Forum Home
Press F1
Thread ID: 111943	2010-08-17 13:52:00	firewall turns off, pc slow	bigamzz (15898)	Press F1

Post ID	Timestamp	Content	User
1129257	2010-08-17 13:52:00	yesterday when i booted up the firewall was off and wouldnt let me turn off until i rebooted and it still turns off for a few seconds...pc is slow sometimes freezes.....here is the log could you please take a look...thank you (didnt get the otl.extras log???) OTL logfile created on: 17/08/2010 13:06:21 - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\liam\My Documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 511.00 Mb Total Physical Memory | 141.00 Mb Available Physical Memory | 27.00% Memory free 1.00 Gb Paging File | 1.00 Gb Available in Paging File | 60.00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 54.14 Gb Total Space | 4.53 Gb Free Space | 8.36% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 20.36 Gb Total Space | 20.08 Gb Free Space | 98.61% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BRENDAN-GULF0RJ Current User Name: liam Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/08/17 13:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\liam\My Documents\Downloads\OTL(2).com PRC - [2010/07/28 01:23:23 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/08/15 13:19:44 | 001,564,672 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D7050v5\Belkinwcui.exe PRC - [2006/11/03 00:00:54 | 001,585,152 | ---- | M] (Belkin Corporation) -- C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe ========== Modules (SafeList) ========== MOD - [2010/08/17 13:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\liam\My Documents\Downloads\OTL(2).com MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\aolserv.exe -- (AOLService) SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\PPPoEWin.SYS -- (PPPoEWin) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\liam\LOCALS~1\Temp\cpuz132\cpuz132_x32 .sys -- (cpuz132) DRV - [2010/07/21 00:09:47 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010/04/12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/02/11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2010/01/20 17:53:06 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2010/01/20 17:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008/04/14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008/04/14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2005/11/09 18:54:56 | 000,402,944 | ---- | M] (Belkin Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) DRV - [2005/09/10 17:13:32 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM) DRV - [2005/09/08 13:32:55 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP) DRV - [2005/08/30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2005/08/30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2005/08/30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2005/08/29 19:08:38 | 000,368,256 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2004/10/24 21:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50) DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004/02/19 18:57:24 | 000,029,744 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SQCaptur.sys -- (DCamUSBSQTECH) DRV - [2003/08/21 15:56:36 | 000,025,520 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\incdrm.sys -- (incdrm) DRV - [2003/03/31 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2003/03/31 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2003/03/25 10:50:46 | 000,004,096 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide) DRV - [2003/02/20 02:18:36 | 000,036,608 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP) DRV - [2003/01/10 22:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2002/10/17 08:14:46 | 000,049,024 | R--- | M] (Windows (R) 2000 DDK provider) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex) DRV - [2002/08/20 10:19:08 | 000,009,472 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf) DRV - [2002/07/10 16:39:34 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2002/05/11 05:31:48 | 000,633,220 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51) Intel(R) DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE 3F 98 00 2C 29 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008/08/12 23:17:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/28 01:23:40 | 000,000,000 | ---D | M] [2010/06/24 16:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\liam\Application Data\Mozilla\Extensions [2010/08/16 17:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\liam\Application Data\Mozilla\Firefox\Profiles\k020bat1.default\ext ensions [2010/07/22 12:02:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\liam\Application Data\Mozilla\Firefox\Profiles\k020bat1.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/08/16 17:02:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/07/25 21:46:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/07/25 21:45:55 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/06/12 01:10:42 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2010/06/12 01:10:42 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2010/06/12 01:10:42 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010/06/12 01:10:42 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2010/07/26 22:19:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation) O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Belkin Wireless G USB Adapter Client Utility.lnk = C:\Program Files\Belkin\F5D7050v5\Belkinwcui.exe (Belkin) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Belkin Wireless USB Utility.lnk = C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe (Belkin Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoBandCustomize = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoBandCustomize = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} www.ipix.com (iPIX ActiveX Control) O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} cdnimg.piczo.com (Image Uploader Control) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} by125fd.bay125.hotmail.msn.com (MSN Photo Upload Tool) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} messenger.zone.msn.com (UnoCtrl Class) O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} upload.facebook.com (Facebook Photo Uploader Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} update.microsoft.com (WUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} download.eset.com (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com (Java Plug-in 1.6.0_21) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} messenger.zone.msn.com (MessengerStatsClient Class) O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} img.funtigo.com (Seekford Solutions, Inc.'s ssiPictureUploader Control) O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} messenger.msn.com (MsnMessengerSetupDownloadControl Class) O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} cdn.digitalcity.com (IWinAmpActiveX Class) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} java.sun.com (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload.macromedia.com (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2003/08/21 03:42:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]MoneyAgent - hkey= - key= - C:\Program Files\Microsoft Money\System\mnyexpr.exe (Microsoft Corp.) MsConfig - StartUpReg: MSConfig - hkey= - key= - C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation) MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: PWRISOVM.EXE - hkey= - key= - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) MsConfig - StartUpReg: uTorrent - hkey= - key= - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML) ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5.1 ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.5.1 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser .NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Packed With Joy !) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.divx - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: VIDC.JPEG - C:\WINDOWS\System32\JPEGCODE.DLL () Drivers32: VIDC.MJPG - C:\WINDOWS\System32\JPEGCODE.DLL () Drivers32: vidc.vp60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.vp61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.vp62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com) Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation) Unable to start service SrService! ========== Files/Folders - Created Within 30 Days ========== [2010/08/15 19:44:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\liam\Recent [2010/08/15 19:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2010/08/14 16:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010/08/14 16:33:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive [2010/08/14 16:31:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Sports Interactive [2010/08/14 16:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\My Documents\Sports Interactive [2010/08/14 16:29:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2010/08/14 16:29:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2010/08/14 16:29:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2010/08/14 16:29:28 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2010/08/14 16:29:28 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2010/08/14 16:29:27 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2010/08/14 16:29:27 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2010/08/14 16:29:26 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll [2010/08/14 16:29:26 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll [2010/08/14 16:29:24 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2010/08/14 16:29:24 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2010/08/14 16:29:24 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2010/08/14 16:29:23 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll [2010/08/14 16:29:23 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll [2010/08/14 16:29:23 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2010/08/14 16:29:22 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2010/08/14 16:29:22 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2010/08/14 16:29:22 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2010/08/14 16:29:21 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll [2010/08/14 16:29:20 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2010/08/14 16:29:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2010/08/14 16:29:20 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2010/08/14 16:29:19 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2010/08/14 16:29:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2010/08/14 16:29:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2010/08/14 16:29:18 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2010/08/14 16:29:16 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2010/08/14 16:29:15 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2010/08/14 16:29:15 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2010/08/14 16:29:14 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2010/08/14 16:29:14 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2010/08/14 16:29:13 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2010/08/14 16:29:13 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2010/08/14 16:29:12 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2010/08/14 16:29:12 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2010/08/14 16:29:11 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2010/08/14 16:29:10 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2010/08/14 16:29:10 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2010/08/14 16:29:09 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2010/08/14 16:29:08 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2010/08/14 16:29:07 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2010/08/14 16:29:07 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2010/08/14 16:29:07 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2010/08/14 16:29:05 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll [2010/08/14 16:29:04 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll [2010/08/14 16:29:03 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll [2010/08/14 16:29:03 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll [2010/08/14 16:28:49 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll [2010/08/14 16:28:49 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2010/08/14 16:28:48 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2010/08/14 16:28:47 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2010/08/14 16:28:47 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2010/08/14 16:28:47 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2010/08/14 16:28:46 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll [2010/08/14 16:28:45 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2010/08/14 16:28:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2010/08/14 16:28:44 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2010/08/14 16:28:44 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2010/08/14 16:28:42 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2010/08/14 16:28:25 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2010/08/14 16:28:25 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2010/08/14 16:28:24 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2010/08/14 16:28:23 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll [2010/08/14 16:28:23 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2010/08/14 16:28:22 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2010/08/14 16:28:21 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2010/08/14 16:28:20 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll [2010/08/14 16:28:16 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2010/08/14 16:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sports Interactive [2010/08/14 16:17:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\liam\InstallAnywhere [2010/08/14 16:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\Sports Interactive [2010/08/14 16:04:28 | 000,000,000 | -HSD | C] -- C:\found.000 [2010/08/14 15:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO [2010/08/01 14:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\My Documents\dvd [2010/07/31 22:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\My Documents\ConvertXToDVD [2010/07/31 22:50:52 | 001,184,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wvc1dmod.dll [2010/07/31 22:50:52 | 000,626,688 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll [2010/07/31 20:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2010/07/31 20:57:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\uTorrent [2010/07/28 01:47:58 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft [2010/07/28 01:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\TeamViewer [2010/07/27 00:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/07/26 22:36:01 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010/07/26 22:17:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2010/07/26 17:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\My Documents\hbo legendary nights [2010/07/26 16:09:31 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010/07/26 16:07:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/07/25 22:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\SUPERAntiSpyware.com [2010/07/25 22:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2010/07/25 22:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2010/07/25 21:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/07/25 21:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2010/07/25 21:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/07/25 21:46:13 | 000,423,656 | ---- | C] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll [2010/07/25 21:46:13 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe [2010/07/25 21:46:13 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe [2010/07/25 21:46:13 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe [2010/07/25 21:46:13 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl [2010/07/25 21:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010/07/24 01:10:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/07/24 00:49:51 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010/07/24 00:49:51 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010/07/24 00:49:49 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll [2010/07/24 00:49:48 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll [2010/07/24 00:49:48 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll [2010/07/24 00:49:48 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2010/07/24 00:49:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2010/07/24 00:49:45 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll [2010/07/24 00:49:45 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll [2010/07/24 00:49:45 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll [2010/07/24 00:49:43 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2010/07/24 00:49:42 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll [2010/07/24 00:49:42 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2010/07/24 00:49:42 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll [2010/07/24 00:49:41 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe [2010/07/24 00:49:41 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll [2010/07/24 00:49:41 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll [2010/07/24 00:49:41 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2010/07/24 00:49:40 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll [2010/07/24 00:49:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2010/07/24 00:49:28 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2010/07/24 00:49:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2010/07/24 00:49:27 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2010/07/24 00:49:27 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2010/07/24 00:49:27 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2010/07/24 00:49:27 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll [2010/07/24 00:49:27 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2010/07/24 00:49:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2010/07/24 00:49:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2010/07/24 00:49:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2010/07/24 00:49:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2010/07/24 00:49:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2010/07/24 00:49:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll [2010/07/24 00:49:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll [2010/07/24 00:49:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll [2010/07/24 00:49:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2010/07/24 00:49:26 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2010/07/24 00:49:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll [2010/07/24 00:49:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2010/07/24 00:49:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2010/07/24 00:49:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2010/07/24 00:49:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2010/07/24 00:49:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2010/07/24 00:49:24 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2010/07/24 00:49:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dl l [2010/07/24 00:49:24 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2010/07/24 00:49:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2010/07/24 00:49:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2010/07/24 00:49:23 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2010/07/24 00:49:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2010/07/24 00:49:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll [2010/07/24 00:49:23 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2010/07/24 00:49:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2010/07/24 00:49:22 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2010/07/24 00:49:22 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2010/07/24 00:49:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll [2010/07/24 00:49:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2010/07/24 00:49:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll [2010/07/24 00:49:22 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2010/07/24 00:49:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2010/07/24 00:49:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2010/07/24 00:49:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting [2010/07/24 00:49:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2010/07/24 00:49:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en [2010/07/24 00:49:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2010/07/24 00:46:22 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll [2010/07/24 00:46:22 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll [2010/07/24 00:46:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll [2010/07/24 00:46:21 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll [2010/07/24 00:46:21 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2010/07/24 00:46:20 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll [2010/07/24 00:46:20 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll [2010/07/24 00:46:16 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax [2010/07/24 00:46:16 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll [2010/07/24 00:46:16 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax [2010/07/24 00:46:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2010/07/24 00:46:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll [2010/07/24 00:46:16 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2010/07/24 00:46:15 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll [2010/07/24 00:46:15 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll [2010/07/24 00:46:15 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll [2010/07/24 00:46:15 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll [2010/07/24 00:46:15 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll [2010/07/24 00:46:15 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll [2010/07/24 00:46:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax [2010/07/24 00:46:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll [2010/07/24 00:46:14 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2010/07/24 00:46:14 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe [2010/07/24 00:46:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll [2010/07/24 00:46:13 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll [2010/07/24 00:46:13 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll [2010/07/24 00:46:13 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll [2010/07/24 00:46:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll [2010/07/24 00:46:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll [2010/07/24 00:46:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll [2010/07/24 00:46:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx [2010/07/24 00:46:12 | 002,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll [2010/07/24 00:46:12 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll [2010/07/24 00:46:12 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll [2010/07/24 00:46:12 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll [2010/07/24 00:46:12 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax [2010/07/24 00:46:12 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax [2010/07/24 00:46:12 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll [2010/07/24 00:46:12 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll [2010/07/24 00:46:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2010/07/24 00:46:12 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll [2010/07/24 00:44:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2010/07/24 00:44:15 | 000,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [2010/07/24 00:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\Avira [2010/07/24 00:01:12 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/07/24 00:01:10 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/07/24 00:01:10 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010/07/24 00:01:10 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/07/24 00:01:10 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/07/24 00:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/07/24 00:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2010/07/23 15:29:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\Malwarebytes [2010/07/23 15:29:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/07/23 15:29:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/07/23 15:29:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/07/23 15:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/07/23 14:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010/07/22 16:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\Google [2010/07/22 16:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Local Settings\Application Data\AOL [2010/07/22 16:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Desktop\AOL Saved PFC [2010/07/22 16:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\AOL Downloads [2010/07/22 16:47:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\Viewpoint [2010/07/21 14:37:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink [2010/07/21 14:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Shrink [2010/07/21 00:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\InterVideo [2010/07/21 00:19:11 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\liam\Application Data\pcouffin.sys [2010/07/21 00:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\Vso [2010/07/21 00:18:51 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv43260.dll [2010/07/21 00:18:51 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv33260.dll [2010/07/21 00:18:51 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv23260.dll [2010/07/21 00:18:51 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\sipr3260.dll [2010/07/21 00:18:51 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\cook3260.dll [2010/07/21 00:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\VSO [2010/07/21 00:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\DAEMON Tools Pro [2010/07/21 00:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2010/07/20 23:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software [2010/07/20 23:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software [2010/07/20 23:35:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\NCH Software [2010/07/20 15:51:24 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2010/07/20 15:51:24 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2010/07/20 00:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2010/07/20 00:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft [2010/07/20 00:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive [2010/07/20 00:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2010/07/20 00:10:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2010/07/20 00:09:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Contacts [2010/07/20 00:09:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\My Documents\My Received Files [2010/07/19 23:51:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\liam\My Documents\My Videos [2010/07/19 23:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Local Settings\Application Data\Sony [2010/07/19 23:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\Sony [2010/07/19 23:33:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\liam\Application Data\WebcamMax [2010/07/19 23:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\WebcamMax [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]	bigamzz (15898)
1129258	2010-08-17 13:52:00	========== Files - Modified Within 30 Days ========== [2010/08/17 12:55:35 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/08/17 12:55:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/08/17 01:54:25 | 003,932,160 | -H-- | M] () -- C:\Documents and Settings\liam\NTUSER.DAT [2010/08/17 01:54:25 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\liam\ntuser.ini [2010/08/17 01:17:54 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\liam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/17 00:29:04 | 1462,822,684 | ---- | M] () -- C:\Documents and Settings\liam\My Documents\Iron Man 2.avi [2010/08/16 23:05:04 | 839,395,328 | ---- | M] () -- C:\Documents and Settings\liam\My Documents\iron man 1.avi [2010/08/16 19:36:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/08/15 20:31:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/08/15 20:28:47 | 000,000,770 | ---- | M] () -- C:\WINDOWS\win.ini [2010/08/15 20:16:01 | 000,756,964 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/08/15 20:16:01 | 000,618,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/08/15 20:16:01 | 000,144,456 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/08/15 19:41:29 | 000,228,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/08/14 16:26:38 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Football Manager 2010.lnk [2010/08/14 16:05:57 | 000,013,760 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/08/14 15:47:04 | 000,000,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2010/08/03 22:12:42 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\HiJackThis.lnk [2010/08/01 15:19:27 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\vso_ts_preview.xml [2010/07/31 22:51:21 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\inst.exe [2010/07/31 22:51:21 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\liam\Application Data\pcouffin.sys [2010/07/31 22:51:21 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.cat [2010/07/31 22:51:20 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.inf [2010/07/31 22:51:18 | 000,000,866 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\ConvertXtoDVD 4.lnk [2010/07/31 22:51:18 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk [2010/07/31 20:59:07 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2010/07/31 20:59:07 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2010/07/31 15:59:41 | 000,059,792 | ---- | M] () -- C:\Documents and Settings\liam\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/07/27 07:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010/07/26 22:19:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/07/25 22:02:20 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\SUPERAntiSpyware Free Edition.lnk [2010/07/25 21:55:21 | 000,411,590 | ---- | M] () -- C:\Documents and Settings\liam\My Documents\cc_20100725_215458.reg [2010/07/25 21:50:36 | 000,000,689 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\CCleaner.lnk [2010/07/25 21:45:54 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe [2010/07/25 21:45:54 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe [2010/07/25 21:45:54 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe [2010/07/25 21:45:54 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl [2010/07/25 21:45:53 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll [2010/07/24 02:11:18 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010/07/24 01:14:01 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/07/24 00:43:47 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/07/24 00:01:22 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2010/07/23 18:08:59 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2010/07/23 18:08:59 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2010/07/23 15:29:07 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/23 15:05:42 | 000,000,782 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS.TRB [2010/07/23 14:17:21 | 004,286,044 | -H-- | M] () -- C:\Documents and Settings\liam\Local Settings\Application Data\IconCache.db [2010/07/22 16:49:47 | 000,000,517 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\AOL Saved Files.lnk [2010/07/22 16:49:47 | 000,000,004 | ---- | M] () -- C:\WINDOWS\msoffice.ini [2010/07/21 14:37:46 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\DVD Shrink 3.2.lnk [2010/07/21 00:09:47 | 000,697,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010/07/20 23:32:06 | 000,000,284 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\burnaware.ini [2010/07/20 00:24:08 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\liam\My Documents\My Sharing Folders.lnk [2010/07/18 22:16:30 | 000,126,590 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\bluescreenview_setup.exe [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/08/17 00:52:21 | 1462,822,684 | ---- | C] () -- C:\Documents and Settings\liam\My Documents\Iron Man 2.avi [2010/08/17 00:50:45 | 839,395,328 | ---- | C] () -- C:\Documents and Settings\liam\My Documents\iron man 1.avi [2010/08/15 20:05:40 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010/08/14 16:26:34 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Football Manager 2010.lnk [2010/08/14 15:47:04 | 000,000,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2010/07/31 22:51:21 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\inst.exe [2010/07/31 22:51:18 | 000,000,866 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\ConvertXtoDVD 4.lnk [2010/07/31 22:51:18 | 000,000,852 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk [2010/07/31 20:59:07 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2010/07/31 20:59:07 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2010/07/28 01:47:32 | 000,126,590 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\bluescreenview_setup.exe [2010/07/26 16:09:40 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010/07/26 16:09:37 | 000,260,272 | ---- | C] () -- C:\cmldr [2010/07/26 16:07:37 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/07/26 16:07:37 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010/07/25 22:02:20 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\SUPERAntiSpyware Free Edition.lnk [2010/07/25 21:55:00 | 000,411,590 | ---- | C] () -- C:\Documents and Settings\liam\My Documents\cc_20100725_215458.reg [2010/07/25 21:50:36 | 000,000,689 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\CCleaner.lnk [2010/07/24 00:49:48 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/07/24 00:49:48 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/07/24 00:49:48 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/07/24 00:49:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/07/24 00:49:47 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/07/24 00:49:47 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/07/24 00:49:47 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/07/24 00:49:47 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/07/24 00:49:47 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/07/24 00:49:47 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/07/24 00:49:47 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/07/24 00:49:46 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/07/24 00:49:46 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/07/24 00:49:45 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/07/24 00:49:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/07/24 00:49:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/07/24 00:49:45 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010/07/24 00:49:45 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/07/24 00:49:44 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/07/24 00:49:44 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/07/24 00:49:44 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/07/24 00:49:44 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/07/24 00:49:44 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/07/24 00:49:44 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/07/24 00:49:44 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/07/24 00:49:44 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/07/24 00:49:44 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/07/24 00:49:44 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/07/24 00:49:44 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/07/24 00:49:44 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/07/24 00:49:44 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/07/24 00:49:44 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/07/24 00:49:44 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/07/24 00:49:44 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/07/24 00:49:44 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/07/24 00:49:44 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/07/24 00:49:44 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/07/24 00:49:44 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/07/24 00:49:44 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/07/24 00:49:44 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/07/24 00:49:43 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/07/24 00:49:43 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/07/24 00:49:43 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/07/24 00:49:43 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010/07/24 00:49:43 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/07/24 00:49:43 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010/07/24 00:49:43 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010/07/24 00:49:43 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010/07/24 00:49:43 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010/07/24 00:49:43 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010/07/24 00:49:43 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/07/24 00:49:43 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010/07/24 00:49:43 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/07/24 00:49:43 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010/07/24 00:49:43 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010/07/24 00:49:43 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010/07/24 00:49:43 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/07/24 00:49:43 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010/07/24 00:49:43 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010/07/24 00:49:43 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010/07/24 00:49:43 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010/07/24 00:49:43 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010/07/24 00:49:43 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010/07/24 00:49:42 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/07/24 00:49:42 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/07/24 00:49:42 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/07/24 00:49:42 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/07/24 00:49:41 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/07/24 00:49:41 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/07/24 00:49:41 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/07/24 00:49:41 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/07/24 00:49:40 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/07/24 00:49:40 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010/07/24 00:49:40 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/07/24 00:49:40 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/07/24 00:49:40 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/07/24 00:49:40 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/07/24 00:49:40 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/07/24 00:49:40 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/07/24 00:49:40 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/07/24 00:49:40 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/07/24 00:49:40 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/07/24 00:46:16 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx [2010/07/24 00:46:16 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll [2010/07/24 00:01:22 | 000,001,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2010/07/23 18:08:59 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2010/07/23 18:08:59 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2010/07/23 15:29:07 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/23 14:39:33 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\HiJackThis.lnk [2010/07/22 16:49:47 | 000,000,517 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\AOL Saved Files.lnk [2010/07/21 14:37:46 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\DVD Shrink 3.2.lnk [2010/07/21 00:19:39 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\vso_ts_preview.xml [2010/07/21 00:19:22 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\pcouffin.log [2010/07/21 00:19:11 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\pcouffin.cat [2010/07/21 00:19:11 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\pcouffin.inf [2010/07/21 00:09:45 | 000,697,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010/07/20 00:24:08 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\liam\My Documents\My Sharing Folders.lnk [2010/07/15 00:50:21 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\burnaware.ini [2010/06/24 16:20:08 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\liam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/23 20:07:18 | 000,013,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\string.ini [2010/05/24 20:33:00 | 004,670,829 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2010/05/24 20:33:00 | 001,529,856 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2010/05/24 20:33:00 | 001,447,921 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll [2010/05/24 20:33:00 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2010/05/24 20:33:00 | 000,810,113 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010/05/24 20:33:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2010/05/24 20:33:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll [2010/05/24 20:33:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll [2010/05/24 20:33:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2010/05/24 20:33:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2010/05/24 20:33:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2010/05/24 20:33:00 | 000,139,944 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2010/05/24 20:33:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2010/05/24 20:33:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll [2010/05/24 20:33:00 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010/05/24 20:33:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2010/05/24 20:33:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2010/05/19 21:59:20 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2010/05/19 21:59:10 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2010/05/19 21:59:02 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2010/05/19 21:58:52 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2010/05/19 21:58:18 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2010/05/19 21:58:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll [2010/05/19 21:57:42 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll [2010/05/19 21:57:26 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll [2010/05/19 21:55:40 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2010/05/19 21:55:36 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2010/03/27 13:10:31 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2010/03/27 13:10:31 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2010/03/27 13:10:31 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2009/06/07 17:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/01/10 23:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll [2008/11/06 16:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008/08/11 22:37:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\ssresources.dll [2008/08/11 22:37:06 | 000,020,481 | ---- | C] () -- C:\WINDOWS\System32\SystemsHook.dll [2007/10/14 20:44:48 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI [2007/10/14 20:33:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt [2007/10/14 20:29:52 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2007/10/13 10:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini [2007/04/01 22:44:59 | 000,001,404 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2006/12/30 21:17:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL [2006/10/06 16:23:28 | 000,000,097 | ---- | C] () -- C:\WINDOWS\ALBUM.INI [2006/07/01 19:56:42 | 000,000,739 | ---- | C] () -- C:\WINDOWS\STImgBrowser.INI [2006/07/01 19:51:31 | 000,102,912 | R--- | C] () -- C:\WINDOWS\System32\JPEGCODE.DLL [2006/05/29 15:52:33 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll [2006/05/29 15:52:31 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll [2006/03/18 18:07:16 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini [2006/02/15 20:19:58 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2006/02/15 20:18:58 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX4800EFGIPSD.ini [2005/10/16 14:13:02 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2005/09/14 21:09:18 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PS5_SETUP.ini [2005/09/10 17:07:44 | 000,000,540 | ---- | C] () -- C:\WINDOWS\AppRun.ini [2005/09/08 13:46:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/09/08 12:33:27 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2005/09/08 12:33:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2005/09/08 12:33:26 | 001,900,544 | ---- | C] () -- C:\WINDOWS\System32\cmiwcnfg.dll [2005/09/08 12:33:26 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2005/09/08 12:33:25 | 000,059,998 | ---- | C] () -- C:\WINDOWS\Cmuda.ini [2005/09/08 12:33:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2005/09/08 12:27:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL [2005/07/11 22:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL [2004/03/23 00:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll [2003/08/21 03:42:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini [2003/08/21 03:41:57 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2003/08/21 03:41:56 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2003/08/21 03:41:56 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2003/08/21 03:41:56 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2003/08/21 01:41:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\wklnhst.dat [2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/07/05 15:12:06 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\authdvd.dll [2000/11/24 18:05:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL ========== Custom Scans ========== < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > [2010/07/21 00:09:47 | 000,697,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2005/09/08 12:39:55 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2005/09/08 12:39:55 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2005/09/08 12:39:55 | 000,380,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\*.sys > [2003/03/31 13:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys [2003/03/11 19:15:08 | 000,009,919 | ---- | M] (AOpen Inc.) -- C:\WINDOWS\system32\AONMDI.SYS [2003/03/31 13:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys [2010/01/20 17:53:06 | 000,013,192 | ---- | M] () -- C:\WINDOWS\system32\epmntdrv.sys [2010/01/20 17:53:04 | 000,008,456 | ---- | M] () -- C:\WINDOWS\system32\EuGdiDrv.sys [2003/03/31 13:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys [2003/03/31 13:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys [2003/03/31 13:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys [2003/03/31 13:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys [2003/03/31 13:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys [2003/03/31 13:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys [2003/03/31 13:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys [2003/03/31 13:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys [2004/08/03 22:45:10 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys [2004/08/03 22:45:16 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys [2004/08/03 22:45:12 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys [2004/08/03 22:45:16 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys [2004/08/03 22:45:14 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys [2005/09/08 13:32:55 | 000,002,368 | ---- | M] (AntiCracking) -- C:\WINDOWS\system32\SVKP.sys [2005/08/29 19:08:38 | 000,368,256 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\vsdatant.sys [2008/04/14 00:15:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys [2010/06/23 14:44:04 | 001,851,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys [2004/01/13 19:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\ZDPNDIS5.SYS < %systemroot%\system32\drivers\*.dll > [2008/04/14 05:41:50 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll [2008/04/14 05:41:50 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll [2008/04/14 05:41:50 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll [2008/04/14 05:41:50 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll [2008/04/14 05:41:50 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll [2008/04/14 05:41:50 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll [2008/04/14 05:41:50 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll [2008/04/14 05:41:52 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll [2008/04/14 05:41:52 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll [2008/04/14 05:41:52 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll [2008/04/14 05:41:52 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll [2008/04/14 05:41:52 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll [2008/04/14 05:41:52 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll [2008/04/14 05:42:06 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll [2008/04/14 05:42:10 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll < %systemroot%\system32\drivers\*.ini > [2007/08/07 10:38:12 | 000,013,768 | ---- | M] () -- C:\WINDOWS\system32\drivers\string.ini < %systemroot%\system32\drivers\*.exe > < %SYSTEMDRIVE%\*.* > [2003/08/21 03:42:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2005/12/05 20:30:34 | 000,562,494 | RHS- | M] () -- C:\AVG7DB_F.DAT [2005/10/10 08:00:02 | 012,283,633 | ---- | M] () -- C:\AVG7QT.DAT [2010/07/22 17:00:42 | 000,000,293 | ---- | M] () -- C:\BcBtRmv.log [2010/03/27 13:37:24 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2003/08/22 00:44:27 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr [2003/08/21 03:42:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2003/08/21 04:14:55 | 000,000,182 | ---- | M] () -- C:\drwtsn32.log [2003/08/21 03:42:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2003/08/21 03:42:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2005/09/08 12:12:48 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010/07/24 00:43:47 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/08/17 12:55:28 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys [2008/03/29 19:49:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2008/09/08 22:30:04 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2009/10/27 23:50:31 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm [2009/10/27 23:58:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2009/10/28 00:02:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm [2009/10/28 00:17:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm [2010/03/26 20:47:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm [2010/03/26 23:06:45 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm [2010/03/27 00:09:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm [2010/03/27 00:25:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm [2010/03/27 11:15:31 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm [2010/03/27 11:21:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm [2007/12/30 09:18:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm [2008/01/05 09:43:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm [2008/03/02 10:10:53 | 000,000,292 | -H-- | M] () -- C:\sqmdata14.sqm [2008/01/05 09:35:50 | 000,000,292 | -H-- | M] () -- C:\sqmdata15.sqm [2008/01/22 19:45:35 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm [2008/01/28 07:35:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm [2003/08/21 01:19:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm [2008/01/06 09:35:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm [2008/03/29 19:49:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2008/09/08 22:30:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2009/10/27 23:50:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2009/10/27 23:58:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2009/10/28 00:02:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm [2009/10/28 00:17:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm [2010/03/26 20:47:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm [2010/03/26 23:06:45 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2010/03/27 00:09:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm [2010/03/27 00:25:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2010/03/27 11:15:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2010/03/27 11:21:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2007/12/30 09:18:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2008/01/05 09:43:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2008/03/02 10:10:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2008/01/05 09:35:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2008/01/22 19:45:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm [2008/01/28 07:35:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm [2003/08/21 01:19:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm [2008/01/06 09:35:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm < %PROGRAMFILES%\*. > [2010/08/14 16:57:37 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip [2005/09/08 12:47:40 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2010/07/22 16:43:38 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead [2005/09/08 12:47:28 | 000,000,000 | ---D | M] -- C:\Program Files\AOpen [2010/07/22 16:54:13 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update [2006/07/01 19:52:37 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft [2010/07/24 00:01:09 | 000,000,000 | ---D | M] -- C:\Program Files\Avira [2010/06/23 20:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Belkin [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\Bt ahead [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\C-mcsoft [2005/09/08 12:33:18 | 000,000,000 | ---D | M] -- C:\Program Files\C-Media 3D Audio [2010/07/25 21:50:37 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2010/08/15 19:16:50 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2010/07/21 14:37:46 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Shrink [2010/03/27 13:10:26 | 000,000,000 | ---D | M] -- C:\Program Files\EASEUS [2010/07/22 16:54:14 | 000,000,000 | ---D | M] -- C:\Program Files\EPSON [2010/07/27 00:37:20 | 000,000,000 | ---D | M] -- C:\Program Files\ESET [2007/10/14 10:58:50 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft [2010/07/22 16:54:14 | 000,000,000 | ---D | M] -- C:\Program Files\ImgBurn [2010/07/22 16:54:14 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2010/08/15 20:05:03 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2005/09/08 12:52:01 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\Intlorer [2010/07/25 21:45:48 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2010/03/27 11:58:01 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire [2007/09/30 14:39:13 | 000,000,000 | ---D | M] -- C:\Program Files\LiveUpdate [2010/07/23 15:29:07 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/03/27 11:56:20 | 000,000,000 | ---D | M] -- C:\Program Files\Maple 10 [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\Maxipod [2010/07/19 23:50:47 | 000,000,000 | ---D | M] -- C:\Program Files\Maxis [2010/07/24 01:09:55 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger [2010/07/20 00:15:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft [2006/11/25 12:42:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync [2007/10/14 11:10:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware [2005/09/08 13:51:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AutoRoute [2005/09/08 13:55:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Encarta [2005/09/08 11:52:07 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage [2005/09/08 13:49:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Money [2003/08/21 01:49:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2005/09/08 13:53:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Picture It! 9 [2003/08/21 01:19:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio [2005/09/08 13:47:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2005/09/08 13:44:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works Suite 2004 [2007/09/30 14:39:07 | 000,000,000 | ---D | M] -- C:\Program Files\mobile PhoneTools [2010/08/15 19:17:57 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2010/07/28 01:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2010/06/28 02:16:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2005/09/08 11:48:46 | 000,000,000 | ---D | M] -- C:\Program Files\MSN [2005/09/12 21:34:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Apps [2005/09/08 11:48:35 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone [2010/06/25 20:29:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0 [2010/07/21 00:36:01 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\Netcsoft [2010/07/24 00:46:30 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting [2006/12/30 21:18:10 | 000,000,000 | ---D | M] -- C:\Program Files\NewSoft [2010/07/28 01:47:58 | 000,000,000 | ---D | M] -- C:\Program Files\NirSoft [2005/09/08 11:50:45 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services [2010/07/24 01:04:58 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express [2007/02/26 20:08:26 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2 [2010/08/14 15:47:03 | 000,000,000 | ---D | M] -- C:\Program Files\PowerISO [2010/07/22 16:54:15 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2005/09/10 17:13:28 | 000,000,000 | ---D | M] -- C:\Program Files\Real [2010/06/28 02:16:45 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2010/07/19 23:55:41 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung [2005/09/08 12:38:10 | 000,000,000 | ---D | M] -- C:\Program Files\SiSLan [2010/07/22 16:54:15 | 000,000,000 | ---D | M] -- C:\Program Files\Skype [2010/08/14 16:18:16 | 000,000,000 | ---D | M] -- C:\Program Files\Sports Interactive [2010/07/22 16:54:15 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy [2005/09/12 21:27:03 | 000,000,000 | ---D | M] -- C:\Program Files\SpywareBlaster [2010/07/25 22:02:25 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware [2010/07/23 14:39:32 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro [2003/08/21 03:42:02 | 000,000,000 | ---D | M] -- C:\Program Files\Trojan Remover [2005/09/08 13:33:07 | 000,000,000 | ---D | M] -- C:\Program Files\Tweak-XP Pro [2010/03/27 11:32:08 | 000,000,000 | ---D | M] -- C:\Program Files\TweakNow RegCleaner [2010/07/31 20:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent [2010/07/11 14:48:21 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2005/09/10 17:14:12 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint [2010/07/31 22:50:54 | 000,000,000 | ---D | M] -- C:\Program Files\VSO [2005/12/17 19:43:59 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish [2010/07/19 23:49:50 | 000,000,000 | ---D | M] -- C:\Program Files\WebcamMax [2010/07/20 00:15:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2010/07/20 00:14:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive [2010/07/24 01:12:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2010/07/24 00:46:26 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2008/08/11 22:44:29 | 000,000,000 | ---D | M] -- C:\Program Files\XAimer [2005/09/08 11:52:07 | 000,000,000 | ---D | M] -- C:\Program Files\xerox [2006/11/24 23:13:34 | 000,000,000 | -H-D | M] -- C:\Program Files\Zero G Registry < %appdata%\*.* > [2010/07/20 23:32:06 | 000,000,284 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\burnaware.ini [2005/09/08 12:41:32 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\liam\Application Data\desktop.ini [2010/07/31 22:51:21 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\inst.exe [2010/07/31 22:51:21 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.cat [2010/07/31 22:51:20 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.inf [2010/07/31 22:51:27 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.log [2010/07/31 22:51:21 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\liam\Application Data\pcouffin.sys [2010/08/01 15:19:27 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\vso_ts_preview.xml [2003/08/21 01:41:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\wklnhst.dat < MD5 for: AGP440.SYS > [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sy s [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sy s [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\agp440.sys [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys < MD5 for: ATAPI.SYS > [2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFi les\i386\atapi.sys < MD5 for: DISK.SYS > [2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:disk.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2004/08/03 22:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/14 00:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\disk.sys [2008/04/14 00:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys < MD5 for: EVENTLOG.DLL > [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\eventlog.dll [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004/08/04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: NETLOGON.DLL > [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\netlogon.dll [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll [2009/02/06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009/02/06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [2004/08/04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2004/08/04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\scecli.dll [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USBSTOR.SYS > [2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbstor.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbstor.s ys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.s ys [2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys [2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys [2008/04/13 19:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\usbstor.sys [2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-15 19:33:54 ========== Alternate Data Streams ========== @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 < End of report >	bigamzz (15898)
1129259	2010-08-17 13:54:00	========== Files - Modified Within 30 Days ========== [2010/08/17 12:55:35 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/08/17 12:55:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/08/17 01:54:25 | 003,932,160 | -H-- | M] () -- C:\Documents and Settings\liam\NTUSER.DAT [2010/08/17 01:54:25 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\liam\ntuser.ini [2010/08/17 01:17:54 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\liam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/17 00:29:04 | 1462,822,684 | ---- | M] () -- C:\Documents and Settings\liam\My Documents\Iron Man 2.avi [2010/08/16 23:05:04 | 839,395,328 | ---- | M] () -- C:\Documents and Settings\liam\My Documents\iron man 1.avi [2010/08/16 19:36:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/08/15 20:31:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/08/15 20:28:47 | 000,000,770 | ---- | M] () -- C:\WINDOWS\win.ini [2010/08/15 20:16:01 | 000,756,964 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/08/15 20:16:01 | 000,618,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/08/15 20:16:01 | 000,144,456 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/08/15 19:41:29 | 000,228,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/08/14 16:26:38 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Football Manager 2010.lnk [2010/08/14 16:05:57 | 000,013,760 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/08/14 15:47:04 | 000,000,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2010/08/03 22:12:42 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\HiJackThis.lnk [2010/08/01 15:19:27 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\vso_ts_preview.xml [2010/07/31 22:51:21 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\inst.exe [2010/07/31 22:51:21 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\liam\Application Data\pcouffin.sys [2010/07/31 22:51:21 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.cat [2010/07/31 22:51:20 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.inf [2010/07/31 22:51:18 | 000,000,866 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\ConvertXtoDVD 4.lnk [2010/07/31 22:51:18 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk [2010/07/31 20:59:07 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2010/07/31 20:59:07 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2010/07/31 15:59:41 | 000,059,792 | ---- | M] () -- C:\Documents and Settings\liam\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/07/27 07:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010/07/26 22:19:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/07/25 22:02:20 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\SUPERAntiSpyware Free Edition.lnk [2010/07/25 21:55:21 | 000,411,590 | ---- | M] () -- C:\Documents and Settings\liam\My Documents\cc_20100725_215458.reg [2010/07/25 21:50:36 | 000,000,689 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\CCleaner.lnk [2010/07/25 21:45:54 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe [2010/07/25 21:45:54 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe [2010/07/25 21:45:54 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe [2010/07/25 21:45:54 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl [2010/07/25 21:45:53 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll [2010/07/24 02:11:18 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010/07/24 01:14:01 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/07/24 00:43:47 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/07/24 00:01:22 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2010/07/23 18:08:59 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2010/07/23 18:08:59 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2010/07/23 15:29:07 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/23 15:05:42 | 000,000,782 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS.TRB [2010/07/23 14:17:21 | 004,286,044 | -H-- | M] () -- C:\Documents and Settings\liam\Local Settings\Application Data\IconCache.db [2010/07/22 16:49:47 | 000,000,517 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\AOL Saved Files.lnk [2010/07/22 16:49:47 | 000,000,004 | ---- | M] () -- C:\WINDOWS\msoffice.ini [2010/07/21 14:37:46 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\DVD Shrink 3.2.lnk [2010/07/21 00:09:47 | 000,697,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010/07/20 23:32:06 | 000,000,284 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\burnaware.ini [2010/07/20 00:24:08 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\liam\My Documents\My Sharing Folders.lnk [2010/07/18 22:16:30 | 000,126,590 | ---- | M] () -- C:\Documents and Settings\liam\Desktop\bluescreenview_setup.exe [1 C:\WINDOWS\*.tmp files - > C:\WINDOWS\*.tmp - > ] ========== Files Created - No Company Name ========== [2010/08/17 00:52:21 | 1462,822,684 | ---- | C] () -- C:\Documents and Settings\liam\My Documents\Iron Man 2.avi [2010/08/17 00:50:45 | 839,395,328 | ---- | C] () -- C:\Documents and Settings\liam\My Documents\iron man 1.avi [2010/08/15 20:05:40 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010/08/14 16:26:34 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Football Manager 2010.lnk [2010/08/14 15:47:04 | 000,000,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk [2010/07/31 22:51:21 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\inst.exe [2010/07/31 22:51:18 | 000,000,866 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\ConvertXtoDVD 4.lnk [2010/07/31 22:51:18 | 000,000,852 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk [2010/07/31 20:59:07 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2010/07/31 20:59:07 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2010/07/28 01:47:32 | 000,126,590 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\bluescreenview_setup.exe [2010/07/26 16:09:40 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010/07/26 16:09:37 | 000,260,272 | ---- | C] () -- C:\cmldr [2010/07/26 16:07:37 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/07/26 16:07:37 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010/07/25 22:02:20 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\SUPERAntiSpyware Free Edition.lnk [2010/07/25 21:55:00 | 000,411,590 | ---- | C] () -- C:\Documents and Settings\liam\My Documents\cc_20100725_215458.reg [2010/07/25 21:50:36 | 000,000,689 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\CCleaner.lnk [2010/07/24 00:49:48 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/07/24 00:49:48 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/07/24 00:49:48 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/07/24 00:49:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/07/24 00:49:47 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/07/24 00:49:47 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/07/24 00:49:47 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/07/24 00:49:47 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/07/24 00:49:47 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/07/24 00:49:47 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/07/24 00:49:47 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/07/24 00:49:46 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/07/24 00:49:46 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/07/24 00:49:45 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/07/24 00:49:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/07/24 00:49:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/07/24 00:49:45 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010/07/24 00:49:45 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/07/24 00:49:44 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/07/24 00:49:44 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/07/24 00:49:44 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/07/24 00:49:44 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/07/24 00:49:44 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/07/24 00:49:44 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/07/24 00:49:44 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/07/24 00:49:44 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/07/24 00:49:44 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/07/24 00:49:44 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/07/24 00:49:44 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/07/24 00:49:44 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/07/24 00:49:44 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/07/24 00:49:44 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/07/24 00:49:44 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/07/24 00:49:44 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/07/24 00:49:44 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/07/24 00:49:44 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/07/24 00:49:44 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/07/24 00:49:44 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/07/24 00:49:44 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/07/24 00:49:44 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/07/24 00:49:43 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/07/24 00:49:43 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/07/24 00:49:43 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/07/24 00:49:43 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010/07/24 00:49:43 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/07/24 00:49:43 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010/07/24 00:49:43 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010/07/24 00:49:43 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010/07/24 00:49:43 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010/07/24 00:49:43 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010/07/24 00:49:43 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/07/24 00:49:43 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010/07/24 00:49:43 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/07/24 00:49:43 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010/07/24 00:49:43 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010/07/24 00:49:43 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010/07/24 00:49:43 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/07/24 00:49:43 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010/07/24 00:49:43 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010/07/24 00:49:43 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010/07/24 00:49:43 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010/07/24 00:49:43 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010/07/24 00:49:43 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010/07/24 00:49:42 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/07/24 00:49:42 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/07/24 00:49:42 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/07/24 00:49:42 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/07/24 00:49:41 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/07/24 00:49:41 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/07/24 00:49:41 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/07/24 00:49:41 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/07/24 00:49:40 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/07/24 00:49:40 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010/07/24 00:49:40 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/07/24 00:49:40 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/07/24 00:49:40 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/07/24 00:49:40 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/07/24 00:49:40 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/07/24 00:49:40 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/07/24 00:49:40 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/07/24 00:49:40 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/07/24 00:49:40 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/07/24 00:46:16 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx [2010/07/24 00:46:16 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll [2010/07/24 00:01:22 | 000,001,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2010/07/23 18:08:59 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2010/07/23 18:08:59 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2010/07/23 15:29:07 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/23 14:39:33 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\HiJackThis.lnk [2010/07/22 16:49:47 | 000,000,517 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\AOL Saved Files.lnk [2010/07/21 14:37:46 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\liam\Desktop\DVD Shrink 3.2.lnk [2010/07/21 00:19:39 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\vso_ts_preview.xml [2010/07/21 00:19:22 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\pcouffin.log [2010/07/21 00:19:11 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\pcouffin.cat [2010/07/21 00:19:11 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\pcouffin.inf [2010/07/21 00:09:45 | 000,697,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010/07/20 00:24:08 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\liam\My Documents\My Sharing Folders.lnk [2010/07/15 00:50:21 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\burnaware.ini [2010/06/24 16:20:08 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\liam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/23 20:07:18 | 000,013,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\string.ini [2010/05/24 20:33:00 | 004,670,829 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2010/05/24 20:33:00 | 001,529,856 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2010/05/24 20:33:00 | 001,447,921 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll [2010/05/24 20:33:00 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2010/05/24 20:33:00 | 000,810,113 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010/05/24 20:33:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2010/05/24 20:33:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll [2010/05/24 20:33:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll [2010/05/24 20:33:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2010/05/24 20:33:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2010/05/24 20:33:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2010/05/24 20:33:00 | 000,139,944 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2010/05/24 20:33:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2010/05/24 20:33:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll [2010/05/24 20:33:00 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010/05/24 20:33:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2010/05/24 20:33:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2010/05/19 21:59:20 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2010/05/19 21:59:10 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2010/05/19 21:59:02 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2010/05/19 21:58:52 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2010/05/19 21:58:18 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2010/05/19 21:58:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll [2010/05/19 21:57:42 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll [2010/05/19 21:57:26 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll [2010/05/19 21:55:40 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2010/05/19 21:55:36 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2010/03/27 13:10:31 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2010/03/27 13:10:31 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2010/03/27 13:10:31 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2009/06/07 17:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/01/10 23:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll [2008/11/06 16:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008/08/11 22:37:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\ssresources.dll [2008/08/11 22:37:06 | 000,020,481 | ---- | C] () -- C:\WINDOWS\System32\SystemsHook.dll [2007/10/14 20:44:48 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI [2007/10/14 20:33:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt [2007/10/14 20:29:52 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2007/10/13 10:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini [2007/04/01 22:44:59 | 000,001,404 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2006/12/30 21:17:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL [2006/10/06 16:23:28 | 000,000,097 | ---- | C] () -- C:\WINDOWS\ALBUM.INI [2006/07/01 19:56:42 | 000,000,739 | ---- | C] () -- C:\WINDOWS\STImgBrowser.INI [2006/07/01 19:51:31 | 000,102,912 | R--- | C] () -- C:\WINDOWS\System32\JPEGCODE.DLL [2006/05/29 15:52:33 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll [2006/05/29 15:52:31 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll [2006/03/18 18:07:16 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini [2006/02/15 20:19:58 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2006/02/15 20:18:58 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX4800EFGIPSD.ini [2005/10/16 14:13:02 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2005/09/14 21:09:18 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PS5_SETUP.ini [2005/09/10 17:07:44 | 000,000,540 | ---- | C] () -- C:\WINDOWS\AppRun.ini [2005/09/08 13:46:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/09/08 12:33:27 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2005/09/08 12:33:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2005/09/08 12:33:26 | 001,900,544 | ---- | C] () -- C:\WINDOWS\System32\cmiwcnfg.dll [2005/09/08 12:33:26 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2005/09/08 12:33:25 | 000,059,998 | ---- | C] () -- C:\WINDOWS\Cmuda.ini [2005/09/08 12:33:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2005/09/08 12:27:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL [2005/07/11 22:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL [2004/03/23 00:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll [2003/08/21 03:42:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini [2003/08/21 03:41:57 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2003/08/21 03:41:56 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2003/08/21 03:41:56 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2003/08/21 03:41:56 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2003/08/21 01:41:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\liam\Application Data\wklnhst.dat [2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/07/05 15:12:06 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\authdvd.dll [2000/11/24 18:05:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL ========== Custom Scans ========== < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > [2010/07/21 00:09:47 | 000,697,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2005/09/08 12:39:55 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2005/09/08 12:39:55 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2005/09/08 12:39:55 | 000,380,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\*.sys > [2003/03/31 13:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys [2003/03/11 19:15:08 | 000,009,919 | ---- | M] (AOpen Inc.) -- C:\WINDOWS\system32\AONMDI.SYS [2003/03/31 13:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys [2010/01/20 17:53:06 | 000,013,192 | ---- | M] () -- C:\WINDOWS\system32\epmntdrv.sys [2010/01/20 17:53:04 | 000,008,456 | ---- | M] () -- C:\WINDOWS\system32\EuGdiDrv.sys [2003/03/31 13:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys [2003/03/31 13:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys [2003/03/31 13:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys [2003/03/31 13:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys [2003/03/31 13:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys [2003/03/31 13:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys [2003/03/31 13:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys [2003/03/31 13:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys [2004/08/03 22:45:10 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys [2004/08/03 22:45:16 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys [2004/08/03 22:45:12 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys [2004/08/03 22:45:16 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys [2004/08/03 22:45:14 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys [2005/09/08 13:32:55 | 000,002,368 | ---- | M] (AntiCracking) -- C:\WINDOWS\system32\SVKP.sys [2005/08/29 19:08:38 | 000,368,256 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\vsdatant.sys [2008/04/14 00:15:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys [2010/06/23 14:44:04 | 001,851,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys [2004/01/13 19:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\ZDPNDIS5.SYS < %systemroot%\system32\drivers\*.dll > [2008/04/14 05:41:50 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll [2008/04/14 05:41:50 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll [2008/04/14 05:41:50 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll [2008/04/14 05:41:50 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll [2008/04/14 05:41:50 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll [2008/04/14 05:41:50 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll [2008/04/14 05:41:50 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll [2008/04/14 05:41:52 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll [2008/04/14 05:41:52 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll [2008/04/14 05:41:52 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll [2008/04/14 05:41:52 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll [2008/04/14 05:41:52 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll [2008/04/14 05:41:52 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll [2008/04/14 05:42:06 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll [2008/04/14 05:42:10 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll < %systemroot%\system32\drivers\*.ini > [2007/08/07 10:38:12 | 000,013,768 | ---- | M] () -- C:\WINDOWS\system32\drivers\string.ini < %systemroot%\system32\drivers\*.exe > < %SYSTEMDRIVE%\*.* > [2003/08/21 03:42:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2005/12/05 20:30:34 | 000,562,494 | RHS- | M] () -- C:\AVG7DB_F.DAT [2005/10/10 08:00:02 | 012,283,633 | ---- | M] () -- C:\AVG7QT.DAT [2010/07/22 17:00:42 | 000,000,293 | ---- | M] () -- C:\BcBtRmv.log [2010/03/27 13:37:24 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2003/08/22 00:44:27 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr [2003/08/21 03:42:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2003/08/21 04:14:55 | 000,000,182 | ---- | M] () -- C:\drwtsn32.log [2003/08/21 03:42:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2003/08/21 03:42:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2005/09/08 12:12:48 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010/07/24 00:43:47 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/08/17 12:55:28 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys [2008/03/29 19:49:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2008/09/08 22:30:04 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2009/10/27 23:50:31 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm [2009/10/27 23:58:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2009/10/28 00:02:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm [2009/10/28 00:17:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm [2010/03/26 20:47:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm [2010/03/26 23:06:45 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm [2010/03/27 00:09:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm [2010/03/27 00:25:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm [2010/03/27 11:15:31 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm [2010/03/27 11:21:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm [2007/12/30 09:18:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm [2008/01/05 09:43:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm [2008/03/02 10:10:53 | 000,000,292 | -H-- | M] () -- C:\sqmdata14.sqm [2008/01/05 09:35:50 | 000,000,292 | -H-- | M] () -- C:\sqmdata15.sqm [2008/01/22 19:45:35 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm [2008/01/28 07:35:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm [2003/08/21 01:19:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm [2008/01/06 09:35:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm [2008/03/29 19:49:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2008/09/08 22:30:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2009/10/27 23:50:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2009/10/27 23:58:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2009/10/28 00:02:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm [2009/10/28 00:17:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm [2010/03/26 20:47:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm [2010/03/26 23:06:45 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2010/03/27 00:09:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm [2010/03/27 00:25:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2010/03/27 11:15:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2010/03/27 11:21:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2007/12/30 09:18:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2008/01/05 09:43:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2008/03/02 10:10:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2008/01/05 09:35:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2008/01/22 19:45:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm [2008/01/28 07:35:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm [2003/08/21 01:19:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm [2008/01/06 09:35:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm < %PROGRAMFILES%\*. > [2010/08/14 16:57:37 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip [2005/09/08 12:47:40 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2010/07/22 16:43:38 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead [2005/09/08 12:47:28 | 000,000,000 | ---D | M] -- C:\Program Files\AOpen [2010/07/22 16:54:13 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update [2006/07/01 19:52:37 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft [2010/07/24 00:01:09 | 000,000,000 | ---D | M] -- C:\Program Files\Avira [2010/06/23 20:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Belkin [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\Bt ahead [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\C-mcsoft [2005/09/08 12:33:18 | 000,000,000 | ---D | M] -- C:\Program Files\C-Media 3D Audio [2010/07/25 21:50:37 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2010/08/15 19:16:50 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2010/07/21 14:37:46 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Shrink [2010/03/27 13:10:26 | 000,000,000 | ---D | M] -- C:\Program Files\EASEUS [2010/07/22 16:54:14 | 000,000,000 | ---D | M] -- C:\Program Files\EPSON [2010/07/27 00:37:20 | 000,000,000 | ---D | M] -- C:\Program Files\ESET [2007/10/14 10:58:50 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft [2010/07/22 16:54:14 | 000,000,000 | ---D | M] -- C:\Program Files\ImgBurn [2010/07/22 16:54:14 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2010/08/15 20:05:03 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2005/09/08 12:52:01 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\Intlorer [2010/07/25 21:45:48 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2010/03/27 11:58:01 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire [2007/09/30 14:39:13 | 000,000,000 | ---D | M] -- C:\Program Files\LiveUpdate [2010/07/23 15:29:07 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/03/27 11:56:20 | 000,000,000 | ---D | M] -- C:\Program Files\Maple 10 [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\Maxipod [2010/07/19 23:50:47 | 000,000,000 | ---D | M] -- C:\Program Files\Maxis [2010/07/24 01:09:55 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger [2010/07/20 00:15:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft [2006/11/25 12:42:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync [2007/10/14 11:10:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware [2005/09/08 13:51:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AutoRoute [2005/09/08 13:55:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Encarta [2005/09/08 11:52:07 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage [2005/09/08 13:49:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Money [2003/08/21 01:49:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2005/09/08 13:53:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Picture It! 9 [2003/08/21 01:19:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio [2005/09/08 13:47:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2005/09/08 13:44:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works Suite 2004 [2007/09/30 14:39:07 | 000,000,000 | ---D | M] -- C:\Program Files\mobile PhoneTools [2010/08/15 19:17:57 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2010/07/28 01:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2010/06/28 02:16:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2005/09/08 11:48:46 | 000,000,000 | ---D | M] -- C:\Program Files\MSN [2005/09/12 21:34:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Apps [2005/09/08 11:48:35 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone [2010/06/25 20:29:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0 [2010/07/21 00:36:01 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software [2010/08/15 21:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\Netcsoft [2010/07/24 00:46:30 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting [2006/12/30 21:18:10 | 000,000,000 | ---D | M] -- C:\Program Files\NewSoft [2010/07/28 01:47:58 | 000,000,000 | ---D | M] -- C:\Program Files\NirSoft [2005/09/08 11:50:45 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services [2010/07/24 01:04:58 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express [2007/02/26 20:08:26 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2 [2010/08/14 15:47:03 | 000,000,000 | ---D | M] -- C:\Program Files\PowerISO [2010/07/22 16:54:15 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2005/09/10 17:13:28 | 000,000,000 | ---D | M] -- C:\Program Files\Real [2010/06/28 02:16:45 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2010/07/19 23:55:41 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung [2005/09/08 12:38:10 | 000,000,000 | ---D | M] -- C:\Program Files\SiSLan [2010/07/22 16:54:15 | 000,000,000 | ---D | M] -- C:\Program Files\Skype [2010/08/14 16:18:16 | 000,000,000 | ---D | M] -- C:\Program Files\Sports Interactive [2010/07/22 16:54:15 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy [2005/09/12 21:27:03 | 000,000,000 | ---D | M] -- C:\Program Files\SpywareBlaster [2010/07/25 22:02:25 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware [2010/07/23 14:39:32 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro [2003/08/21 03:42:02 | 000,000,000 | ---D | M] -- C:\Program Files\Trojan Remover [2005/09/08 13:33:07 | 000,000,000 | ---D | M] -- C:\Program Files\Tweak-XP Pro [2010/03/27 11:32:08 | 000,000,000 | ---D | M] -- C:\Program Files\TweakNow RegCleaner [2010/07/31 20:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent [2010/07/11 14:48:21 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2005/09/10 17:14:12 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint [2010/07/31 22:50:54 | 000,000,000 | ---D | M] -- C:\Program Files\VSO [2005/12/17 19:43:59 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish [2010/07/19 23:49:50 | 000,000,000 | ---D | M] -- C:\Program Files\WebcamMax [2010/07/20 00:15:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2010/07/20 00:14:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive [2010/07/24 01:12:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2010/07/24 00:46:26 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2008/08/11 22:44:29 | 000,000,000 | ---D | M] -- C:\Program Files\XAimer [2005/09/08 11:52:07 | 000,000,000 | ---D | M] -- C:\Program Files\xerox [2006/11/24 23:13:34 | 000,000,000 | -H-D | M] -- C:\Program Files\Zero G Registry < %appdata%\*.* > [2010/07/20 23:32:06 | 000,000,284 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\burnaware.ini [2005/09/08 12:41:32 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\liam\Application Data\desktop.ini [2010/07/31 22:51:21 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\inst.exe [2010/07/31 22:51:21 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.cat [2010/07/31 22:51:20 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.inf [2010/07/31 22:51:27 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\pcouffin.log [2010/07/31 22:51:21 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\liam\Application Data\pcouffin.sys [2010/08/01 15:19:27 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\vso_ts_preview.xml [2003/08/21 01:41:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\liam\Application Data\wklnhst.dat < MD5 for: AGP440.SYS > [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sy s [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sy s [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\agp440.sys [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys < MD5 for: ATAPI.SYS > [2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\atapi.sys [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFi les\i386\atapi.sys < MD5 for: DISK.SYS > [2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:disk.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2004/08/03 22:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/14 00:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\disk.sys [2008/04/14 00:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys < MD5 for: EVENTLOG.DLL > [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\eventlog.dll [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004/08/04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: NETLOGON.DLL > [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\netlogon.dll [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll [2009/02/06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009/02/06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [2004/08/04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2004/08/04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\scecli.dll [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USBSTOR.SYS > [2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbstor.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbstor.s ys [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.s ys [2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys [2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys [2008/04/13 19:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\usbstor.sys [2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-15 19:33:54 ========== Alternate Data Streams ========== @Alternate Data Stream - 114 bytes - > C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 < End of report >	bigamzz (15898)
1129260	2010-08-17 19:51:00	Er, how about posting a Hijackthis log instead. And what firewall are you using.	pctek (84)
1129261	2010-08-17 21:27:00	Looks like ZA is installed. And it looks like AVG, Avirt, Eset (does this inc the firewall)?? are installed. If it inc the firewall, it and ZA shouldnt be running at the same time. Uninstall one of them. You only need one Delete this imsins.BAK it looks like its a trojan. Something must have renamed it. This C:\WINDOWS\system32\SVKP.sys may belong to a trojan (its a service). What are you using as an anti-cracking program?? This file also belongs to some kind of anti-cracking program I wouldnt be surprised if it is infected. Since limewire and utorrent are installed. I would get rid of this TweakNow RegCleaner. Use that too often it'll kill windows. If you dont know what youre removing	Speedy Gonzales (78)
1129262	2010-08-18 01:35:00	i have run a super spyware and a malwarebytes scan and both have come back clean is there any other program that can help me??? and i am a pc noob i have no idea about firewalls etc all i know is im using standard windows firewall and avira anti-virus......here is a hijackthis log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 01:28:59, on 18/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Belkin\F5D7050v5\Belkinwcui.exe C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Belkin Wireless G USB Adapter Client Utility.lnk = ? O4 - Global Startup: Belkin Wireless USB Utility.lnk = C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - www.ipix.com O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - cdnimg.piczo.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - by125fd.bay125.hotmail.msn.com O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - upload.facebook.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - download.eset.com O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - img.funtigo.com O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - cdn.digitalcity.com O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7378 bytes	bigamzz (15898)
1129263	2010-08-18 02:12:00	You can tick these then tick fix checked Close browsers O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background Defrag the hdd	Speedy Gonzales (78)
1129264	2010-08-18 12:55:00	did what you said, and run combo fix...loads slightly quicker on start up but other then that its still pretty much the same	bigamzz (15898)
1129265	2010-08-18 14:25:00	I would scan it from a bootable antivirus CD such as bitdefender rescue CD. download.bitdefender.com	Agent_24 (57)
1129266	2010-08-18 14:38:00	I would scan it from a bootable antivirus CD such as bitdefender rescue CD. download.bitdefender.com what one do i download??? bitdefender rescue cd iso, or rescue new cd?? do i have to burn it onto disk???	bigamzz (15898)
1 2