 18:34:58 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/06/19 16:07:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDVideoSoft
[2013/06/19 16:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft
[2013/06/19 15:44:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/06/19 15:18:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/06/19 15:05:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/06/19 15:00:27 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2013/06/19 15:00:26 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013/06/19 15:00:26 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2013/06/19 15:00:25 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013/06/19 15:00:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2013/06/19 15:00:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013/06/19 14:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/06/19 14:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/06/19 14:45:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2013/06/19 12:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Deployment
[2013/06/19 12:30:25 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/06/19 12:27:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013/06/19 12:20:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TVU Networks
[2013/06/19 12:20:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\TVU Networks
[2013/06/19 11:59:23 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2013/06/19 11:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2013/06/19 11:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/06/19 11:44:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MiniDVDSoft
[2013/06/19 11:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Free ISO Creator
[2013/06/19 11:39:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
[2013/06/19 11:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2013/06/19 11:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
[2013/06/19 11:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinRAR
[2013/06/19 11:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/06/19 11:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/06/19 11:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ISOpen
[2013/06/19 11:10:23 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTL32.OCX
[2013/06/19 11:10:23 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2013/06/19 11:10:23 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msinet.OCX
[2013/06/19 11:10:23 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL
[2013/06/19 11:10:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL
[2013/06/19 11:10:22 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\SSubTmr6.dll
[2013/06/19 11:10:22 | 000,024,626 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrrnfr.dll
[2013/06/19 11:10:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTFR.DLL
[2013/06/19 11:10:18 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2013/06/19 11:10:18 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2013/06/19 11:10:18 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscc2fr.dll
[2013/06/19 11:10:15 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2013/06/19 11:10:15 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2013/06/19 11:10:15 | 000,028,672 | ---- | C] (Microsoft Corporation ) -- C:\WINDOWS\System32\CMCT3FR.DLL
[2013/06/19 11:10:09 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2013/06/19 11:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\ISOpen
[2013/06/19 11:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies
[2013/06/19 11:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Active@ ISO Burner
[2013/06/19 09:48:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2013/06/18 20:12:58 | 000,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2013/06/18 19:52:35 | 000,347,440 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit-portable.exe
[2013/06/18 19:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Tar River Transit Ltr and Env
[2013/06/18 19:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Manuals
[2013/06/18 19:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Retired Army sergeant looks to restore NC town - SFGate_files
[2013/06/18 19:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/06/18 19:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2013/06/18 19:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Desktop Photos
[2013/06/18 19:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Bennett Receipt
[2013/06/18 19:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\NCH Software
[2013/06/18 19:14:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Videos
[2013/06/18 19:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2013/06/18 19:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2013/06/18 18:57:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2013/06/18 18:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2013/06/18 18:56:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs
[2013/06/18 18:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2013/06/18 18:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft
[2013/06/18 18:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SlySoft
[2013/06/18 18:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2013/06/18 18:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Related Programs
[2013/06/18 18:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Prism Video Converter
[2013/06/18 18:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2013/06/18 18:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GOM Player
[2013/06/18 18:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2013/06/18 18:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Secunia PSI
[2013/06/18 18:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\LocalLow
[2013/06/18 18:12:50 | 000,098,304 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\xp_remove_hotfix_backup.exe
[2013/06/18 18:12:07 | 000,078,160 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Desktop\AutoFix.exe
[2013/06/18 18:12:07 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Administrator\Desktop\ATF-Cleaner.exe
[2013/06/18 17:58:33 | 000,967,680 | ---- | C] (Aporah - http://aporah.com) -- C:\Documents and Settings\Administrator\Desktop\CPP-ProductKeyFinder.exe
[2013/06/18 17:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Xvid
[2013/06/18 17:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2013/06/18 12:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2013/06/18 12:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2013/06/18 12:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2013/06/18 12:52:51 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/18 12:52:51 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/18 12:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2013/06/18 12:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2013/06/18 12:47:37 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/06/18 12:33:40 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2013/06/18 12:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2013/06/18 11:41:05 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/06/18 11:38:41 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/06/18 11:38:41 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013/06/18 11:37:12 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2013/06/18 11:35:30 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013/06/18 11:23:32 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013/06/18 11:23:23 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013/06/18 11:22:54 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2013/06/18 11:18:06 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2013/06/18 11:17:39 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013/06/18 11:17:31 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2013/06/18 11:16:58 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2013/06/18 11:16:57 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2013/06/18 11:16:27 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2013/06/18 11:15:06 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2013/06/18 11:14:15 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013/06/18 11:10:14 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2013/06/18 11:10:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2013/06/18 11:04:36 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2013/06/18 11:04:33 | 002,149,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/06/18 11:04:31 | 002,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/06/18 11:04:29 | 002,028,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/06/18 11:03:50 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2013/06/18 11:02:56 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2013/06/18 11:02:50 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2013/06/18 11:01:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013/06/18 11:00:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/06/18 10:51:25 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2013/06/18 10:51:25 | 000,022,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2013/06/18 10:51:22 | 000,015,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2013/06/18 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/06/18 10:50:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2013/06/18 10:49:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2013/06/18 10:48:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2013/06/18 10:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/06/18 10:48:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2013/06/18 10:48:50 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2013/06/18 10:48:49 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2013/06/18 10:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2013/06/18 10:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/18 10:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/06/18 10:47:13 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/06/18 10:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/06/18 10:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVG2013
[2013/06/18 10:37:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG SafeGuard toolbar
[2013/06/18 10:37:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
[2013/06/18 10:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/06/18 10:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVG SafeGuard toolbar
[2013/06/18 10:37:10 | 000,037,664 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/06/18 10:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2013/06/18 10:35:26 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/06/18 10:35:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/06/18 10:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/06/18 10:31:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/06/18 10:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/06/18 10:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData
[2013/06/18 10:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg2013
[2013/06/18 10:30:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/06/18 10:24:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/06/18 10:23:57 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/06/18 10:23:56 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/06/18 10:23:56 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/06/18 10:23:55 | 002,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/06/18 10:23:48 | 011,112,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/06/18 10:22:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2013/06/18 10:17:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/06/18 10:16:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/06/18 10:13:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/18 09:55:51 | 001,371,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2013/06/18 09:55:51 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2013/06/18 09:55:51 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2013/06/18 09:55:44 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2013/06/18 09:55:43 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2013/06/18 09:55:42 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2013/06/18 09:55:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2013/06/18 09:55:27 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2013/06/18 09:55:23 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2013/06/18 09:55:23 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013/06/18 09:55:23 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013/06/18 09:55:23 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013/06/18 09:55:23 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2013/06/18 09:55:23 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013/06/18 09:55:23 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2013/06/18 09:55:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013/06/18 09:55:23 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013/06/18 09:55:23 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013/06/18 09:55:23 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013/06/18 09:55:22 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2013/06/18 09:55:22 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2013/06/18 09:55:22 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2013/06/18 09:55:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2013/06/18 09:55:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2013/06/18 09:55:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2013/06/18 09:55:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013/06/18 09:55:21 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2013/06/18 09:55:21 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2013/06/18 09:55:21 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2013/06/18 09:55:21 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2013/06/18 09:55:21 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013/06/18 09:55:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2013/06/18 09:55:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2013/06/18 09:55:19 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2013/06/18 09:55:19 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013/06/18 09:55:19 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2013/06/18 09:55:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2013/06/18 09:55:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2013/06/18 09:55:18 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013/06/18 09:55:18 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 12th, 2013, 6:57 am

[2013/06/18 09:55:18 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2013/06/18 09:55:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2013/06/18 09:55:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2013/06/18 09:55:18 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2013/06/18 09:55:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2013/06/18 09:55:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2013/06/18 09:55:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2013/06/18 09:55:17 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013/06/18 09:55:17 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2013/06/18 09:55:16 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013/06/18 09:55:16 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013/06/18 09:55:16 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013/06/18 09:55:16 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013/06/18 09:55:16 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2013/06/18 09:55:16 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013/06/18 09:55:16 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013/06/18 09:55:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2013/06/18 09:55:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013/06/18 09:55:16 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013/06/18 09:55:16 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2013/06/18 09:55:15 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2013/06/18 09:55:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013/06/18 09:55:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2013/06/18 09:55:14 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2013/06/18 09:55:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2013/06/18 09:55:12 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013/06/18 09:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2013/06/18 09:55:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/06/18 09:55:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/06/18 09:55:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/06/18 09:55:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/06/18 09:52:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/06/18 09:51:53 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2013/06/18 09:49:11 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013/06/18 09:49:11 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013/06/18 09:49:11 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013/06/18 09:49:11 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013/06/18 09:49:11 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013/06/18 09:49:11 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013/06/18 09:49:11 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013/06/18 09:49:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/06/18 09:49:10 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013/06/18 09:49:10 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013/06/18 09:49:10 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013/06/18 09:49:10 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013/06/18 09:49:10 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013/06/18 09:49:10 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013/06/18 09:49:10 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013/06/18 09:49:10 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013/06/18 09:49:10 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013/06/18 09:49:10 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013/06/18 09:49:10 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013/06/18 09:49:09 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2013/06/18 09:49:09 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013/06/18 09:49:09 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013/06/18 09:49:09 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013/06/18 09:49:09 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013/06/18 09:49:09 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013/06/18 09:49:09 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013/06/18 09:49:09 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013/06/18 09:49:09 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013/06/18 09:49:09 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013/06/18 09:49:09 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013/06/18 09:49:09 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013/06/18 09:49:09 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013/06/18 09:49:09 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013/06/18 09:49:09 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013/06/18 09:49:09 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013/06/18 09:49:08 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2013/06/18 09:49:08 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013/06/18 09:49:06 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013/06/18 09:49:06 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013/06/18 09:49:06 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013/06/18 09:49:06 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013/06/18 09:49:06 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013/06/18 09:49:05 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013/06/18 09:49:05 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013/06/18 09:49:05 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013/06/18 09:49:05 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013/06/18 09:49:05 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013/06/18 09:49:05 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013/06/18 09:49:04 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013/06/18 09:49:04 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013/06/18 09:49:04 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013/06/18 09:49:04 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013/06/18 09:49:04 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013/06/18 09:49:04 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013/06/18 09:49:04 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013/06/18 09:49:04 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013/06/18 09:49:04 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013/06/18 09:49:04 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2013/06/18 09:46:32 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013/06/18 09:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
[2013/06/18 09:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2013/06/18 09:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/06/18 09:23:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\New Folder
[2013/06/18 09:23:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\DOWNLOADS
[2013/06/18 09:18:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\UserData
[2013/06/18 09:15:54 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2013/06/17 15:50:44 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013/06/17 15:50:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2013/06/17 15:50:43 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2013/06/17 15:50:43 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013/06/17 15:50:40 | 000,264,440 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\stac97.sys
[2013/06/17 15:50:40 | 000,102,481 | ---- | C] (SigmaTel Inc.) -- C:\WINDOWS\System32\stac97.cpl
[2013/06/17 15:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2013/06/17 15:50:02 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013/06/17 15:49:39 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2013/06/17 15:49:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2013/06/17 15:46:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Wireless
[2013/06/17 15:40:10 | 000,053,248 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\oemdspif.dll
[2013/06/17 15:40:08 | 002,310,144 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2013/06/17 15:40:08 | 000,524,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2013/06/17 15:40:08 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2013/06/17 15:40:08 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2013/06/17 15:40:08 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2013/06/17 15:40:08 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2013/06/17 15:40:08 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2013/06/17 15:40:08 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2013/06/17 15:40:08 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2013/06/17 15:40:08 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2013/06/17 15:40:08 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2013/06/17 15:40:08 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2013/06/17 15:40:08 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2013/06/17 15:40:08 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2013/06/17 15:40:08 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2013/06/17 15:40:08 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2013/06/17 15:40:08 | 000,114,688 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe
[2013/06/17 15:40:08 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2013/06/17 15:40:08 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2013/06/17 15:40:08 | 000,057,344 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2013/06/17 15:40:07 | 001,503,232 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2013/06/17 15:40:07 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2013/06/17 15:40:07 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2013/06/17 15:40:07 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2013/06/17 15:40:07 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2013/06/17 15:40:07 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2013/06/17 15:40:07 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2013/06/17 15:40:07 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2013/06/17 15:40:07 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2013/06/17 15:40:07 | 000,086,016 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2013/06/17 15:40:07 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2013/06/17 15:40:07 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2013/06/17 15:40:07 | 000,040,960 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2013/06/17 15:40:06 | 000,446,464 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2013/06/17 15:40:06 | 000,114,688 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2013/06/17 15:40:06 | 000,077,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2013/06/17 15:40:06 | 000,049,152 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuTRK.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuTHA.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuSVE.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuRUS.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuPTG.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuPTB.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuPLK.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuNOR.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuNLD.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuKOR.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuJPN.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuITA.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuHUN.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuHEB.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuFRC.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuFRA.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuDAN.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuCSY.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2013/06/17 15:40:06 | 000,040,960 | ---- | C] (Intel(r) Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2013/06/17 15:40:06 | 000,036,990 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2013/06/17 15:40:05 | 000,900,218 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2013/06/17 15:40:05 | 000,213,274 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdev5.dll
[2013/06/17 15:40:05 | 000,118,395 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2013/06/17 15:40:05 | 000,073,728 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2013/06/17 15:40:05 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4363.dll
[2013/06/17 15:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2013/06/17 15:34:56 | 000,667,648 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\BCMLogon.dll
[2013/06/17 15:34:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ATL71.DLL
[2013/06/17 15:34:09 | 000,033,664 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS
[2013/06/17 15:34:05 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.DLL
[2013/06/17 15:34:04 | 000,253,952 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\bcmwlu00.exe
[2013/06/17 15:34:04 | 000,069,632 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\bcmwlpkt.dll
[2013/06/17 15:34:04 | 000,044,032 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\wltrynt.dll
[2013/06/17 15:34:00 | 003,096,576 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\BCMWLCPL.CPL
[2013/06/17 15:33:53 | 002,129,920 | ---- | C] (BCGSoft Ltd) -- C:\WINDOWS\System32\WLBCGCBPRO731.DLL
[2013/06/17 15:33:51 | 000,424,448 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2013/06/17 15:33:50 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2013/06/17 15:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013/06/17 15:32:36 | 000,151,552 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\BCMSMU.exe
[2013/06/17 15:32:36 | 000,122,880 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\BCMSMI32.dll
[2013/06/17 15:32:35 | 001,101,696 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMSM.sys
[2013/06/17 15:32:35 | 000,057,344 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\BCMSMD2K.exe
[2013/06/17 15:32:35 | 000,049,152 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\BCMSM168.dll
[2013/06/17 15:30:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2013/06/17 15:30:49 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2013/06/17 15:30:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2013/06/17 15:30:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2013/06/17 15:30:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2013/06/17 15:30:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2013/06/17 15:30:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2013/06/17 15:30:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2013/06/17 15:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2013/06/17 15:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2013/06/17 15:30:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2013/06/17 15:30:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2013/06/17 15:30:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2013/06/17 15:30:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2013/06/17 15:30:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2013/06/17 15:30:34 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2013/06/17 15:30:34 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2013/06/17 15:30:34 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2013/06/17 15:30:34 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2013/06/17 15:30:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/06/17 15:30:20 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013/06/17 15:30:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2013/06/17 15:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2013/06/17 15:29:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2013/06/17 15:29:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2013/06/17 15:28:36 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2013/06/17 15:28:35 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2013/06/17 15:28:35 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2013/06/17 15:28:35 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2013/06/17 15:28:34 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2013/06/17 15:28:34 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2013/06/17 15:28:33 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013/06/17 15:28:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013/06/17 15:28:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2013/06/17 15:28:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2013/06/17 15:28:30 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2013/06/17 15:28:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2013/06/17 15:28:30 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013/06/17 15:28:30 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2013/06/17 15:28:29 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2013/06/17 15:28:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2013/06/17 15:28:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2013/06/17 15:28:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013/06/17 15:28:24 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2013/06/17 15:28:23 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2013/06/17 15:28:23 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2013/06/17 15:28:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2013/06/17 15:28:22 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013/06/17 15:28:22 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013/06/17 15:28:22 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013/06/17 15:28:21 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013/06/17 15:28:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2013/06/17 15:28:17 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013/06/17 15:28:16 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2013/06/17 15:28:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013/06/17 15:28:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2013/06/17 15:28:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013/06/17 15:28:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2013/06/17 15:28:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013/06/17 15:28:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013/06/17 15:28:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013/06/17 15:28:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013/06/17 15:28:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013/06/17 15:28:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013/06/17 15:28:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013/06/17 15:28:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013/06/17 15:28:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013/06/17 15:28:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013/06/17 15:28:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013/06/17 15:28:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013/06/17 15:28:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013/06/17 15:28:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013/06/17 15:28:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013/06/17 15:28:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013/06/17 15:28:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2013/06/17 15:28:05 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2013/06/17 15:28:04 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/06/17 15:28:04 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/06/17 15:28:02 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2013/06/17 15:28:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2013/06/17 15:28:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013/06/17 15:28:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013/06/17 15:27:59 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2013/06/17 15:27:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013/06/17 15:27:57 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013/06/17 15:27:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013/06/17 15:27:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013/06/17 15:27:56 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2013/06/17 15:27:56 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2013/06/17 15:27:55 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2013/06/17 15:27:55 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2013/06/17 15:27:55 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2013/06/17 15:27:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2013/06/17 15:27:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2013/06/17 15:27:53 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2013/06/17 15:27:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2013/06/17 15:27:53 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2013/06/17 15:27:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2013/06/17 15:27:51 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2013/06/17 15:27:49 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2013/06/17 15:27:47 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2013/06/17 15:27:42 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2013/06/17 15:27:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2013/06/17 15:27:35 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013/06/17 15:27:34 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013/06/17 15:27:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2013/06/17 15:27:33 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2013/06/17 15:27:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2013/06/17 15:27:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2013/06/17 15:27:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2013/06/17 15:27:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2013/06/17 15:27:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2013/06/17 15:27:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013/06/17 15:27:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2013/06/17 15:27:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013/06/17 15:27:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013/06/17 15:27:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013/06/17 15:27:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2013/06/17 15:27:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2013/06/17 15:27:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2013/06/17 15:27:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2013/06/17 15:27:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2013/06/17 15:27:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2013/06/17 15:27:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2013/06/17 15:27:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2013/06/17 15:27:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2013/06/17 15:27:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2013/06/17 15:27:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2013/06/17 15:27:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2013/06/17 15:27:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2013/06/17 15:27:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2013/06/17 15:27:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2013/06/17 15:27:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2013/06/17 15:27:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2013/06/17 15:27:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2013/06/17 15:27:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2013/06/17 15:27:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2013/06/17 15:27:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013/06/17 15:27:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013/06/17 15:27:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2013/06/17 15:27:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2013/06/17 15:27:24 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2013/06/17 15:27:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2013/06/17 15:27:23 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2013/06/17 15:27:22 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2013/06/17 15:27:21 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2013/06/17 15:27:21 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2013/06/17 15:27:21 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2013/06/17 15:27:21 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2013/06/17 15:27:21 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2013/06/17 15:27:21 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2013/06/17 15:27:19 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2013/06/17 15:27:19 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2013/06/17 15:27:19 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2013/06/17 15:27:19 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2013/06/17 15:27:18 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2013/06/17 15:27:18 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2013/06/17 15:27:18 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2013/06/17 15:27:18 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2013/06/17 15:27:18 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2013/06/17 15:27:17 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2013/06/17 15:27:17 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2013/06/17 15:27:17 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2013/06/17 15:27:17 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2013/06/17 15:27:17 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2013/06/17 15:27:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2013/06/17 15:27:17 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2013/06/17 15:27:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2013/06/17 15:27:16 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2013/06/17 15:27:16 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2013/06/17 15:27:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2013/06/17 15:27:11 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2013/06/17 15:27:01 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2013/06/17 15:26:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2013/06/17 15:26:57 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013/06/17 15:26:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013/06/17 15:26:56 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013/06/17 15:26:56 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013/06/17 15:26:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2013/06/17 15:26:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013/06/17 15:26:54 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013/06/17 15:26:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2013/06/17 15:26:52 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013/06/17 15:26:52 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013/06/17 15:26:52 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013/06/17 15:26:52 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013/06/17 15:26:51 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013/06/17 15:26:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2013/06/17 15:26:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013/06/17 15:26:42 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2013/06/17 15:26:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2013/06/17 15:26:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2013/06/17 15:26:42 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2013/06/17 15:26:40 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2013/06/17 15:26:39 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2013/06/17 15:26:39 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2013/06/17 15:26:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2013/06/17 15:26:39 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2013/06/17 15:26:38 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2013/06/17 15:26:37 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2013/06/17 15:26:36 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2013/06/17 15:26:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013/06/17 15:26:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013/06/17 15:26:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013/06/17 15:26:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013/06/17 15:26:35 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/06/17 15:26:34 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013/06/17 15:26:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013/06/17 15:26:28 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2013/06/17 15:26:26 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2013/06/17 15:26:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2013/06/17 15:26:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2013/06/17 15:26:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2013/06/17 15:26:22 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2013/06/17 15:26:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2013/06/17 15:26:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2013/06/17 15:26:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2013/06/17 15:26:08 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2013/06/17 15:26:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2013/06/17 15:26:07 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2013/06/17 15:26:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2013/06/17 15:26:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2013/06/17 15:26:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2013/06/17 15:26:02 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2013/06/17 15:25:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2013/06/17 15:25:57 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2013/06/17 15:25:57 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2013/06/17 15:25:38 | 000,000,000 | ---D | C] -- C:\DELL
[2013/06/17 15:25:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/06/17 15:24:34 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013/06/17 15:23:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013/06/17 15:23:11 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/06/17 15:23:10 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013/06/17 15:22:54 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2013/06/17 15:22:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013/06/17 15:22:02 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013/06/17 15:22:02 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013/06/17 15:22:02 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013/06/17 15:22:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013/06/17 15:22:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013/06/17 15:22:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013/06/17 15:21:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013/06/17 15:21:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013/06/17 15:21:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013/06/17 15:21:51 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013/06/17 15:21:51 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013/06/17 15:21:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2013/06/17 15:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2013/06/17 15:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2013/06/17 15:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2013/06/17 15:21:45 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2013/06/17 15:21:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2013/06/17 15:21:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2013/06/17 15:21:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2013/06/17 15:21:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013/06/17 15:21:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013/06/17 15:21:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013/06/17 15:21:45 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013/06/17 15:21:44 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2013/06/17 15:21:44 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2013/06/17 15:21:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013/06/17 15:21:43 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2013/06/17 15:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013/06/17 15:21:38 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2013/06/17 15:21:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013/06/17 15:21:37 | 001,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2013/06/17 15:21:37 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2013/06/17 15:21:37 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2013/06/17 15:21:36 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2013/06/17 15:21:36 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2013/06/17 15:21:36 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2013/06/17 15:21:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2013/06/17 15:21:36 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2013/06/17 15:21:35 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2013/06/17 15:21:35 | 000,210,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2013/06/17 15:21:35 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2013/06/17 15:21:34 | 001,933,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2013/06/17 15:21:34 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013/06/17 15:21:34 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2013/06/17 15:21:34 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013/06/17 15:21:34 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2013/06/17 15:21:34 | 000,219,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2013/06/17 15:21:34 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013/06/17 15:21:34 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013/06/17 15:21:34 | 000,053,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2013/06/17 15:21:34 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013/06/17 15:21:34 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2013/06/17 15:21:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013/06/17 15:21:33 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013/06/17 15:21:33 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013/06/17 15:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2013/06/17 15:21:24 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013/06/17 15:21:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013/06/17 15:21:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013/06/17 15:21:24 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013/06/17 15:21:18 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013/06/17 15:21:18 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2013/06/17 15:21:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2013/06/17 15:21:17 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013/06/17 15:21:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013/06/17 15:21:16 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013/06/17 15:21:16 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013/06/17 15:21:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013/06/17 15:21:12 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013/06/17 15:21:12 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013/06/17 15:21:12 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2013/06/17 15:21:11 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013/06/17 15:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2013/06/17 15:21:07 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013/06/17 15:21:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013/06/17 15:21:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013/06/17 15:21:06 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013/06/17 15:21:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013/06/17 15:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2013/06/17 15:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2013/06/17 15:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/06/17 15:20:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2013/06/17 15:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013/06/17 15:19:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/06/17 15:19:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013/06/17 15:19:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2013/06/17 15:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2013/06/17 15:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2013/06/17 15:19:36 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2013/06/17 15:19:36 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2013/06/17 15:19:35 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2013/06/17 15:19:35 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2013/06/17 15:19:35 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2013/06/17 15:19:35 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2013/06/17 15:19:35 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2013/06/17 15:19:35 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2013/06/17 15:19:35 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2013/06/17 15:19:35 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2013/06/17 15:19:35 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2013/06/17 15:19:34 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2013/06/17 15:19:34 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2013/06/17 15:19:34 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2013/06/17 15:19:34 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2013/06/17 15:19:34 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2013/06/17 15:19:34 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2013/06/17 15:19:34 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2013/06/17 15:19:34 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2013/06/17 15:19:33 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2013/06/17 15:19:33 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2013/06/17 15:19:33 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2013/06/17 15:19:32 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2013/06/17 15:19:32 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2013/06/17 15:19:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013/06/17 15:19:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013/06/17 15:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2013/06/17 15:19:22 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013/06/17 15:19:22 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013/06/17 15:19:22 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013/06/17 15:19:22 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013/06/17 15:19:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013/06/17 15:19:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013/06/17 15:19:22 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013/06/17 15:19:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013/06/17 15:19:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013/06/17 15:19:22 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2013/06/17 15:19:21 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013/06/17 15:19:21 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013/06/17 15:19:12 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013/06/17 15:19:12 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013/06/17 15:19:11 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013/06/17 15:19:11 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013/06/17 15:19:11 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013/06/17 15:19:11 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013/06/17 15:19:11 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013/06/17 15:19:11 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013/06/17 15:19:10 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013/06/17 15:19:10 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013/06/17 15:19:10 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013/06/17 15:19:10 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013/06/17 15:19:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013/06/17 15:19:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013/06/17 15:19:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013/06/17 15:19:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013/06/17 15:19:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013/06/17 15:19:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013/06/17 15:19:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013/06/17 15:19:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013/06/17 15:19:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013/06/17 15:19:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013/06/17 15:19:09 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013/06/17 15:19:09 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013/06/17 15:19:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013/06/17 15:19:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013/06/17 15:19:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013/06/17 15:19:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013/06/17 15:19:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013/06/17 15:19:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013/06/17 15:19:09 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013/06/17 15:19:09 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013/06/17 15:19:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013/06/17 15:19:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013/06/17 15:19:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013/06/17 15:19:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013/06/17 15:19:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013/06/17 15:19:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013/06/17 15:19:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013/06/17 15:19:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013/06/17 15:19:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013/06/17 15:19:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013/06/17 15:19:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013/06/17 15:19:07 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013/06/17 15:19:07 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013/06/17 15:19:07 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013/06/17 15:19:07 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013/06/17 15:19:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013/06/17 15:19:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013/06/17 15:19:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013/06/17 15:19:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013/06/17 15:19:06 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013/06/17 15:19:03 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013/06/17 15:19:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013/06/17 15:19:03 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013/06/17 15:19:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013/06/17 15:19:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013/06/17 15:19:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013/06/17 15:19:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013/06/17 15:19:02 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013/06/17 15:19:02 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013/06/17 15:19:02 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013/06/17 15:19:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013/06/17 15:19:02 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013/06/17 15:19:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013/06/17 15:19:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013/06/17 15:19:01 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013/06/17 15:19:01 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013/06/17 15:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2013/06/17 15:18:46 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013/06/17 15:18:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013/06/17 15:18:45 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013/06/17 15:18:45 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013/06/17 15:18:45 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013/06/17 15:18:45 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2013/06/17 15:18:44 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013/06/17 15:18:44 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013/06/17 15:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2013/06/17 15:18:43 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013/06/17 15:18:43 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013/06/17 15:18:42 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2013/06/17 15:18:42 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2013/06/17 15:18:42 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013/06/17 15:18:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013/06/17 15:18:42 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013/06/17 15:18:41 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013/06/17 15:18:41 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013/06/17 15:18:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2013/06/17 15:18:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2013/06/17 15:18:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013/06/17 15:18:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013/06/17 15:18:40 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013/06/17 15:18:40 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013/06/17 15:18:40 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013/06/17 15:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013/06/17 15:18:39 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013/06/17 15:18:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013/06/17 15:18:39 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013/06/17 15:18:38 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013/06/17 15:18:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013/06/17 15:18:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013/06/17 15:18:36 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013/06/17 15:18:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013/06/17 15:18:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013/06/17 15:18:28 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013/06/17 15:18:27 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013/06/17 15:18:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2013/06/17 15:17:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/06/17 11:05:57 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2013/06/17 11:05:44 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2013/06/17 11:04:24 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 12th, 2013, 6:58 am

[2013/06/17 11:04:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2013/06/17 11:04:21 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2013/06/17 11:04:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2013/06/17 11:04:20 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2013/06/17 11:04:18 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2013/06/17 11:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2013/06/17 11:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2013/06/17 11:04:17 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/06/17 11:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2013/06/17 11:04:14 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2013/06/17 11:04:14 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2013/06/17 11:04:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2013/06/17 11:04:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2013/06/17 11:04:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2013/06/17 11:04:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2013/06/17 11:04:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2013/06/17 11:04:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2013/06/17 11:04:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2013/06/17 11:04:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2013/06/17 11:04:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2013/06/17 11:04:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2013/06/17 11:04:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2013/06/17 11:04:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2013/06/17 11:04:09 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2013/06/17 11:04:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2013/06/17 11:04:09 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2013/06/17 11:04:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2013/06/17 11:04:09 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2013/06/17 11:04:09 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2013/06/17 11:04:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2013/06/17 11:04:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2013/06/17 11:04:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2013/06/17 11:04:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2013/06/17 11:04:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2013/06/17 11:04:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2013/06/17 11:04:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2013/06/17 11:04:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2013/06/17 11:04:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2013/06/17 11:04:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2013/06/17 11:04:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2013/06/17 11:04:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2013/06/17 11:04:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2013/06/17 11:04:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2013/06/17 11:04:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2013/06/17 11:04:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2013/06/17 11:04:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2013/06/17 11:04:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2013/06/17 11:04:03 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2013/06/17 11:04:03 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2013/06/17 11:04:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2013/06/17 11:04:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2013/06/17 11:04:02 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2013/06/17 11:04:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2013/06/17 11:04:02 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2013/06/17 11:04:02 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2013/06/17 11:04:02 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2013/06/17 11:04:02 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2013/06/17 11:04:02 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2013/06/17 11:04:02 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2013/06/17 11:04:02 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2013/06/17 11:04:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2013/06/17 11:04:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2013/06/17 11:04:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2013/06/17 11:04:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2013/06/17 11:04:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2013/06/17 11:04:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2013/06/17 11:04:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2013/06/17 11:04:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2013/06/17 11:04:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2013/06/17 11:04:02 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2013/06/17 11:04:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2013/06/17 11:04:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2013/06/17 11:04:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2013/06/17 11:03:59 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2013/06/17 11:03:59 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013/06/17 11:03:59 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2013/06/17 11:03:59 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013/06/17 11:03:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013/06/17 11:03:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013/06/17 11:03:58 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013/06/17 11:03:58 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2013/06/17 11:03:58 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013/06/17 11:03:58 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013/06/17 11:03:58 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013/06/17 11:03:58 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013/06/17 11:03:58 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013/06/17 11:03:57 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013/06/17 11:03:57 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013/06/17 11:03:57 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013/06/17 11:03:57 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013/06/17 11:03:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013/06/17 11:03:57 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013/06/17 11:03:57 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013/06/17 11:03:57 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013/06/17 11:03:56 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013/06/17 11:03:56 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013/06/17 11:03:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013/06/17 11:03:56 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013/06/17 11:03:56 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013/06/17 11:03:56 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013/06/17 11:03:56 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013/06/17 11:03:56 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013/06/17 11:03:55 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013/06/17 11:03:55 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013/06/17 11:03:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013/06/17 11:03:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2013/06/17 11:03:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2013/06/17 11:03:54 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2013/06/17 11:03:54 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013/06/17 11:03:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2013/06/17 11:03:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2013/06/17 11:03:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/06/17 11:03:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/06/17 11:03:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2013/06/17 11:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2013/06/17 11:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2013/06/17 11:03:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/06/17 11:03:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013/06/17 11:03:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/06/17 11:03:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/06/17 11:02:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013/06/17 11:02:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/06/17 10:51:21 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013/06/17 10:51:21 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/06/17 10:51:21 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013/06/17 10:51:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013/06/17 10:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

========== Files - Modified Within 30 Days ==========

[2013/07/12 06:30:21 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/12 06:11:27 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4C8889D2-24B6-4350-9EC8-56B70037BC9A}.job
[2013/07/12 05:55:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/07/12 05:37:44 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/12 05:37:23 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/12 05:32:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/12 05:31:34 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/12 05:29:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/12 05:29:15 | 000,216,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/11 21:47:52 | 000,417,668 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\smooth-long-necked-turtle.png
[2013/07/11 21:42:18 | 000,205,713 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Rach Madd toy.png
[2013/07/11 21:32:51 | 000,006,155 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WEATHER.gif
[2013/07/11 21:32:11 | 008,575,422 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WEBMAP_SATRAD_ANIM_GIF.gif
[2013/07/11 20:28:32 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Windows Live Messenger .lnk
[2013/07/11 19:55:29 | 000,000,000 | ---- | M] () -- C:\cookies.sqlite
[2013/07/11 19:51:10 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/07/11 18:14:04 | 000,039,127 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\1c7934c944254b3baaf6a44df7ce6e0d.600x.jpg
[2013/07/11 17:09:14 | 000,002,924 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\cry.jpg
[2013/07/11 16:45:29 | 000,760,775 | ---- | M] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\MiniToolBox.exe
[2013/07/11 16:44:00 | 000,006,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\guilty.jpg
[2013/07/11 16:33:44 | 000,003,619 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\v.jpg
[2013/07/11 16:09:05 | 000,005,833 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\protected-by-smith-&amp;-wesson.gif
[2013/07/11 15:52:22 | 000,000,221 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\script running.rtf
[2013/07/11 14:16:33 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/07/11 12:56:15 | 000,506,242 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/11 12:56:15 | 000,088,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/11 12:35:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/07/11 11:20:49 | 000,002,502 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\stoopud.jpg
[2013/07/11 11:15:45 | 000,008,340 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\stupid.jpg
[2013/07/10 19:19:03 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\StreamTorrent 1.0.lnk
[2013/07/10 19:17:52 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SopCast.lnk
[2013/07/10 19:09:19 | 000,002,132 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\mad.jpg
[2013/07/10 18:50:32 | 000,000,255 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MODEMS.rtf
[2013/07/10 18:50:19 | 000,000,255 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MODEMS.rtf
[2013/07/10 17:58:12 | 000,009,300 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\yup.jpg
[2013/07/10 17:29:36 | 000,029,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\salute.jpg
[2013/07/10 14:22:09 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/07/09 21:55:46 | 001,389,150 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SAM_2595.JPG
[2013/07/09 12:54:29 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\SwitchSevenDays.job
[2013/07/09 12:54:29 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\SwitchReminder.job
[2013/07/09 12:54:28 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2013/07/08 21:46:45 | 000,048,842 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\shit-fan.png
[2013/07/08 18:43:04 | 000,082,980 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\uncle sam on knees.jpg
[2013/07/08 18:40:56 | 000,024,812 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Going Down Tee.jpg
[2013/07/08 18:09:00 | 000,061,397 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Going Down Cap.jpg
[2013/07/08 10:38:59 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2003.lnk
[2013/07/07 16:50:56 | 000,032,561 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\islamophobic.jpg
[2013/07/07 16:07:46 | 000,005,043 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\up yours.jpg
[2013/07/07 11:33:40 | 000,001,800 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WinPatrol.lnk
[2013/07/07 10:14:54 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/06 22:41:25 | 000,003,724 | ---- | M] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2013/07/06 19:46:38 | 000,006,830 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\big grin obammy.jpg
[2013/07/06 17:37:12 | 000,077,993 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\BUTTITS.jpg
[2013/07/06 00:59:52 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/06 00:56:39 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/05 10:38:27 | 000,000,242 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Speed up Computer.rtf
[2013/07/05 10:37:47 | 000,001,985 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Van Liere letter.rtf
[2013/07/05 10:20:08 | 000,002,400 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\letter.rtf
[2013/07/04 09:39:53 | 000,001,910 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Testimony.rtf
[2013/07/04 07:45:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/07/04 00:59:02 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/07/04 00:54:18 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/07/04 00:53:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/07/04 00:53:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/07/04 00:53:17 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/07/02 14:54:19 | 000,000,524 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\STREAMING.rtf
[2013/07/01 10:48:23 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/06/28 14:57:57 | 000,000,856 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GOM Player.lnk
[2013/06/28 14:17:47 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Free YouTube Download.lnk
[2013/06/28 14:17:47 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DVDVideoSoft Free Studio.lnk
[2013/06/28 11:14:12 | 000,026,824 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\STUPID.jpg
[2013/06/28 11:12:28 | 000,031,970 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\no beer on mars.jpg
[2013/06/28 11:11:48 | 000,016,972 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\psycho.jpg
[2013/06/28 11:11:13 | 000,036,671 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\NOT ON FACEBOOK.jpg
[2013/06/28 11:10:41 | 000,031,452 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Identity Stolen.jpg
[2013/06/28 11:09:50 | 000,026,568 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Store Music.jpg
[2013/06/26 11:31:18 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/06/26 10:56:07 | 000,050,947 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\union numbnuts.jpg
[2013/06/25 14:53:07 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/06/25 12:28:30 | 000,011,388 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\vanliere.rtf
[2013/06/25 12:11:15 | 000,004,005 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Vanliere-Robb correspondence.rtf
[2013/06/24 16:34:07 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Windows Media Player.lnk
[2013/06/24 16:17:15 | 000,163,116 | ---- | M] () -- C:\WINDOWS\hpoins28.dat
[2013/06/24 10:41:26 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/24 10:41:26 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/24 10:37:06 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013/06/24 10:17:42 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Outlook 2003.lnk
[2013/06/24 10:16:00 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Excel 2003.lnk
[2013/06/24 10:14:03 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Publisher 2003.lnk
[2013/06/21 20:00:31 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ISOpen.lnk
[2013/06/21 11:45:32 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/21 11:45:17 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/21 11:45:17 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/21 11:45:17 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/21 11:45:16 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/21 11:45:15 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/21 11:45:14 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/20 12:46:36 | 001,067,982 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Former Plan RPO-TAC 14 Sept 2011.pdf
[2013/06/20 12:38:11 | 000,159,504 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RPO SCHEDULE-NOTIFICATIONS.pdf
[2013/06/20 12:34:42 | 000,161,785 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\2CoastPlain RPO Meetings-Posts.htm
[2013/06/20 12:08:57 | 000,051,192 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\elected officials-may 2012.pdf
[2013/06/20 11:10:18 | 000,270,556 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\IDE TO SATA PHOTO.JPG
[2013/06/20 11:05:51 | 000,009,290 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\IDE TO SATA INST.rtf
[2013/06/19 18:45:29 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013/06/19 16:42:39 | 000,000,233 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\DRIVERS.rtf
[2013/06/19 16:33:38 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/19 16:33:38 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/19 14:48:56 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/19 11:44:04 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Free ISO Creator.lnk
[2013/06/19 11:21:38 | 000,054,864 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\ExpressZip.dmp
[2013/06/19 11:16:20 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/06/19 11:02:09 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Volume Control.lnk
[2013/06/18 19:16:27 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Switch Sound File Converter.lnk
[2013/06/18 19:15:57 | 000,000,025 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2013/06/18 18:56:57 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Burn Disc Burning Software.lnk
[2013/06/18 18:30:00 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CloneCD.lnk
[2013/06/18 18:26:50 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Prism Video Converter.lnk
[2013/06/18 12:49:07 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2013/06/18 12:24:59 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Belarc Advisor.lnk
[2013/06/18 10:48:52 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SpywareBlaster.lnk
[2013/06/18 10:47:18 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/18 10:14:47 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/18 09:48:42 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/06/17 15:58:14 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Internet Explorer.lnk
[2013/06/17 15:42:15 | 000,000,206 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to CD Drive.lnk
[2013/06/17 15:42:10 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to Local Disk (C).lnk
[2013/06/17 15:31:02 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/06/17 15:29:08 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/06/17 15:24:58 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/06/17 15:24:58 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/06/17 15:24:58 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/06/17 15:24:58 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/06/17 15:24:58 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/06/17 15:24:34 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/17 15:20:24 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/17 15:17:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013/06/14 12:26:05 | 000,018,136 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\5460-edgecty-upsetbid2-124commercialdr(1).pdf
[2013/06/14 11:59:19 | 000,525,550 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Edgecombe_PublicTranspMaps_072709.pdf
[2013/06/14 11:56:46 | 000,559,250 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Edgecombe_HighwayMaps_072809.pdf
[2013/06/14 11:52:31 | 000,026,479 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Edgecombe_ProjectProposals_111008.pdf
[2013/06/14 10:55:15 | 000,111,787 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\2- SFGate.htm
[2013/06/14 10:55:07 | 000,216,729 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Retired Army sergeant looks to restore NC town - SFGate.htm

========== Files Created - No Company Name ==========

[2013/07/11 21:47:49 | 000,417,668 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\smooth-long-necked-turtle.png
[2013/07/11 21:41:53 | 000,205,713 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Rach Madd toy.png
[2013/07/11 21:32:46 | 000,006,155 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\WEATHER.gif
[2013/07/11 21:31:02 | 008,575,422 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\WEBMAP_SATRAD_ANIM_GIF.gif
[2013/07/11 19:55:29 | 000,000,000 | ---- | C] () -- C:\cookies.sqlite
[2013/07/11 19:51:10 | 000,002,415 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/07/11 19:24:26 | 000,001,793 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Windows Live Messenger .lnk
[2013/07/11 18:13:50 | 000,039,127 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\1c7934c944254b3baaf6a44df7ce6e0d.600x.jpg
[2013/07/11 17:09:13 | 000,002,924 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\cry.jpg
[2013/07/11 16:43:58 | 000,006,632 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\guilty.jpg
[2013/07/11 16:33:41 | 000,003,619 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\v.jpg
[2013/07/11 16:08:58 | 000,005,833 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\protected-by-smith-&amp;-wesson.gif
[2013/07/11 15:52:22 | 000,000,221 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\script running.rtf
[2013/07/11 14:16:33 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/07/11 11:19:44 | 000,002,502 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\stoopud.jpg
[2013/07/11 11:14:01 | 000,008,340 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\stupid.jpg
[2013/07/10 19:19:03 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\StreamTorrent 1.0.lnk
[2013/07/10 19:17:52 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SopCast.lnk
[2013/07/10 19:09:14 | 000,002,132 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\mad.jpg
[2013/07/10 18:50:31 | 000,000,255 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MODEMS.rtf
[2013/07/10 18:50:19 | 000,000,255 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MODEMS.rtf
[2013/07/10 17:57:56 | 000,009,300 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\yup.jpg
[2013/07/10 17:29:03 | 000,029,848 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\salute.jpg
[2013/07/10 16:03:19 | 001,389,150 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SAM_2595.JPG
[2013/07/08 21:46:37 | 000,048,842 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\shit-fan.png
[2013/07/08 18:42:57 | 000,082,980 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\uncle sam on knees.jpg
[2013/07/08 18:40:54 | 000,024,812 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Going Down Tee.jpg
[2013/07/08 18:08:57 | 000,061,397 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Going Down Cap.jpg
[2013/07/07 16:50:51 | 000,032,561 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\islamophobic.jpg
[2013/07/07 16:07:42 | 000,005,043 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\up yours.jpg
[2013/07/07 15:24:14 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/07 13:48:42 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/07/07 11:33:40 | 000,001,800 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\WinPatrol.lnk
[2013/07/07 10:15:31 | 000,000,316 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/06 19:46:16 | 000,006,830 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\big grin obammy.jpg
[2013/07/06 17:37:07 | 000,077,993 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\BUTTITS.jpg
[2013/07/06 00:57:00 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/06 00:56:39 | 000,000,342 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/05 10:38:27 | 000,000,242 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Speed up Computer.rtf
[2013/07/05 10:37:47 | 000,001,985 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Van Liere letter.rtf
[2013/07/05 10:08:21 | 000,002,400 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\letter.rtf
[2013/07/04 09:39:52 | 000,001,910 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Testimony.rtf
[2013/07/04 01:02:17 | 000,000,302 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1004336348-1708537768-839522115-500.job
[2013/07/04 00:59:02 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/07/02 14:54:18 | 000,000,524 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\STREAMING.rtf
[2013/06/28 14:17:47 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Free YouTube Download.lnk
[2013/06/28 13:41:31 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/28 11:14:11 | 000,026,824 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\STUPID.jpg
[2013/06/28 11:12:27 | 000,031,970 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\no beer on mars.jpg
[2013/06/28 11:11:48 | 000,016,972 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\psycho.jpg
[2013/06/28 11:11:12 | 000,036,671 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\NOT ON FACEBOOK.jpg
[2013/06/28 11:10:40 | 000,031,452 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Identity Stolen.jpg
[2013/06/28 11:09:48 | 000,026,568 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Store Music.jpg
[2013/06/26 10:56:05 | 000,050,947 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\union numbnuts.jpg
[2013/06/25 14:53:07 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/06/25 14:49:31 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/25 14:49:27 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2013/06/25 12:11:15 | 000,004,005 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Vanliere-Robb correspondence.rtf
[2013/06/25 10:15:50 | 000,011,388 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\vanliere.rtf
[2013/06/24 16:34:07 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Windows Media Player.lnk
[2013/06/24 16:10:04 | 000,163,116 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2013/06/24 16:10:04 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2013/06/24 10:44:17 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2013/06/24 10:37:06 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013/06/24 10:24:38 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2013/06/21 20:00:31 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ISOpen.lnk
[2013/06/20 12:46:35 | 001,067,982 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Former Plan RPO-TAC 14 Sept 2011.pdf
[2013/06/20 12:38:10 | 000,159,504 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RPO SCHEDULE-NOTIFICATIONS.pdf
[2013/06/20 12:34:38 | 000,161,785 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\2CoastPlain RPO Meetings-Posts.htm
[2013/06/20 12:08:56 | 000,051,192 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\elected officials-may 2012.pdf
[2013/06/20 11:10:17 | 000,270,556 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\IDE TO SATA PHOTO.JPG
[2013/06/20 11:05:51 | 000,009,290 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\IDE TO SATA INST.rtf
[2013/06/19 19:08:25 | 000,002,521 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Outlook 2003.lnk
[2013/06/19 19:08:09 | 000,002,497 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2003.lnk
[2013/06/19 19:07:41 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Publisher 2003.lnk
[2013/06/19 19:07:31 | 000,002,495 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Excel 2003.lnk
[2013/06/19 16:42:39 | 000,000,233 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\DRIVERS.rtf
[2013/06/19 16:07:22 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DVDVideoSoft Free Studio.lnk
[2013/06/19 14:48:56 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/19 14:48:56 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/19 11:44:04 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Free ISO Creator.lnk
[2013/06/19 11:21:36 | 000,054,864 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ExpressZip.dmp
[2013/06/19 11:16:20 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/06/19 11:11:12 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\ISOpen.lnk
[2013/06/19 11:10:24 | 000,017,804 | ---- | C] () -- C:\WINDOWS\System32\shlctxmnu2.tlb
[2013/06/19 11:10:21 | 000,001,308 | ---- | C] () -- C:\WINDOWS\System32\RUNNABLE.TLB
[2013/06/19 11:10:17 | 000,018,728 | ---- | C] () -- C:\WINDOWS\System32\ISHF_Ex.tlb
[2013/06/19 11:10:15 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2013/06/18 20:13:11 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013/06/18 19:39:48 | 000,216,729 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Retired Army sergeant looks to restore NC town - SFGate.htm
[2013/06/18 19:39:47 | 000,525,550 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Edgecombe_PublicTranspMaps_072709.pdf
[2013/06/18 19:39:46 | 000,559,250 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Edgecombe_HighwayMaps_072809.pdf
[2013/06/18 19:39:46 | 000,026,479 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Edgecombe_ProjectProposals_111008.pdf
[2013/06/18 19:39:45 | 000,018,136 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\5460-edgecty-upsetbid2-124commercialdr(1).pdf
[2013/06/18 19:39:44 | 000,111,787 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\2- SFGate.htm
[2013/06/18 19:30:25 | 000,001,910 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
[2013/06/18 19:16:39 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\SwitchReminder.job
[2013/06/18 19:16:34 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\SwitchSevenDays.job
[2013/06/18 19:16:27 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Switch Sound File Converter.lnk
[2013/06/18 19:16:27 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Switch Sound File Converter.lnk
[2013/06/18 19:15:57 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2013/06/18 19:02:30 | 000,010,774 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dellsystemdetect.application
[2013/06/18 18:57:17 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2013/06/18 18:56:57 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Burn Disc Burning Software.lnk
[2013/06/18 18:56:57 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Burn Disc Burning Software.lnk
[2013/06/18 18:30:00 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CloneCD.lnk
[2013/06/18 18:28:42 | 000,000,296 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Key.CloneCD
[2013/06/18 18:26:50 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Prism Video Converter.lnk
[2013/06/18 18:24:58 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GOM Player.lnk
[2013/06/18 18:12:08 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SecurityCheck.exe
[2013/06/18 18:12:07 | 000,821,248 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FreeISOBurner.exe
[2013/06/18 17:55:28 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2013/06/18 17:55:28 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2013/06/18 17:55:28 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2013/06/18 12:52:52 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/18 12:49:06 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2013/06/18 12:24:59 | 000,001,767 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Belarc Advisor.lnk
[2013/06/18 12:24:59 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Belarc Advisor.lnk
[2013/06/18 12:24:55 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2013/06/18 11:27:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/06/18 11:27:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/06/18 10:50:52 | 000,000,438 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4C8889D2-24B6-4350-9EC8-56B70037BC9A}.job
[2013/06/18 10:48:52 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SpywareBlaster.lnk
[2013/06/18 10:47:18 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/18 10:37:32 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/06/18 10:37:01 | 000,003,724 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2013/06/18 09:55:46 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/06/18 09:55:46 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/06/18 09:55:46 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/06/18 09:55:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/06/18 09:55:45 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/06/18 09:55:45 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/06/18 09:55:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/06/18 09:55:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/06/18 09:55:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/06/18 09:55:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/06/18 09:55:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/06/18 09:55:45 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/06/18 09:55:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/06/18 09:55:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/06/18 09:55:45 | 000,069,612 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/06/18 09:55:45 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/06/18 09:55:45 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/06/18 09:55:44 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/06/18 09:55:44 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/06/18 09:55:44 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/06/18 09:55:44 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/06/18 09:55:44 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/06/18 09:55:44 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/06/18 09:55:44 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/06/18 09:55:44 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/06/18 09:55:44 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/06/18 09:55:44 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/06/18 09:55:44 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/06/18 09:55:44 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/06/18 09:55:44 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/06/18 09:55:44 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/06/18 09:55:44 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/06/18 09:55:44 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/06/18 09:55:44 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/06/18 09:55:44 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/06/18 09:55:44 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/06/18 09:55:44 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/06/18 09:55:44 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/06/18 09:55:44 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/06/18 09:55:44 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/06/18 09:55:44 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/06/18 09:55:44 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/06/18 09:55:44 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/06/18 09:55:44 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/06/18 09:55:44 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/06/18 09:55:44 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/06/18 09:55:44 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/06/18 09:55:44 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/06/18 09:55:43 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/06/18 09:55:43 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/06/18 09:55:43 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/06/18 09:55:43 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/06/18 09:55:43 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/06/18 09:55:43 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/06/18 09:55:43 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/06/18 09:55:43 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/06/18 09:55:43 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/06/18 09:55:43 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/06/18 09:55:43 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/06/18 09:55:43 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/06/18 09:55:43 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/06/18 09:55:43 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/06/18 09:55:43 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/06/18 09:55:43 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/06/18 09:55:43 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/06/18 09:55:43 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/06/18 09:55:43 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/06/18 09:55:43 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/06/18 09:55:42 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/06/18 09:55:42 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/06/18 09:55:42 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/06/18 09:55:42 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/06/18 09:55:42 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/06/18 09:55:42 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/06/18 09:55:42 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/06/18 09:55:42 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/06/18 09:55:42 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/06/18 09:55:42 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/06/18 09:55:42 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/06/18 09:55:42 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/06/18 09:49:09 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/06/18 09:49:08 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/06/18 09:49:06 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/06/17 15:58:14 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Internet Explorer.lnk
[2013/06/17 15:56:27 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Volume Control.lnk
[2013/06/17 15:42:15 | 000,000,206 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to CD Drive.lnk
[2013/06/17 15:42:10 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to Local Disk (C).lnk
[2013/06/17 15:40:10 | 000,058,704 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2013/06/17 15:40:10 | 000,024,736 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2013/06/17 15:40:10 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/06/17 15:40:09 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/06/17 15:34:05 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2013/06/17 15:33:55 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2013/06/17 15:33:52 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2013/06/17 15:31:02 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/06/17 15:30:51 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2013/06/17 15:30:49 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2013/06/17 15:30:36 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2013/06/17 15:30:36 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
[2013/06/17 15:29:03 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/06/17 15:27:55 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/06/17 15:27:30 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/06/17 15:27:21 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013/06/17 15:27:19 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/06/17 15:27:17 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013/06/17 15:27:06 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/06/17 15:26:59 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013/06/17 15:26:39 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013/06/17 15:24:58 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/06/17 15:24:58 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/06/17 15:24:58 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/06/17 15:24:58 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013/06/17 15:24:58 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013/06/17 15:24:49 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/17 15:24:49 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/17 15:24:48 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/17 15:22:52 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2013/06/17 15:22:34 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/06/17 15:21:59 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013/06/17 15:21:59 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013/06/17 15:21:53 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/06/17 15:20:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/17 15:19:46 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2013/06/17 15:19:14 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2013/06/17 15:19:14 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2013/06/17 15:19:14 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013/06/17 15:19:14 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/06/17 15:19:13 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2013/06/17 15:19:13 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2013/06/17 15:19:13 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2013/06/17 15:19:13 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2013/06/17 15:19:13 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2013/06/17 15:19:13 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2013/06/17 15:19:13 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2013/06/17 15:19:10 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/06/17 15:19:09 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013/06/17 15:19:08 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013/06/17 15:19:01 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/06/17 11:04:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/17 11:04:20 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/06/17 11:04:20 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/06/17 11:04:19 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/06/17 11:04:19 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/06/17 11:03:55 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013/06/17 11:03:38 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/06/17 11:03:37 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2013/06/17 11:03:37 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/06/17 11:03:37 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/06/17 11:03:37 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/06/17 11:03:37 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/06/17 11:03:37 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/06/17 11:03:37 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013/06/17 11:02:16 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/17 11:01:17 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2013/06/17 11:01:11 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

========== ZeroAccess Check ==========

[2013/06/19 14:57:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/07/07 12:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG
[2013/06/18 10:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG SafeGuard toolbar
[2013/06/18 10:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG2013
[2013/06/28 14:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft
[2013/06/28 14:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers
[2013/07/05 19:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\StreamTorrent
[2013/07/07 14:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
[2013/06/24 10:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2013/06/26 10:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2013/07/06 08:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2013/07/07 12:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/06/26 11:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/06/27 16:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/06/18 10:31:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/07/09 12:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/06/18 10:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2013/07/12 05:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/06/18 18:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2013/06/18 18:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2013/07/09 13:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/07/06 23:17:17 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/06/19 12:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 12th, 2013, 6:59 am

OTL Extras logfile created on: 7/12/2013 6:00:13 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.65 Gb Available Physical Memory | 52.40% Memory free
2.98 Gb Paging File | 2.43 Gb Available in Paging File | 81.50% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.94 Gb Total Space | 14.20 Gb Free Space | 50.84% Space Free | Partition Type: NTFS

Computer Name: STEPHEN | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1004336348-1708537768-839522115-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe" = C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe:*:Enabled:StreamTorrent Media Player -- (StreamTorrent)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}" = WinPatrol
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5E4339CF-F287-4DB9-BE23-D8460487B3A3}" = AVG 2013
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6EA78F57-89F2-4B2E-8ADB-3FA6865D32EF}" = AVG 2013
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver 11.0 03
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2013
"BCM V.92 56K Modem" = BCM V.92 56K Modem
"Belarc Advisor" = Belarc Advisor 8.3
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"ExpressBurn" = Express Burn Disc Burning Software
"Free ISO Creator (by minidvdsoft)_is1" = Free ISO Creator version 2.8
"Free YouTube Download_is1" = Free YouTube Download version 3.2.5.628
"GOM Player" = GOM Player
"ie8" = Windows Internet Explorer 8
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"ISOpen_is1" = ISOpen V4.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
"Prism" = Prism Video Converter
"RealPlayer 16.0" = RealPlayer
"SopCast" = SopCast 3.8.3
"SpywareBlaster_is1" = SpywareBlaster 5.0
"StreamTorrent 1.0" = StreamTorrent 1.0
"Switch" = Switch Sound File Converter
"VLC media player" = VLC media player 2.0.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.00 beta 5 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1004336348-1708537768-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/24/2013 3:43:15 PM | Computer Name = STEPHEN | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020

Error - 6/25/2013 12:37:15 PM | Computer Name = STEPHEN | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 6/25/2013 1:31:52 PM | Computer Name = STEPHEN | Source = Application Hang | ID = 1002
Description = Hanging application psi.exe, version 3.0.0.7009, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/28/2013 1:40:42 PM | Computer Name = STEPHEN | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MY DOCUMENTS\DOWNLOADS\OFFICE2003-KB980373-FULLFILE-ENU.EXE>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 7/8/2013 10:39:58 AM | Computer Name = STEPHEN | Source = ESENT | ID = 485
Description = SearchIndexer (3500) An attempt to delete the file "C:\Documents and
Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS004BD.log"
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The delete file operation will fail with
error -1032 (0xfffffbf8).

Error - 7/8/2013 12:36:47 PM | Computer Name = STEPHEN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 22.0.0.4917, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/8/2013 12:37:42 PM | Computer Name = STEPHEN | Source = Application Hang | ID = 1001
Description = Fault bucket -637767468.

Error - 7/9/2013 12:06:11 PM | Computer Name = STEPHEN | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/9/2013 1:34:47 PM | Computer Name = STEPHEN | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 11.0.3.37, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/10/2013 7:34:18 PM | Computer Name = STEPHEN | Source = Application Hang | ID = 1002
Description = Hanging application StreamTorrent.exe, version 1.0.0.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 7/11/2013 6:34:38 PM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the WZCSVC service.

Error - 7/11/2013 8:30:56 PM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update
Service service to connect.

Error - 7/11/2013 8:30:56 PM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7000
Description = The Adobe Flash Player Update Service service failed to start due
to the following error: %%1053

Error - 7/11/2013 9:54:37 PM | Computer Name = STEPHEN | Source = DCOM | ID = 10010
Description = The server {72278E83-B0EF-4E49-9E10-6947602C1030} did not register
with DCOM within the required timeout.

Error - 7/12/2013 5:34:34 AM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 7/12/2013 5:35:21 AM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update
Service service to connect.

Error - 7/12/2013 5:35:22 AM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7000
Description = The Adobe Flash Player Update Service service failed to start due
to the following error: %%1053

Error - 7/12/2013 5:36:41 AM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.

Error - 7/12/2013 5:36:41 AM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053

Error - 7/12/2013 5:48:02 AM | Computer Name = STEPHEN | Source = Service Control Manager | ID = 7034
Description = The vToolbarUpdater15.3.0 service terminated unexpectedly. It has
done this 1 time(s).


< End of report >
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Raptor » July 12th, 2013, 7:05 am

DOUBLE POSTED BY MISTAKE.
Raptor
Regular Member
 
Posts: 36
Joined: March 12th, 2012, 2:13 am
Location: Pinetops, NC (USA)

Re: Repost to Gary R.AVG Free Finds/Secures/And Then Finds A

Unread postby Gary R » July 12th, 2013, 3:10 pm


  • Download MGA Diagnostic Tool to your Desktop.
  • Double click MGADiag.exe to launch the programme.
  • Click Continue and let the scan run.
  • When finished it will have created a log.
  • Click Copy.
  • Next open Notepad.
    • Click Start > Run type Notepad click OK.
    • This will open an empty Notepad file.
    • Right click in the empty file and choose Paste to copy the log from MGA Diagnostics into it.
    • Save the file to your Desktop.
  • Close MGA Diagnostic Tool.
  • Copy/Paste the log in your next reply please.

Next

Download CKScanner to your Desktop.
  • Doubleclick CKScanner.exe to launch it.
  • Click Search For Files.
  • After a couple minutes a list will appear in the panel to the right.
  • Click Save List To File.
  • A message box will verify the file saved.
  • Close CKScanner.
  • Copy/paste the contents of ckfiles.txt in your next reply please (it will be on your Desktop).
  • Please run the program once only.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 293 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware