OTL logfile created on: 8/3/2011 1:00:17 PM - Run 2
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.43 Gb Total Physical Memory | 2.60 Gb Available Physical Memory | 75.86% Memory free
4.77 Gb Paging File | 4.14 Gb Available in Paging File | 86.97% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 143.09 Gb Free Space | 61.44% Space Free | Partition Type: NTFS
 
Computer Name: VAR10-0304L | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/08/02 22:10:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2011/08/02 18:23:50 | 000,039,940 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\udaterui.exe
PRC - [2011/08/02 18:23:49 | 000,039,940 | ---- | M] () -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2011/08/02 18:23:49 | 000,039,940 | ---- | M] () -- C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
PRC - [2011/08/02 18:23:49 | 000,039,940 | ---- | M] () -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2011/08/02 18:23:49 | 000,039,940 | ---- | M] () -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2011/08/02 18:23:48 | 000,039,940 | ---- | M] () -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2011/05/06 13:58:08 | 000,188,568 | ---- | M] (FERRO Software) -- C:\Program Files\FERRO Software\Ferro Backup System\FBSWorker.exe
PRC - [2011/04/08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched .exe
PRC - [2011/02/04 20:07:00 | 000,147,984 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
PRC - [2011/02/04 20:07:00 | 000,069,192 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/02/04 20:07:00 | 000,066,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2011/02/04 20:07:00 | 000,027,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2011/02/04 20:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
PRC - [2010/05/12 22:33:44 | 000,288,112 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint .exe
PRC - [2010/05/10 15:24:12 | 001,803,584 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2010/04/21 00:58:54 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray .exe
PRC - [2010/04/21 00:58:54 | 000,237,650 | ---- | M] (IDT, Inc.) -- c:\Drivers\MEDIA\STHD_5.10.0.6281\stacsv.exe
PRC - [2010/04/05 11:19:50 | 000,034,232 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService .exe
PRC - [2010/03/29 12:45:48 | 001,164,648 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2010/03/29 12:45:46 | 000,132,456 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
PRC - [2010/03/23 15:22:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/02/08 16:24:06 | 001,338,224 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2010/02/08 16:20:18 | 000,376,688 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2009/11/20 17:42:48 | 000,278,304 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2009/11/02 11:40:54 | 000,657,920 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint .exe
PRC - [2009/09/25 04:50:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2009/09/25 04:50:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\udaterui .exe
PRC - [2009/09/25 04:50:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2009/09/25 04:50:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2009/09/18 03:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2009/07/07 04:06:46 | 000,737,280 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2009/02/01 00:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/11/12 13:25:48 | 001,273,856 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2008/08/08 16:53:42 | 000,058,760 | ---- | M] (IBM Corp) -- C:\Program Files\IBM\Lotus\Notes\ntmulti.exe
PRC - [2008/08/08 16:53:16 | 000,031,624 | ---- | M] (IBM Corp) -- C:\Program Files\IBM\Lotus\Notes\nslsvice.exe
PRC - [2008/06/19 18:08:44 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2008/05/08 17:16:06 | 000,098,304 | ---- | M] (iPass, Inc.) -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateService.exe
PRC - [2008/05/08 17:15:46 | 000,155,648 | ---- | M] (iPass, Inc.) -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateApp.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/08/02 22:10:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2010/08/23 18:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011/05/06 13:58:08 | 000,188,568 | ---- | M] (FERRO Software) [Auto | Running] -- C:\Program Files\FERRO Software\Ferro Backup System\FBSWorker.exe -- (FBSWorker)
SRV - [2011/02/04 20:07:00 | 000,147,984 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield)
SRV - [2011/02/04 20:07:00 | 000,069,192 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/02/04 20:07:00 | 000,066,880 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2011/02/04 20:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe -- (McAfeeEngineService)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/05/10 15:24:12 | 001,803,584 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2010/04/21 00:58:54 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Drivers\MEDIA\STHD_5.10.0.6281\stacsv.exe -- (STacSV)
SRV - [2010/03/29 12:45:48 | 001,164,648 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/02/08 16:20:18 | 000,376,688 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2010/02/03 17:24:20 | 001,032,192 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2009/11/20 17:42:48 | 000,278,304 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2009/09/25 04:50:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2009/09/18 03:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009/09/18 03:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\CCM\TSManager.exe -- (smstsmgr)
SRV - [2008/11/12 13:25:48 | 001,273,856 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2008/08/08 16:53:42 | 000,058,760 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Program Files\IBM\Lotus\Notes\ntmulti.exe -- (Multi-user Cleanup Service)
SRV - [2008/08/08 16:53:16 | 000,031,624 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Program Files\IBM\Lotus\Notes\nslsvice.exe -- (Lotus Notes Single Logon)
SRV - [2008/06/19 18:08:44 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2008/06/12 21:57:44 | 001,720,320 | ---- | M] (iPass, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPass\iPassConnect\iPassConnectEngine.exe -- (iPassConnectEngine)
SRV - [2008/05/08 17:16:06 | 000,098,304 | ---- | M] (iPass, Inc.) [Auto | Running] -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateService.exe -- (iPassPeriodicUpdateService)
SRV - [2008/05/08 17:15:46 | 000,155,648 | ---- | M] (iPass, Inc.) [On_Demand | Running] -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateApp.exe -- (iPassPeriodicUpdateApp)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/02/04 20:07:00 | 000,337,560 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/02/04 20:07:00 | 000,091,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/02/04 20:07:00 | 000,076,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/02/04 20:07:00 | 000,067,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/02/04 20:07:00 | 000,065,960 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2011/02/04 20:07:00 | 000,043,224 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/09/07 06:12:03 | 000,021,393 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\iPassP.sys -- (iPassP) iPass Protocol (IEEE 802.1x)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/05/12 22:17:00 | 000,255,096 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/05/10 15:37:28 | 000,540,288 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2010/04/21 00:58:54 | 001,660,051 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2010/02/27 01:31:24 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2010/01/19 14:50:10 | 000,235,520 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV - [2010/01/19 12:46:26 | 000,233,856 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2010/01/18 07:56:26 | 000,042,672 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelern.sys -- (Acceler)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/09/18 03:00:00 | 000,020,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009/09/17 16:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009/09/15 05:34:10 | 005,977,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2009/05/31 02:41:20 | 000,209,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2009/04/22 00:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/10/20 19:08:06 | 000,012,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smsmdm.sys -- (smsmdd)
DRV - [2008/07/09 14:52:04 | 000,106,880 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2008/06/19 18:07:50 | 000,306,299 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008/06/04 14:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2008/03/29 17:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/10/14 06:54:16 | 000,017,290 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btpmw32.sys -- (BCMTPM)
DRV - [2005/01/26 11:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2001/08/17 15:57:46 | 000,065,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3legacy.sys -- (s3legacy)
DRV - [2001/08/17 14:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://intracom
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://intracom
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://intracom
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://intracom
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
 
IE - HKU\S-1-5-21-3763034071-1641324117-2643573331-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3763034071-1641324117-2643573331-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-3763034071-1641324117-2643573331-500\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3763034071-1641324117-2643573331-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3763034071-1641324117-2643573331-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
Hosts file not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe ()
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Office Communicator\communicator.exe ()
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe ()
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe ()
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE ()
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe ()
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe ()
O4 - HKU\S-1-5-21-3763034071-1641324117-2643573331-500..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk = C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Proxy Switcher.lnk = C:\WINDOWS\Installer\{555F08C0-4695-47BB-8D9A-8E9BE43DD4E3}\_FADFE86C957E69CD685B76.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TdmNotify.lnk = C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 32000
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3763034071-1641324117-2643573331-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {479B29EF-9A2C-11D0-B696-00A0C903487A} http://www.millenniumdm.pl/teleinwestor/IE/sunloadn.cab (SunLoad Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.49 212.76.34.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eu.seb.com
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/28 11:33:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{27cd6ddf-afd7-11e0-9407-0027103872e8}\Shell - "" = AutoRun
O33 - MountPoints2\{27cd6ddf-afd7-11e0-9407-0027103872e8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{27cd6ddf-afd7-11e0-9407-0027103872e8}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/08/02 22:10:06 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/08/02 21:47:15 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2011/08/02 21:47:15 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2011/08/02 21:47:14 | 000,251,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/08/02 21:47:10 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/08/02 21:47:10 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/08/02 21:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
[2011/08/02 21:47:07 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2011/08/02 21:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/08/02 21:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/08/02 21:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\PC Tools
[2011/08/02 21:47:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/08/02 21:45:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2011/08/02 21:02:50 | 000,000,000 | ---D | C] -- C:\tds
[2011/08/02 20:51:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/08/02 20:44:05 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2011/08/02 20:34:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011/08/02 20:09:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2011/08/02 20:09:41 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/08/02 20:09:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/02 20:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/08/02 20:09:37 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/02 20:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/02 20:09:15 | 009,466,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup-1.51.1.1800.exe
[2011/08/02 20:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/08/02 20:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PackageAware
[2011/07/21 10:10:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\TNT Wiki
[2011/07/19 15:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mumble
[2011/07/19 15:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mumble
[2011/07/19 15:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble
[2011/07/19 01:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\wargaming.net
[2011/07/16 20:14:36 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2011/07/16 20:14:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sony Ericsson
[2011/07/16 20:14:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2011/07/11 22:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\EVEMon
[2010/06/28 20:42:05 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2010/06/28 16:28:33 | 003,145,728 | ---- | C] (SAP Technology,Inc) -- C:\Program Files\Common Files\sapxlhelper.dll
[2010/06/28 16:28:27 | 000,192,512 | ---- | C] (SAP Tech Inc.) -- C:\Program Files\Common Files\sapconsr3.dll
[2010/06/28 16:28:21 | 000,626,688 | ---- | C] (SAP AG) -- C:\Program Files\Common Files\sapconsaccess.dll
[2010/06/28 16:28:17 | 000,040,960 | ---- | C] (SAP-TECHNOLOGY) -- C:\Program Files\Common Files\DigitalSignature.ocx
[5 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[40 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/08/03 13:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2011/08/03 12:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2011/08/03 11:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2011/08/03 10:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2011/08/03 10:03:18 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\2ufvx1xm.exe
[2011/08/03 10:00:47 | 000,610,022 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011/08/03 10:00:47 | 000,507,918 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/03 10:00:47 | 000,089,782 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/03 09:59:50 | 000,000,463 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2011/08/03 09:57:13 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/08/03 09:57:12 | 000,002,503 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Proxy Switcher.lnk
[2011/08/03 09:56:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011/08/03 09:56:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/03 00:13:36 | 004,837,374 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2011/08/03 00:13:31 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2011/08/03 00:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/08/02 23:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2011/08/02 22:12:55 | 000,118,784 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/02 22:10:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/08/02 22:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2011/08/02 21:56:37 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2011/08/02 21:47:09 | 000,001,673 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2011/08/02 21:45:55 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\sdsetup_revwire207[1].exe
[2011/08/02 21:41:46 | 001,008,041 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\iExplore.exe
[2011/08/02 21:26:55 | 000,000,196 | -HS- | M] () -- C:\WINDOWS\9396086drv.spi
[2011/08/02 21:23:39 | 100,637,056 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\setup_11.0.0.1245.x01_2011_08_02_21_10.exe
[2011/08/02 21:18:08 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\sdsetup_revwire207.exe
[2011/08/02 21:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2011/08/02 21:02:33 | 001,388,094 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\tdsskiller.zip
[2011/08/02 20:43:45 | 000,799,120 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RegpairSetup.exe
[2011/08/02 20:30:29 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WavXMapDrive.bat
[2011/08/02 20:09:41 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/02 20:09:16 | 009,466,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup-1.51.1.1800.exe
[2011/08/02 20:05:02 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2011/08/02 15:21:49 | 000,000,423 | ---- | M] () -- C:\Documents and Settings\Administrator\snapshot.memory_dump.xml
[2011/08/02 11:13:19 | 000,080,303 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/08/01 09:59:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/21 16:22:12 | 000,003,024 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Test1.xml
[2011/07/20 17:37:46 | 001,312,381 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\tnt_wiki.zip
[2011/07/20 11:53:30 | 001,611,334 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\FountainMap.png
[2011/07/20 10:01:05 | 000,001,914 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011/07/19 15:16:51 | 000,002,377 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MumbleAutomaticCertificateBackup.p12
[2011/07/19 15:00:35 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mumble.lnk
[2011/07/19 01:08:03 | 000,000,506 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Tanks.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/04 19:35:57 | 000,001,656 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Betway.com.lnk
[5 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[40 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/08/03 10:03:14 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\2ufvx1xm.exe
[2011/08/02 21:47:09 | 000,001,673 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2011/08/02 21:45:55 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\sdsetup_revwire207[1].exe
[2011/08/02 21:41:39 | 001,008,041 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\iExplore.exe
[2011/08/02 21:26:55 | 000,000,196 | -HS- | C] () -- C:\WINDOWS\9396086drv.spi
[2011/08/02 21:23:28 | 100,637,056 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\setup_11.0.0.1245.x01_2011_08_02_21_10.exe
[2011/08/02 21:17:57 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\sdsetup_revwire207.exe
[2011/08/02 21:02:26 | 001,388,094 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\tdsskiller.zip
[2011/08/02 20:43:41 | 000,799,120 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RegpairSetup.exe
[2011/08/02 20:09:41 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2011/08/02 18:23:50 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2011/07/21 16:22:11 | 000,003,024 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Test1.xml
[2011/07/20 17:37:45 | 001,312,381 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\tnt_wiki.zip
[2011/07/20 11:53:38 | 001,611,334 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FountainMap.png
[2011/07/19 15:16:51 | 000,002,377 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MumbleAutomaticCertificateBackup.p12
[2011/07/19 15:00:35 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mumble.lnk
[2011/07/19 01:08:02 | 000,000,506 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Tanks.lnk
[2011/07/16 20:14:43 | 000,001,914 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011/05/19 13:13:15 | 000,091,154 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini
[2011/04/07 16:18:55 | 000,008,521 | ---- | C] () -- C:\WINDOWS\lmpcl2a.ini
[2011/04/02 13:19:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/25 15:48:40 | 000,000,179 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2011/01/08 21:07:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2011/01/01 21:02:27 | 000,118,784 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/29 15:37:20 | 000,000,228 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/10/05 14:23:34 | 000,000,042 | ---- | C] () -- C:\WINDOWS\sapgrph.ini
[2010/09/07 06:45:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WavXMapDrive.bat
[2010/09/07 06:43:08 | 000,071,320 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/07 06:33:21 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2010/09/07 06:30:11 | 000,000,206 | ---- | C] () -- C:\WINDOWS\hbcikrnl.ini
[2010/09/07 06:12:02 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\iPassI5Installer.exe
[2010/06/28 20:53:03 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2010/06/28 20:53:03 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2010/06/28 20:52:51 | 000,069,886 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2010/06/28 20:52:43 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2010/06/28 20:52:43 | 000,000,582 | ---- | C] () -- C:\WINDOWS\win.ini
[2010/06/28 20:52:42 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2010/06/28 20:52:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2010/06/28 20:52:39 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2010/06/28 20:52:38 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2010/06/28 20:52:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2010/06/28 20:52:33 | 000,011,753 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2010/06/28 20:52:33 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2010/06/28 20:52:33 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/06/28 20:52:32 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2010/06/28 20:52:32 | 000,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2010/06/28 20:52:31 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2010/06/28 20:52:30 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2010/06/28 20:52:30 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2010/06/28 20:52:30 | 000,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2010/06/28 20:52:30 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2010/06/28 20:52:30 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2010/06/28 20:52:30 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2010/06/28 20:52:30 | 000,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2010/06/28 20:52:30 | 000,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2010/06/28 20:52:30 | 000,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2010/06/28 20:52:29 | 000,507,918 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/28 20:52:29 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2010/06/28 20:52:29 | 000,089,782 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/28 20:52:29 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2010/06/28 20:52:29 | 000,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2010/06/28 20:52:29 | 000,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2010/06/28 20:52:29 | 000,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2010/06/28 20:52:28 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2010/06/28 20:52:27 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2010/06/28 20:52:27 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2010/06/28 20:52:27 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2010/06/28 20:52:27 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2010/06/28 20:52:27 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2010/06/28 20:52:27 | 000,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2010/06/28 20:52:27 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2010/06/28 20:52:26 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2010/06/28 20:52:26 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2010/06/28 20:52:26 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2010/06/28 20:52:26 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2010/06/28 20:52:26 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2010/06/28 20:52:26 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2010/06/28 20:52:26 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2010/06/28 20:52:26 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2010/06/28 20:52:22 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2010/06/28 20:52:22 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2010/06/28 20:52:22 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2010/06/28 20:52:22 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2010/06/28 20:52:21 | 000,010,110 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2010/06/28 20:52:20 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2010/06/28 20:52:20 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2010/06/28 20:52:20 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2010/06/28 20:52:18 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2010/06/28 20:52:18 | 000,001,131 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2010/06/28 20:52:17 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2010/06/28 20:52:17 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2010/06/28 20:52:16 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2010/06/28 20:52:16 | 000,014,710 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2010/06/28 20:52:13 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2010/06/28 20:52:12 | 000,019,694 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2010/06/28 20:52:11 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2010/06/28 20:52:10 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2010/06/28 20:52:10 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2010/06/28 20:52:10 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2010/06/28 20:52:10 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2010/06/28 20:52:09 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2010/06/28 20:52:07 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2010/06/28 20:52:06 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2010/06/28 20:52:05 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2010/06/28 20:52:05 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2010/06/28 20:52:05 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2010/06/28 20:52:04 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2010/06/28 20:52:04 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2010/06/28 20:52:04 | 000,050,620 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2010/06/28 20:52:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2010/06/28 20:52:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2010/06/28 20:52:00 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2010/06/28 20:42:07 | 000,870,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng575.bin
[2010/06/28 20:42:05 | 000,127,868 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng575.bin
[2010/06/28 20:42:03 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2010/06/28 20:16:28 | 000,000,463 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/06/28 17:36:28 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/06/28 16:40:25 | 000,011,953 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2010/06/28 16:28:21 | 000,949,760 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL_nosig.xlt
[2010/06/28 16:28:20 | 000,955,904 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL.xlt
[2010/06/28 16:11:56 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2010/06/28 16:11:56 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2010/06/28 16:11:56 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2010/06/28 16:11:55 | 001,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2010/06/28 16:11:55 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2010/06/28 16:10:00 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\vtssm32.dll
[2010/06/28 16:02:12 | 000,492,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/28 14:03:41 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2010/06/28 13:18:08 | 000,610,022 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/28 13:18:07 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/28 13:17:05 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/28 11:45:58 | 004,837,374 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/06/28 11:41:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/28 11:33:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2010/06/28 11:29:21 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/06/28 11:28:48 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/06/28 11:26:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/06/28 11:26:27 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2010/06/28 11:26:27 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2010/06/28 11:25:53 | 000,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2010/06/28 11:25:52 | 000,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2010/06/28 11:25:52 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/03/02 12:46:38 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\Wavx_ESC_Logging.dll
[2010/02/04 11:18:22 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_th.dll
[2010/02/04 11:18:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-HK.dll
[2010/02/04 11:18:20 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sl.dll
[2010/02/04 11:18:18 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sk.dll
[2010/02/04 11:18:18 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_hr.dll
[2010/02/04 11:18:12 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ro.dll
[2010/02/04 11:18:12 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_tr.dll
[2010/02/04 11:18:10 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt-BR.dll
[2010/02/04 11:18:10 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_hu.dll
[2010/02/04 11:18:08 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fi.dll
[2010/02/04 11:18:08 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_he.dll
[2010/02/04 11:18:06 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_el.dll
[2010/02/04 11:18:06 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_cs.dll
[2010/02/04 11:18:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ar.dll
[2010/02/04 11:18:04 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2010/02/04 11:18:02 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2010/02/04 11:18:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sv.dll
[2010/02/04 11:18:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2010/02/04 11:17:58 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2010/02/04 11:17:58 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pl.dll
[2010/02/04 11:17:56 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_nl.dll
[2010/02/04 11:17:56 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_no.dll
[2010/02/04 11:17:54 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2010/02/04 11:17:54 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2010/02/04 11:17:52 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2010/02/04 11:17:50 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2010/02/04 11:17:50 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2010/02/04 11:17:48 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2010/02/04 11:17:46 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_da.dll
[2010/01/19 12:44:30 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2009/11/06 15:27:22 | 000,839,680 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2009/08/26 16:25:08 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2008/06/19 18:08:52 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2008/06/19 18:08:44 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2008/03/25 09:46:00 | 000,077,536 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006/06/30 12:58:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 12:58:44 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2001/08/18 00:36:42 | 000,055,296 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001/08/18 00:36:28 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/08/02 18:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2010/09/07 06:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Broadcom
[2011/01/04 01:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canneverbe Limited
[2011/05/07 22:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EveHQ
[2011/07/29 00:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EVEMon
[2011/07/23 03:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mumble
[2011/07/03 02:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Perpetuum Planner
[2011/05/28 13:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sikuli
[2011/05/28 13:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sikuli Development Team
[2011/07/19 01:18:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\wargaming.net
[2010/09/07 06:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Wave Systems Corp
[2010/09/30 10:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/06/28 20:43:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CCP
[2011/01/08 21:02:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/04/18 14:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DRM
[2011/04/15 02:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software
[2011/04/15 02:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software Solutions
[2010/10/13 14:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iPass
[2011/03/01 12:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lotus
[2011/06/16 09:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2010/09/07 06:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2011/08/02 22:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/09/09 14:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2011/08/02 20:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2010/09/08 11:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jmach\Application Data\Broadcom
[2010/09/09 14:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jmach\Application Data\Wave Systems Corp
[2011/03/09 05:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RLewandowski\Application Data\Azureus
[2010/09/08 14:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RLewandowski\Application Data\Broadcom
[2010/09/30 10:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RLewandowski\Application Data\Canneverbe Limited
[2011/03/28 13:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RLewandowski\Application Data\EVEMon
[2011/08/01 13:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RLewandowski\Application Data\wargaming.net
[2010/09/30 10:49:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RLewandowski\Application Data\Wave Systems Corp
[2011/08/03 00:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2011/08/03 10:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2011/08/03 11:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2011/08/03 12:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2011/08/03 13:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2011/08/02 20:05:02 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2011/08/02 21:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2011/08/02 22:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2011/08/02 23:05:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/08/02 18:23:51 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >