Padající ESS

[gorman]

Ahoj, po přeinstalaci systému mi (nepravidelně) padá Eset SS. Přeinstalace dle návodu technika z Esetu nepomohla... Prosím o radu. Předem dík.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:34:41, on 2.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program_Files\ESET\egui.exe
C:\WINDOWS\system32\ctfmon.exe
G:\CdiskNemazat\Program Files\APC\apcsystray.exe
G:\CdiskNemazat\Program Files\APC\mainserv.exe
D:\Program_Files\ESET\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program_Files\Maxthon\Maxthon.exe
G:\CdiskNemazat\Program Files\Roboform\RoboTaskBarIcon.exe
G:\CdiskNemazat\Program Files\hijack\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - G:\CdiskNemazat\Program Files\Roboform\roboform.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - G:\CdiskNemazat\Program Files\Roboform\roboform.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [egui] "D:\Program_Files\ESET\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: devicom - PC·PRO.lnk = ?
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\OFFICE\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - G:\CdiskNemazat\Program Files\APC\mainserv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program_Files\ESET\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4973 bytes

[Rudy]

Zdravím!
Poprosím o log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 . Je podrobnější, než log HijackThis.

[gorman]

Zde:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Gorman at 2012-11-02 20:24:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (21%) free of 12 GB
Total RAM: 1535 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:24:57, on 2.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program_Files\ESET\egui.exe
C:\WINDOWS\system32\ctfmon.exe
G:\CdiskNemazat\Program Files\APC\apcsystray.exe
G:\CdiskNemazat\Program Files\APC\mainserv.exe
D:\Program_Files\ESET\ekrn.exe
C:\WINDOWS\system32\svchost.exe
D:\Program_Files\Maxthon\Maxthon.exe
G:\CdiskNemazat\Program Files\Roboform\RoboTaskBarIcon.exe
C:\Documents and Settings\Gorman\Desktop\RSIT.exe
C:\Program Files\trend micro\Gorman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - G:\CdiskNemazat\Program Files\Roboform\roboform.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - G:\CdiskNemazat\Program Files\Roboform\roboform.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [egui] "D:\Program_Files\ESET\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: devicom - PC·PRO.lnk = ?
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\OFFICE\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - G:\CdiskNemazat\Program Files\APC\mainserv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program_Files\ESET\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4956 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Gorman\Application Data\Mozilla\Firefox\Profiles\xzqlbjcc.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program_Files\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

G:\CdiskNemazat\Program Files\firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

G:\CdiskNemazat\Program Files\firefox\components\
binary.manifest
browsercomps.dll

G:\CdiskNemazat\Program Files\firefox\plugins\
NPOFF12.DLL
nppdf32.dll

G:\CdiskNemazat\Program Files\firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - G:\CdiskNemazat\Program Files\Roboform\roboform.dll [2012-10-14 16403224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - G:\CdiskNemazat\Program Files\Roboform\roboform.dll [2012-10-14 16403224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"egui"=D:\Program_Files\ESET\egui.exe [2012-03-07 3117344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-02-06 170496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\WINDOWS\system32\CTHELPER.EXE [2007-04-09 19456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
C:\WINDOWS\system32\CTXFIHLP.EXE [2007-04-09 19968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup]
C:\PROGRA~1\INSTAL~1\{FA762~1\setup.exe [2007-02-26 107512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WIAWizardMenu]
C:\WINDOWS\system32\sti_ci.dll [2008-04-14 136704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
G:\CdiskNemazat\Program Files\WF\WFDTV\WFWIZ.exe [2012-03-02 2920448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
G:\CdiskNemazat\Program Files\WF\WFDTV\DTVSchdl.exe [2012-04-05 101888]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
APC UPS Status.lnk - G:\CdiskNemazat\Program Files\APC\Display.exe

C:\Documents and Settings\Gorman\Start Menu\Programs\Startup
devicom - PC·PRO.lnk - C:\Program Files\DEVI\devicom - PC·PRO\PCPRO.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"D:\Program_Files\torent\uTorrent.exe"="D:\Program_Files\torent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-11-02 20:24:43 ----D---- C:\rsit
2012-11-02 20:24:43 ----D---- C:\Program Files\trend micro
2012-11-01 19:30:38 ----A---- C:\userdump.exe
2012-11-01 19:14:35 ----D---- C:\kktools
2012-10-30 20:55:59 ----D---- C:\Program Files\Google
2012-10-27 20:55:53 ----D---- C:\Program Files\Compiled Driver Disk (Sony Ericsson)
2012-10-27 20:55:43 ----D---- C:\Program Files\Compiled Driver Disk (Nokia)
2012-10-27 20:55:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-10-27 20:55:34 ----D---- C:\Program Files\Compiled Driver Disk (Apple)
2012-10-27 20:50:36 ----D---- C:\Program Files\COMPELSON Labs
2012-10-26 19:06:36 ----D---- C:\Documents and Settings\Gorman\Application Data\ACD Systems
2012-10-26 19:00:21 ----D---- C:\Program Files\ACD Systems
2012-10-26 19:00:21 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2012-10-26 19:00:20 ----A---- C:\WINDOWS\system32\drivers\pfc.sys
2012-10-26 18:57:24 ----D---- C:\WINDOWS\Downloaded Installations
2012-10-26 18:53:52 ----D---- C:\Program Files\Common Files\ACD Systems
2012-10-25 20:09:07 ----D---- C:\Documents and Settings\Gorman\Application Data\ESET
2012-10-25 20:07:12 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2012-10-25 19:58:24 ----ASH---- C:\hiberfil.sys
2012-10-23 20:34:07 ----RD---- C:\Documents and Settings\Gorman\Application Data\Brother
2012-10-23 18:45:33 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2012-10-21 21:52:24 ----D---- C:\Documents and Settings\Gorman\Application Data\uTorrent
2012-10-21 21:47:40 ----HD---- C:\WINDOWS\system32\GroupPolicy
2012-10-21 13:59:31 ----D---- C:\Documents and Settings\Gorman\Application Data\dvdcss
2012-10-20 21:16:59 ----D---- C:\Program Files\Common Files\EZB Systems
2012-10-19 19:54:29 ----A---- C:\WINDOWS\WDICT32.INI
2012-10-19 19:52:24 ----A---- C:\WINDOWS\WTRAN32.INI
2012-10-19 19:29:55 ----D---- C:\Documents and Settings\Gorman\Application Data\MOBILedit
2012-10-19 19:28:17 ----D---- C:\Documents and Settings\Gorman\Application Data\TeamViewer
2012-10-19 19:28:08 ----D---- C:\Program Files\TeamViewer
2012-10-19 19:05:05 ----D---- C:\Documents and Settings\Gorman\Application Data\Skype
2012-10-19 19:04:57 ----RD---- C:\Program Files\Skype
2012-10-19 19:04:57 ----D---- C:\Program Files\Common Files\Skype
2012-10-19 19:04:27 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2012-10-18 20:49:25 ----A---- C:\WINDOWS\wcx_ftp.ini
2012-10-18 20:05:28 ----D---- C:\Program Files\Microsoft Expression
2012-10-18 20:05:11 ----RHD---- C:\MSOCache
2012-10-18 19:38:33 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2012-10-18 19:31:13 ----D---- C:\Documents and Settings\Gorman\Application Data\kompozer.net
2012-10-17 22:05:23 ----A---- C:\WINDOWS\WINCMD.INI
2012-10-17 22:00:36 ----D---- C:\Documents and Settings\Gorman\Application Data\vlc
2012-10-17 20:38:22 ----D---- C:\Documents and Settings\Gorman\Application Data\KompoZer
2012-10-17 20:24:20 ----D---- C:\Documents and Settings\Gorman\Application Data\ArcSoft
2012-10-17 20:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\ArcSoft
2012-10-17 20:24:05 ----D---- C:\Program Files\Common Files\ArcSoft
2012-10-17 20:24:05 ----A---- C:\WINDOWS\system32\unicows.dll
2012-10-17 20:23:58 ----A---- C:\WINDOWS\system32\drivers\ULCDRHlp.sys
2012-10-17 20:23:46 ----D---- C:\Program Files\Windows Sidebar
2012-10-17 20:23:17 ----D---- C:\Documents and Settings\Gorman\Application Data\InstallShield
2012-10-16 20:11:57 ----D---- C:\Program Files\Microsoft Works
2012-10-16 20:11:45 ----D---- C:\Program Files\Microsoft Visual Studio
2012-10-16 20:11:45 ----D---- C:\Program Files\Common Files\DESIGNER
2012-10-16 20:11:32 ----D---- C:\Program Files\Microsoft.NET
2012-10-16 20:10:08 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-10-16 20:09:42 ----D---- C:\WINDOWS\SHELLNEW
2012-10-16 20:09:28 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-10-16 12:28:28 ----D---- C:\WINDOWS\system32\Adobe
2012-10-15 22:21:35 ----D---- C:\Documents and Settings\Gorman\Application Data\KOSTAL Solar Electric GmbH
2012-10-15 22:20:54 ----D---- C:\Documents and Settings\All Users\Application Data\KOSTAL Solar Electric GmbH
2012-10-15 22:18:36 ----D---- C:\WINDOWS\system32\XPSViewer
2012-10-15 22:18:33 ----D---- C:\Program Files\MSBuild
2012-10-15 22:18:28 ----D---- C:\Program Files\Reference Assemblies
2012-10-15 22:18:03 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\prntvpt.dll
2012-10-15 22:17:30 ----RSD---- C:\WINDOWS\assembly
2012-10-15 22:17:08 ----D---- C:\WINDOWS\Microsoft.NET
2012-10-15 21:51:13 ----D---- C:\Program Files\ESET
2012-10-15 21:33:48 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2012-10-15 21:33:40 ----A---- C:\WINDOWS\system32\fxtls432.dll
2012-10-15 20:33:04 ----A---- C:\WINDOWS\system32\Dvbpws.dll
2012-10-15 20:29:01 ----D---- C:\Program Files\CCleaner
2012-10-15 20:08:13 ----D---- C:\Program Files\Common Files\Ulead Systems
2012-10-15 20:04:26 ----D---- C:\Documents and Settings\Gorman\Application Data\Ahead
2012-10-15 20:03:28 ----D---- C:\Program Files\Common Files\Ahead
2012-10-15 20:00:16 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2012-10-15 20:00:16 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2012-10-15 19:47:08 ----A---- C:\WINDOWS\system32\qtintf.dll
2012-10-15 19:44:32 ----A---- C:\WINDOWS\system32\drivers\MPE.sys
2012-10-15 19:44:21 ----A---- C:\WINDOWS\system32\PsisDecd.dll
2012-10-15 19:44:18 ----A---- C:\WINDOWS\system32\drivers\BdaSup.sys
2012-10-15 19:44:12 ----A---- C:\WINDOWS\system32\NXPMV32.dll
2012-10-15 19:44:11 ----A---- C:\WINDOWS\system32\drivers\3xHybrid.sys
2012-10-15 19:42:48 ----D---- C:\WINDOWS\system32\WinFast
2012-10-15 00:56:03 ----A---- C:\WINDOWS\system32\ctbas2w.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\drivers\ctoss2k.sys
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctstatic.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctdlang.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctdaught.dat
2012-10-15 00:56:01 ----A---- C:\WINDOWS\system32\drivers\e10kx2k.sys
2012-10-15 00:42:26 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-10-15 00:31:16 ----A---- C:\WINDOWS\CTREGRUN.EXE
2012-10-15 00:30:23 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-10-15 00:30:11 ----N---- C:\WINDOWS\system32\mfcuia32.dll
2012-10-15 00:30:11 ----N---- C:\WINDOWS\system32\mfcans32.dll
2012-10-15 00:29:06 ----A---- C:\WINDOWS\SBWIN.INI
2012-10-15 00:26:04 ----N---- C:\WINDOWS\system32\PfModNT.sys
2012-10-15 00:26:04 ----D---- C:\Program Files\Creative
2012-10-15 00:26:01 ----A---- C:\WINDOWS\IsUninst.exe
2012-10-15 00:22:42 ----D---- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
2012-10-15 00:17:28 ----A---- C:\WINDOWS\BRVIDEO.INI
2012-10-15 00:17:28 ----A---- C:\WINDOWS\Brownie.ini
2012-10-15 00:17:28 ----A---- C:\WINDOWS\BRDIAG.INI
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRVPDNTA.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRVPD95A.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRRBTOOL.EXE
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BROSNMP.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\brlm03a.dll
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRGSRC32.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRGSRC16.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\Brdiag2.exe
2012-10-15 00:17:20 ----N---- C:\WINDOWS\system32\drivers\BRPAR.SYS
2012-10-15 00:17:19 ----D---- C:\Program Files\Brownie
2012-10-15 00:17:19 ----A---- C:\WINDOWS\HL-2030.INI
2012-10-15 00:17:07 ----A---- C:\WINDOWS\system32\BD2030.DAT
2012-10-15 00:17:07 ----A---- C:\WINDOWS\BRWMARK.INI
2012-10-15 00:17:02 ----N---- C:\WINDOWS\system32\drivers\usbprint.sys
2012-10-15 00:16:30 ----D---- C:\Program Files\Brother
2012-10-15 00:16:29 ----N---- C:\WINDOWS\system32\BRWEBUP.EXE
2012-10-15 00:16:29 ----A---- C:\WINDOWS\system32\Pdrvinst.dll
2012-10-15 00:16:29 ----A---- C:\WINDOWS\system32\BrWebIns.dll
2012-10-14 23:42:57 ----HD---- C:\Program Files\InstallShield Installation Information
2012-10-14 23:42:57 ----D---- C:\Program Files\DEVI
2012-10-14 23:42:51 ----D---- C:\Program Files\Common Files\InstallShield
2012-10-14 23:12:44 ----D---- C:\Documents and Settings\Gorman\Application Data\Thunderbird
2012-10-14 23:12:12 ----D---- C:\Program Files\Microsoft Office
2012-10-14 23:06:56 ----D---- C:\Program Files\MSECache
2012-10-14 22:13:07 ----D---- C:\Documents and Settings\All Users\Application Data\RoboForm
2012-10-14 22:08:00 ----D---- C:\Program Files\Siber Systems
2012-10-14 21:56:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-10-14 21:56:37 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla
2012-10-14 21:52:10 ----A---- C:\WINDOWS\system32\h323log.txt
2012-10-14 21:49:56 ----N---- C:\WINDOWS\system32\drivers\splitter.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\swmidi.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\DMusic.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\aec.sys
2012-10-14 21:49:54 ----N---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-10-14 21:49:54 ----N---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-10-14 21:49:53 ----N---- C:\WINDOWS\system32\drivers\sysaudio.sys
2012-10-14 21:49:53 ----N---- C:\WINDOWS\system32\drivers\kmixer.sys
2012-10-14 21:49:52 ----N---- C:\WINDOWS\system32\drivers\wdmaud.sys
2012-10-14 21:49:52 ----N---- C:\WINDOWS\system32\drivers\drmkaud.sys
2012-10-14 21:49:51 ----N---- C:\WINDOWS\system32\drivers\MSPQM.sys
2012-10-14 21:49:50 ----N---- C:\WINDOWS\system32\drivers\audstub.sys
2012-10-14 21:49:40 ----N---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\hidbatt.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\compbatt.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\battc.sys
2012-10-14 21:49:38 ----A---- C:\WINDOWS\system32\hidserv.dll
2012-10-14 21:49:35 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2012-10-14 21:49:34 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2012-10-14 21:49:34 ----N---- C:\WINDOWS\system32\drivers\BthEnum.sys
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\wshirda.dll
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\irmon.dll
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\irftp.exe
2012-10-14 21:49:24 ----N---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2012-10-14 21:49:13 ----N---- C:\WINDOWS\system32\drivers\redbook.sys
2012-10-14 21:49:02 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati3duag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2012-10-14 21:48:51 ----A---- C:\WINDOWS\system32\drivers\gameenum.sys
2012-10-14 21:48:50 ----N---- C:\WINDOWS\system32\drivers\enum1394.sys
2012-10-14 21:48:35 ----A---- C:\WINDOWS\system32\usbui.dll
2012-10-14 21:48:34 ----N---- C:\WINDOWS\system32\drivers\UAGP35.SYS
2012-10-14 21:48:33 ----N---- C:\WINDOWS\system32\drivers\msmpu401.sys
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\ksuser.dll
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2012-10-14 21:48:31 ----N---- C:\WINDOWS\system32\drivers\i8042prt.sys
2012-10-14 21:47:37 ----SHD---- C:\WINDOWS\Installer
2012-10-14 21:47:37 ----D---- C:\Program Files\Common Files\ODBC
2012-10-14 21:47:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-10-14 21:47:37 ----A---- C:\WINDOWS\ODBCINST.INI
2012-10-14 21:47:34 ----D---- C:\Program Files\Common Files\SpeechEngines
2012-10-14 21:47:33 ----RD---- C:\Program Files
2012-10-14 21:47:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-10-14 21:47:33 ----D---- C:\Program Files\Common Files
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdur.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdru.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2012-10-14 21:47:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2012-10-14 21:47:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdest.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdro.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2012-10-14 21:47:17 ----A---- C:\WINDOWS\system32\irclass.dll
2012-10-14 21:47:17 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\dgsetup.dll
2012-10-14 21:47:14 ----N---- C:\WINDOWS\system32\drivers\irenum.sys
2012-10-14 21:47:14 ----A---- C:\WINDOWS\TASKMAN.EXE
2012-10-14 21:47:13 ----A---- C:\WINDOWS\system32\storprop.dll
2012-10-14 21:47:13 ----A---- C:\WINDOWS\system32\batt.dll
2012-10-14 21:47:13 ----A---- C:\WINDOWS\NOTEPAD.EXE
2012-10-14 21:47:09 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2012-10-14 21:46:48 ----D---- C:\WINDOWS\system32\CatRoot2
2012-10-14 21:46:48 ----D---- C:\WINDOWS\system32\CatRoot
2012-10-14 21:46:43 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2012-10-14 21:46:24 ----N---- C:\WINDOWS\system32\drivers\videX32.sys
2012-10-14 21:46:09 ----D---- C:\Documents and Settings
2012-10-14 21:46:08 ----SHD---- C:\System Volume Information
2012-10-14 21:46:08 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-10-14 21:45:14 ----SH---- C:\boot.ini
2012-10-14 21:42:11 ----SD---- C:\WINDOWS\Offline Web Pages
2012-10-14 21:42:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-10-14 21:42:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-10-14 21:42:11 ----RSD---- C:\WINDOWS\Fonts
2012-10-14 21:42:11 ----RD---- C:\WINDOWS\Web
2012-10-14 21:42:11 ----HD---- C:\WINDOWS\inf
2012-10-14 21:42:11 ----D---- C:\WINDOWS\WinSxS
2012-10-14 21:42:11 ----D---- C:\WINDOWS\WBEM
2012-10-14 21:42:11 ----D---- C:\WINDOWS\twain_32
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Temp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\wins
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\wbem
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\usmt
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\spool
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ShellExt
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\Setup
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\scripting
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ras
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\PreInstall
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\oobe
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\npp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\mui
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\Macromed
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\inetsrv
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\IME
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\icsxml
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ias
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\export
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\en-US
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\en
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers\etc
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers\disdn
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\dhcp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\config
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\3com_dmi
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\3076
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\2052
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1054
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1042
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1041
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1037
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1033
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1031
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1028
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1025
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system
2012-10-14 21:42:11 ----D---- C:\WINDOWS\SoftwareDistribution
2012-10-14 21:42:11 ----D---- C:\WINDOWS\security
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Resources
2012-10-14 21:42:11 ----D---- C:\WINDOWS\repair
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Provisioning
2012-10-14 21:42:11 ----D---- C:\WINDOWS\pchealth
2012-10-14 21:42:11 ----D---- C:\WINDOWS\PeerNet
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Network Diagnostic
2012-10-14 21:42:11 ----D---- C:\WINDOWS\mui
2012-10-14 21:42:11 ----D---- C:\WINDOWS\msapps
2012-10-14 21:42:11 ----D---- C:\WINDOWS\msagent
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Media
2012-10-14 21:42:11 ----D---- C:\WINDOWS\L2Schemas
2012-10-14 21:42:11 ----D---- C:\WINDOWS\java
2012-10-14 21:42:11 ----D---- C:\WINDOWS\ime
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Help
2012-10-14 21:42:11 ----D---- C:\WINDOWS\ehome
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Driver Cache
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Debug
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Cursors
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Connection Wizard
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Config
2012-10-14 21:42:11 ----D---- C:\WINDOWS\AppPatch
2012-10-14 21:42:11 ----D---- C:\WINDOWS\addins
2012-10-14 21:42:11 ----D---- C:\WINDOWS\$hf_mig$
2012-10-14 21:42:11 ----D---- C:\WINDOWS
2012-10-14 21:42:11 ----ASH---- C:\pagefile.sys
2012-10-14 21:33:08 ----D---- C:\Documents and Settings\Gorman\Application Data\Mozilla
2012-10-14 21:11:42 ----N---- C:\WINDOWS\system32\drivers\NdisIP.sys
2012-10-14 21:11:41 ----N---- C:\WINDOWS\system32\drivers\StreamIP.sys
2012-10-14 21:11:39 ----N---- C:\WINDOWS\system32\drivers\SLIP.sys
2012-10-14 21:11:37 ----N---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2012-10-14 21:11:36 ----N---- C:\WINDOWS\system32\drivers\MSTEE.sys
2012-10-14 21:11:34 ----N---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2012-10-14 21:11:32 ----N---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2012-10-14 21:11:26 ----D---- C:\Program Files\Common Files\logishrd
2012-10-14 21:11:26 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2012-10-14 21:09:01 ----A---- C:\WINDOWS\system32\cttele.dll
2012-10-14 21:08:54 ----D---- C:\Documents and Settings\Gorman\Application Data\Creative
2012-10-14 21:08:54 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2012-10-14 21:08:40 ----D---- C:\WINDOWS\system32\data
2012-10-14 20:57:34 ----D---- C:\WINDOWS\Minidump
2012-10-14 20:53:29 ----D---- C:\Program Files\Common Files\Adobe
2012-10-14 20:53:29 ----D---- C:\Program Files\Adobe
2012-10-14 20:52:28 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2012-10-14 20:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-10-14 20:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-10-14 20:45:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-10-14 20:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-10-14 20:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2724197$
2012-10-14 20:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-10-14 20:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-10-14 20:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847-v2$
2012-10-14 20:44:13 ----D---- C:\Documents and Settings\Gorman\Application Data\Macromedia
2012-10-14 20:43:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-10-14 20:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2756822$
2012-10-14 20:43:26 ----D---- C:\WINDOWS\ie8updates
2012-10-14 20:43:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-10-14 20:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2012-10-14 20:43:13 ----D---- C:\Program Files\MSXML 4.0
2012-10-14 20:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-10-14 20:43:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2012-10-14 20:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2012-10-14 20:42:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$
2012-10-14 20:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-10-14 20:42:44 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-10-14 20:42:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-10-14 20:37:20 ----SHD---- C:\RECYCLER
2012-10-14 20:35:21 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-10-14 20:32:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2012-10-14 20:32:33 ----D---- C:\Documents and Settings\Gorman\Application Data\Adobe
2012-10-14 20:32:30 ----N---- C:\WINDOWS\system32\drivers\ipgdnd51.sys
2012-10-14 20:07:54 ----D---- C:\WINDOWS\system32\1029
2012-10-14 20:07:54 ----A---- C:\WINDOWS\system32\WMErrCSY.dll
2012-10-14 20:04:33 ----D---- C:\Documents and Settings\Gorman\Application Data\Identities
2012-10-14 20:04:31 ----HD---- C:\Program Files\Uninstall Information
2012-10-14 20:04:25 ----SD---- C:\Documents and Settings\Gorman\Application Data\Microsoft
2012-10-14 20:04:25 ----ASH---- C:\Documents and Settings\Gorman\Application Data\desktop.ini
2012-10-14 20:02:28 ----SD---- C:\WINDOWS\system32\Microsoft
2012-10-14 20:02:28 ----D---- C:\WINDOWS\Prefetch
2012-10-14 20:02:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-10-14 20:00:31 ----AS---- C:\WINDOWS\bootstat.dat
2012-10-14 19:58:06 ----D---- C:\WINDOWS\system32\xircom
2012-10-14 19:58:06 ----D---- C:\Program Files\xerox
2012-10-14 19:58:06 ----D---- C:\Program Files\microsoft frontpage
2012-10-14 19:57:50 ----RASH---- C:\MSDOS.SYS
2012-10-14 19:57:50 ----RASH---- C:\IO.SYS
2012-10-14 19:57:50 ----A---- C:\WINDOWS\control.ini
2012-10-14 19:57:50 ----A---- C:\CONFIG.SYS
2012-10-14 19:57:50 ----A---- C:\AUTOEXEC.BAT
2012-10-14 19:57:34 ----A---- C:\WINDOWS\system32\mapi32.dll
2012-10-14 19:56:41 ----HD---- C:\Program Files\WindowsUpdate
2012-10-14 19:56:39 ----D---- C:\Program Files\Online Services
2012-10-14 19:56:20 ----D---- C:\WINDOWS\system32\DirectX
2012-10-14 19:56:12 ----A---- C:\WINDOWS\system32\atrace.dll
2012-10-14 19:56:10 ----A---- C:\WINDOWS\system32\desktop.ini
2012-10-14 19:56:10 ----A---- C:\WINDOWS\desktop.ini
2012-10-14 19:56:03 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2012-10-14 19:56:02 ----A---- C:\WINDOWS\system32\acctres.dll
2012-10-14 19:56:01 ----D---- C:\Program Files\Common Files\Services
2012-10-14 19:55:59 ----SD---- C:\WINDOWS\Tasks
2012-10-14 19:55:59 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2012-10-14 19:55:58 ----D---- C:\Program Files\Common Files\MSSoap
2012-10-14 19:55:52 ----D---- C:\WINDOWS\srchasst
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wups.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuauserv.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\qmgr.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2012-10-14 19:55:43 ----D---- C:\Program Files\Movie Maker
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrslv.dll
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrdm.dll
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2012-10-14 19:55:23 ----A---- C:\WINDOWS\system32\racpldlg.dll
2012-10-14 19:55:20 ----N---- C:\WINDOWS\system32\drivers\fltMgr.sys
2012-10-14 19:55:20 ----A---- C:\WINDOWS\system32\fltMc.exe
2012-10-14 19:55:20 ----A---- C:\WINDOWS\system32\fltlib.dll
2012-10-14 19:55:19 ----N---- C:\WINDOWS\system32\drivers\sr.sys
2012-10-14 19:55:19 ----D---- C:\WINDOWS\system32\Restore
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srsvc.dll
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srrstr.dll
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srclient.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\msconf.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\mnmdd.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\ils.dll
2012-10-14 19:55:15 ----D---- C:\Program Files\NetMeeting
2012-10-14 19:55:15 ----A---- C:\WINDOWS\system32\msoert2.dll
2012-10-14 19:55:15 ----A---- C:\WINDOWS\system32\msoeacct.dll
2012-10-14 19:55:14 ----A---- C:\WINDOWS\system32\inetres.dll
2012-10-14 19:55:13 ----A---- C:\WINDOWS\system32\inetcomm.dll
2012-10-14 19:55:12 ----D---- C:\Program Files\Outlook Express
2012-10-14 19:55:12 ----A---- C:\WINDOWS\system32\schedsvc.dll
2012-10-14 19:55:12 ----A---- C:\WINDOWS\system32\mstinit.exe
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\mstask.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\isign32.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\inetcfg.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\icwphbk.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\icwdial.dll
2012-10-14 19:55:05 ----D---- C:\Program Files\Common Files\System
2012-10-14 19:55:04 ----D---- C:\Program Files\Internet Explorer
2012-10-14 19:54:40 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2012-10-14 19:54:38 ----D---- C:\Program Files\ComPlus Applications
2012-10-14 19:54:37 ----A---- C:\WINDOWS\vbaddin.ini
2012-10-14 19:54:37 ----A---- C:\WINDOWS\vb.ini
2012-10-14 19:54:36 ----D---- C:\WINDOWS\Registration
2012-10-14 19:54:33 ----D---- C:\Program Files\Windows Media Player
2012-10-14 19:54:25 ----D---- C:\Program Files\MSN Gaming Zone
2012-10-14 19:54:25 ----A---- C:\WINDOWS\system32\write.exe
2012-10-14 19:54:15 ----A---- C:\WINDOWS\system32\sndvol32.exe
2012-10-14 19:54:15 ----A---- C:\WINDOWS\system32\hticons.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\winchat.exe
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avwav.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avtapi.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avmeter.dll
2012-10-14 19:54:07 ----A---- C:\WINDOWS\system32\charmap.exe
2012-10-14 19:54:07 ----A---- C:\WINDOWS\system32\getuname.dll
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\winmine.exe
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\sol.exe
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\calc.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tslabels.ini
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tskill.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tscon.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\shadow.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\reset.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\mshearts.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\freecell.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\rwinsta.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\regini.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\qwinsta.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\qappsrv.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\msg.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\logoff.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\cdmodem.dll
2012-10-14 19:53:58 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2012-10-14 19:53:57 ----A---- C:\WINDOWS\system32\accwiz.exe
2012-10-14 19:53:56 ----D---- C:\Program Files\Windows NT
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\sndrec32.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\mspaint.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\mplay32.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\hypertrm.dll
2012-10-14 19:53:55 ----A---- C:\WINDOWS\system32\spider.exe
2012-10-14 19:53:55 ----A---- C:\WINDOWS\system32\clipbrd.exe
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\tdtcp.sys
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\tdpipe.sys
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\tsgqec.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\aaclient.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\remotepg.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\mstsc.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\termsrv.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\sessmgr.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdshost.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpclip.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdchost.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\qprocess.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\icaapi.dll
2012-10-14 19:53:51 ----D---- C:\WINDOWS\system32\MsDtc
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtctm.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\xolehlp.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\msdtclog.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\msdtc.exe
2012-10-14 19:53:49 ----D---- C:\WINDOWS\system32\Com
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\stclient.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\comrepl.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\comaddin.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\colbact.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\clbcatex.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\catsrvps.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\comuid.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\comsvcs.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\catsrvut.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\catsrv.dll
2012-10-14 19:53:47 ----A---- C:\WINDOWS\system32\comsnap.dll
2012-10-14 19:53:47 ----A---- C:\WINDOWS\system32\clbcatq.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\servdeps.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\mmfutil.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\licwmi.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\cmprops.dll
2012-10-14 19:53:40 ----N---- C:\WINDOWS\system32\drivers\termdd.sys
2012-10-14 19:53:40 ----N---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2012-10-14 20:08:52 ----A---- C:\WINDOWS\system.ini
2012-10-14 19:57:50 ----A---- C:\WINDOWS\win.ini
2012-10-14 19:57:23 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv61xxmm;mv61xxmm; C:\WINDOWS\system32\drivers\mv61xxmm.sys [2012-01-12 13616]
R0 mv64xxmm;mv64xxmm; C:\WINDOWS\system32\drivers\mv64xxmm.sys [2012-01-12 5632]
R0 mvxxmm;mvxxmm; C:\WINDOWS\system32\drivers\mvxxmm.sys [2012-01-12 13616]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2012-01-12 61824]
R0 uagp35;Microsoft AGPv3.5 Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2010-11-18 116608]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2010-02-11 13976]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2012-01-12 37760]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-03-14 160816]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2012-03-14 61936]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2012-01-12 226880]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2012-01-12 62848]
R3 3xHybrid;WinFast DTV1000 S; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-07-30 702336]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2012-01-12 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-13 701440]
R3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 emu10kx;Creative EMU10K1/EMU10K2 Audio Driver (WDM); C:\WINDOWS\system32\drivers\e10kx2k.sys [2001-10-02 1757928]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2012-03-14 40336]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ipgd;IC Plus IP1000 Family Gigabit Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\ipgdnd51.sys [2008-06-13 33536]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-05-09 41888]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2012-01-12 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2012-01-12 61824]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2001-09-11 186944]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2012-10-26 9856]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-05-09 1276832]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2012-01-12 12288]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2012-01-12 272128]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\WINDOWS\system32\COMMONFX.DLL []
S3 CT20XUT.DLL;CT20XUT.DLL; C:\WINDOWS\system32\CT20XUT.DLL [2007-04-12 164608]
S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2007-04-10 520488]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\WINDOWS\system32\CTAUDFX.DLL [2007-04-12 546048]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2007-04-10 347128]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\WINDOWS\system32\CTEAPSFX.DLL []
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\WINDOWS\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\WINDOWS\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\WINDOWS\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\WINDOWS\system32\CTERFXFX.DLL [2007-04-12 94976]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\WINDOWS\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\WINDOWS\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\WINDOWS\system32\CTSBLFX.DLL []
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2007-04-10 797992]
S3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2007-04-10 163112]
S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2007-04-10 189736]
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pbfilter;pbfilter; \??\G:\CdiskNemazat\Program Files\PeerBlock\pbfilter.sys []
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2012-01-12 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 APC UPS Service;APC UPS Service; G:\CdiskNemazat\Program Files\APC\mainserv.exe [2004-07-21 176241]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; D:\Program_Files\ESET\ekrn.exe [2012-03-07 913144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-30 250808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]

-----------------EOF-----------------

[Rudy]

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

[gorman]

Zde:

# AdwCleaner v2.006 - Logfile created 11/02/2012 at 21:17:05
# Updated 30/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Gorman - ALIEN-BE02FD9F6
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Gorman\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2D360201-FFF5-11D1-8D03-00A0C959BC0A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (cs)

Profile name : default
File : C:\Documents and Settings\Gorman\Application Data\Mozilla\Firefox\Profiles\xzqlbjcc.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Gorman\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1050 octets] - [02/11/2012 21:17:05]

########## EOF - C:\AdwCleaner[R1].txt - [1110 octets] ##########

[Rudy]

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

[gorman]

zde:

# AdwCleaner v2.006 - Logfile created 11/02/2012 at 21:37:08
# Updated 30/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Gorman - ALIEN-BE02FD9F6
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Gorman\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D360201-FFF5-11D1-8D03-00A0C959BC0A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (cs)

Profile name : default
File : C:\Documents and Settings\Gorman\Application Data\Mozilla\Firefox\Profiles\xzqlbjcc.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Gorman\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1179 octets] - [02/11/2012 21:17:05]
AdwCleaner[S1].txt - [1114 octets] - [02/11/2012 21:37:08]

########## EOF - C:\AdwCleaner[S1].txt - [1174 octets] ##########

[Rudy]

Dejte nový log RSIT.

[gorman]

zde:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Gorman at 2012-11-02 21:43:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (21%) free of 12 GB
Total RAM: 1535 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:43:40, on 2.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program_Files\ESET\egui.exe
C:\WINDOWS\system32\ctfmon.exe
G:\CdiskNemazat\Program Files\APC\apcsystray.exe
G:\CdiskNemazat\Program Files\APC\mainserv.exe
D:\Program_Files\ESET\ekrn.exe
C:\WINDOWS\system32\svchost.exe
D:\Program_Files\Maxthon\Maxthon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Gorman\Desktop\RSIT.exe
C:\Program Files\trend micro\Gorman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - G:\CdiskNemazat\Program Files\Roboform\roboform.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - G:\CdiskNemazat\Program Files\Roboform\roboform.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [egui] "D:\Program_Files\ESET\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: devicom - PC·PRO.lnk = ?
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\OFFICE\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - G:\CdiskNemazat\Program Files\APC\mainserv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program_Files\ESET\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4929 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Gorman\Application Data\Mozilla\Firefox\Profiles\xzqlbjcc.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program_Files\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

G:\CdiskNemazat\Program Files\firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

G:\CdiskNemazat\Program Files\firefox\components\
binary.manifest
browsercomps.dll

G:\CdiskNemazat\Program Files\firefox\plugins\
NPOFF12.DLL
nppdf32.dll

G:\CdiskNemazat\Program Files\firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - G:\CdiskNemazat\Program Files\Roboform\roboform.dll [2012-10-14 16403224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - G:\CdiskNemazat\Program Files\Roboform\roboform.dll [2012-10-14 16403224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"egui"=D:\Program_Files\ESET\egui.exe [2012-03-07 3117344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-02-06 170496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\WINDOWS\system32\CTHELPER.EXE [2007-04-09 19456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
C:\WINDOWS\system32\CTXFIHLP.EXE [2007-04-09 19968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup]
C:\PROGRA~1\INSTAL~1\{FA762~1\setup.exe [2007-02-26 107512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WIAWizardMenu]
C:\WINDOWS\system32\sti_ci.dll [2008-04-14 136704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
G:\CdiskNemazat\Program Files\WF\WFDTV\WFWIZ.exe [2012-03-02 2920448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
G:\CdiskNemazat\Program Files\WF\WFDTV\DTVSchdl.exe [2012-04-05 101888]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
APC UPS Status.lnk - G:\CdiskNemazat\Program Files\APC\Display.exe

C:\Documents and Settings\Gorman\Start Menu\Programs\Startup
devicom - PC·PRO.lnk - C:\Program Files\DEVI\devicom - PC·PRO\PCPRO.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"D:\Program_Files\torent\uTorrent.exe"="D:\Program_Files\torent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-11-02 21:37:08 ----A---- C:\AdwCleaner[S1].txt
2012-11-02 21:17:05 ----A---- C:\AdwCleaner[R1].txt
2012-11-02 20:24:43 ----D---- C:\rsit
2012-11-02 20:24:43 ----D---- C:\Program Files\trend micro
2012-11-01 19:30:38 ----A---- C:\userdump.exe
2012-11-01 19:14:35 ----D---- C:\kktools
2012-10-30 20:55:59 ----D---- C:\Program Files\Google
2012-10-27 20:55:53 ----D---- C:\Program Files\Compiled Driver Disk (Sony Ericsson)
2012-10-27 20:55:43 ----D---- C:\Program Files\Compiled Driver Disk (Nokia)
2012-10-27 20:55:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-10-27 20:55:34 ----D---- C:\Program Files\Compiled Driver Disk (Apple)
2012-10-27 20:50:36 ----D---- C:\Program Files\COMPELSON Labs
2012-10-26 19:06:36 ----D---- C:\Documents and Settings\Gorman\Application Data\ACD Systems
2012-10-26 19:00:21 ----D---- C:\Program Files\ACD Systems
2012-10-26 19:00:21 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2012-10-26 19:00:20 ----A---- C:\WINDOWS\system32\drivers\pfc.sys
2012-10-26 18:57:24 ----D---- C:\WINDOWS\Downloaded Installations
2012-10-26 18:53:52 ----D---- C:\Program Files\Common Files\ACD Systems
2012-10-25 20:09:07 ----D---- C:\Documents and Settings\Gorman\Application Data\ESET
2012-10-25 20:07:12 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2012-10-25 19:58:24 ----ASH---- C:\hiberfil.sys
2012-10-23 20:34:07 ----RD---- C:\Documents and Settings\Gorman\Application Data\Brother
2012-10-23 18:45:33 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2012-10-21 21:52:24 ----D---- C:\Documents and Settings\Gorman\Application Data\uTorrent
2012-10-21 21:47:40 ----HD---- C:\WINDOWS\system32\GroupPolicy
2012-10-21 13:59:31 ----D---- C:\Documents and Settings\Gorman\Application Data\dvdcss
2012-10-20 21:16:59 ----D---- C:\Program Files\Common Files\EZB Systems
2012-10-19 19:54:29 ----A---- C:\WINDOWS\WDICT32.INI
2012-10-19 19:52:24 ----A---- C:\WINDOWS\WTRAN32.INI
2012-10-19 19:29:55 ----D---- C:\Documents and Settings\Gorman\Application Data\MOBILedit
2012-10-19 19:28:17 ----D---- C:\Documents and Settings\Gorman\Application Data\TeamViewer
2012-10-19 19:28:08 ----D---- C:\Program Files\TeamViewer
2012-10-19 19:05:05 ----D---- C:\Documents and Settings\Gorman\Application Data\Skype
2012-10-19 19:04:57 ----RD---- C:\Program Files\Skype
2012-10-19 19:04:57 ----D---- C:\Program Files\Common Files\Skype
2012-10-19 19:04:27 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2012-10-18 20:49:25 ----A---- C:\WINDOWS\wcx_ftp.ini
2012-10-18 20:05:28 ----D---- C:\Program Files\Microsoft Expression
2012-10-18 20:05:11 ----RHD---- C:\MSOCache
2012-10-18 19:38:33 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2012-10-18 19:31:13 ----D---- C:\Documents and Settings\Gorman\Application Data\kompozer.net
2012-10-17 22:05:23 ----A---- C:\WINDOWS\WINCMD.INI
2012-10-17 22:00:36 ----D---- C:\Documents and Settings\Gorman\Application Data\vlc
2012-10-17 20:38:22 ----D---- C:\Documents and Settings\Gorman\Application Data\KompoZer
2012-10-17 20:24:20 ----D---- C:\Documents and Settings\Gorman\Application Data\ArcSoft
2012-10-17 20:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\ArcSoft
2012-10-17 20:24:05 ----D---- C:\Program Files\Common Files\ArcSoft
2012-10-17 20:24:05 ----A---- C:\WINDOWS\system32\unicows.dll
2012-10-17 20:23:58 ----A---- C:\WINDOWS\system32\drivers\ULCDRHlp.sys
2012-10-17 20:23:46 ----D---- C:\Program Files\Windows Sidebar
2012-10-17 20:23:17 ----D---- C:\Documents and Settings\Gorman\Application Data\InstallShield
2012-10-16 20:11:57 ----D---- C:\Program Files\Microsoft Works
2012-10-16 20:11:45 ----D---- C:\Program Files\Microsoft Visual Studio
2012-10-16 20:11:45 ----D---- C:\Program Files\Common Files\DESIGNER
2012-10-16 20:11:32 ----D---- C:\Program Files\Microsoft.NET
2012-10-16 20:10:08 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-10-16 20:09:42 ----D---- C:\WINDOWS\SHELLNEW
2012-10-16 20:09:28 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-10-16 12:28:28 ----D---- C:\WINDOWS\system32\Adobe
2012-10-15 22:21:35 ----D---- C:\Documents and Settings\Gorman\Application Data\KOSTAL Solar Electric GmbH
2012-10-15 22:20:54 ----D---- C:\Documents and Settings\All Users\Application Data\KOSTAL Solar Electric GmbH
2012-10-15 22:18:36 ----D---- C:\WINDOWS\system32\XPSViewer
2012-10-15 22:18:33 ----D---- C:\Program Files\MSBuild
2012-10-15 22:18:28 ----D---- C:\Program Files\Reference Assemblies
2012-10-15 22:18:03 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\prntvpt.dll
2012-10-15 22:17:30 ----RSD---- C:\WINDOWS\assembly
2012-10-15 22:17:08 ----D---- C:\WINDOWS\Microsoft.NET
2012-10-15 21:51:13 ----D---- C:\Program Files\ESET
2012-10-15 21:33:48 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2012-10-15 21:33:40 ----A---- C:\WINDOWS\system32\fxtls432.dll
2012-10-15 20:33:04 ----A---- C:\WINDOWS\system32\Dvbpws.dll
2012-10-15 20:29:01 ----D---- C:\Program Files\CCleaner
2012-10-15 20:08:13 ----D---- C:\Program Files\Common Files\Ulead Systems
2012-10-15 20:04:26 ----D---- C:\Documents and Settings\Gorman\Application Data\Ahead
2012-10-15 20:03:28 ----D---- C:\Program Files\Common Files\Ahead
2012-10-15 20:00:16 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2012-10-15 20:00:16 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2012-10-15 19:47:08 ----A---- C:\WINDOWS\system32\qtintf.dll
2012-10-15 19:44:32 ----A---- C:\WINDOWS\system32\drivers\MPE.sys
2012-10-15 19:44:21 ----A---- C:\WINDOWS\system32\PsisDecd.dll
2012-10-15 19:44:18 ----A---- C:\WINDOWS\system32\drivers\BdaSup.sys
2012-10-15 19:44:12 ----A---- C:\WINDOWS\system32\NXPMV32.dll
2012-10-15 19:44:11 ----A---- C:\WINDOWS\system32\drivers\3xHybrid.sys
2012-10-15 19:42:48 ----D---- C:\WINDOWS\system32\WinFast
2012-10-15 00:56:03 ----A---- C:\WINDOWS\system32\ctbas2w.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\drivers\ctoss2k.sys
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctstatic.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctdlang.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctdaught.dat
2012-10-15 00:56:01 ----A---- C:\WINDOWS\system32\drivers\e10kx2k.sys
2012-10-15 00:42:26 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-10-15 00:31:16 ----A---- C:\WINDOWS\CTREGRUN.EXE
2012-10-15 00:30:23 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-10-15 00:30:11 ----N---- C:\WINDOWS\system32\mfcuia32.dll
2012-10-15 00:30:11 ----N---- C:\WINDOWS\system32\mfcans32.dll
2012-10-15 00:29:06 ----A---- C:\WINDOWS\SBWIN.INI
2012-10-15 00:26:04 ----N---- C:\WINDOWS\system32\PfModNT.sys
2012-10-15 00:26:04 ----D---- C:\Program Files\Creative
2012-10-15 00:26:01 ----A---- C:\WINDOWS\IsUninst.exe
2012-10-15 00:22:42 ----D---- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
2012-10-15 00:17:28 ----A---- C:\WINDOWS\BRVIDEO.INI
2012-10-15 00:17:28 ----A---- C:\WINDOWS\Brownie.ini
2012-10-15 00:17:28 ----A---- C:\WINDOWS\BRDIAG.INI
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRVPDNTA.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRVPD95A.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRRBTOOL.EXE
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BROSNMP.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\brlm03a.dll
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRGSRC32.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRGSRC16.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\Brdiag2.exe
2012-10-15 00:17:20 ----N---- C:\WINDOWS\system32\drivers\BRPAR.SYS
2012-10-15 00:17:19 ----D---- C:\Program Files\Brownie
2012-10-15 00:17:19 ----A---- C:\WINDOWS\HL-2030.INI
2012-10-15 00:17:07 ----A---- C:\WINDOWS\system32\BD2030.DAT
2012-10-15 00:17:07 ----A---- C:\WINDOWS\BRWMARK.INI
2012-10-15 00:17:02 ----N---- C:\WINDOWS\system32\drivers\usbprint.sys
2012-10-15 00:16:30 ----D---- C:\Program Files\Brother
2012-10-15 00:16:29 ----N---- C:\WINDOWS\system32\BRWEBUP.EXE
2012-10-15 00:16:29 ----A---- C:\WINDOWS\system32\Pdrvinst.dll
2012-10-15 00:16:29 ----A---- C:\WINDOWS\system32\BrWebIns.dll
2012-10-14 23:42:57 ----HD---- C:\Program Files\InstallShield Installation Information
2012-10-14 23:42:57 ----D---- C:\Program Files\DEVI
2012-10-14 23:42:51 ----D---- C:\Program Files\Common Files\InstallShield
2012-10-14 23:12:44 ----D---- C:\Documents and Settings\Gorman\Application Data\Thunderbird
2012-10-14 23:12:12 ----D---- C:\Program Files\Microsoft Office
2012-10-14 23:06:56 ----D---- C:\Program Files\MSECache
2012-10-14 22:13:07 ----D---- C:\Documents and Settings\All Users\Application Data\RoboForm
2012-10-14 22:08:00 ----D---- C:\Program Files\Siber Systems
2012-10-14 21:56:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-10-14 21:56:37 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla
2012-10-14 21:52:10 ----A---- C:\WINDOWS\system32\h323log.txt
2012-10-14 21:49:56 ----N---- C:\WINDOWS\system32\drivers\splitter.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\swmidi.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\DMusic.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\aec.sys
2012-10-14 21:49:54 ----N---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-10-14 21:49:54 ----N---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-10-14 21:49:53 ----N---- C:\WINDOWS\system32\drivers\sysaudio.sys
2012-10-14 21:49:53 ----N---- C:\WINDOWS\system32\drivers\kmixer.sys
2012-10-14 21:49:52 ----N---- C:\WINDOWS\system32\drivers\wdmaud.sys
2012-10-14 21:49:52 ----N---- C:\WINDOWS\system32\drivers\drmkaud.sys
2012-10-14 21:49:51 ----N---- C:\WINDOWS\system32\drivers\MSPQM.sys
2012-10-14 21:49:50 ----N---- C:\WINDOWS\system32\drivers\audstub.sys
2012-10-14 21:49:40 ----N---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\hidbatt.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\compbatt.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\battc.sys
2012-10-14 21:49:38 ----A---- C:\WINDOWS\system32\hidserv.dll
2012-10-14 21:49:35 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2012-10-14 21:49:34 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2012-10-14 21:49:34 ----N---- C:\WINDOWS\system32\drivers\BthEnum.sys
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\wshirda.dll
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\irmon.dll
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\irftp.exe
2012-10-14 21:49:24 ----N---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2012-10-14 21:49:13 ----N---- C:\WINDOWS\system32\drivers\redbook.sys
2012-10-14 21:49:02 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati3duag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2012-10-14 21:48:51 ----A---- C:\WINDOWS\system32\drivers\gameenum.sys
2012-10-14 21:48:50 ----N---- C:\WINDOWS\system32\drivers\enum1394.sys
2012-10-14 21:48:35 ----A---- C:\WINDOWS\system32\usbui.dll
2012-10-14 21:48:34 ----N---- C:\WINDOWS\system32\drivers\UAGP35.SYS
2012-10-14 21:48:33 ----N---- C:\WINDOWS\system32\drivers\msmpu401.sys
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\ksuser.dll
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2012-10-14 21:48:31 ----N---- C:\WINDOWS\system32\drivers\i8042prt.sys
2012-10-14 21:47:37 ----SHD---- C:\WINDOWS\Installer
2012-10-14 21:47:37 ----D---- C:\Program Files\Common Files\ODBC
2012-10-14 21:47:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-10-14 21:47:37 ----A---- C:\WINDOWS\ODBCINST.INI
2012-10-14 21:47:34 ----D---- C:\Program Files\Common Files\SpeechEngines
2012-10-14 21:47:33 ----RD---- C:\Program Files
2012-10-14 21:47:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-10-14 21:47:33 ----D---- C:\Program Files\Common Files
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdur.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdru.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2012-10-14 21:47:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2012-10-14 21:47:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdest.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdro.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2012-10-14 21:47:17 ----A---- C:\WINDOWS\system32\irclass.dll
2012-10-14 21:47:17 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\dgsetup.dll
2012-10-14 21:47:14 ----N---- C:\WINDOWS\system32\drivers\irenum.sys
2012-10-14 21:47:14 ----A---- C:\WINDOWS\TASKMAN.EXE
2012-10-14 21:47:13 ----A---- C:\WINDOWS\system32\storprop.dll
2012-10-14 21:47:13 ----A---- C:\WINDOWS\system32\batt.dll
2012-10-14 21:47:13 ----A---- C:\WINDOWS\NOTEPAD.EXE
2012-10-14 21:47:09 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2012-10-14 21:46:48 ----D---- C:\WINDOWS\system32\CatRoot2
2012-10-14 21:46:48 ----D---- C:\WINDOWS\system32\CatRoot
2012-10-14 21:46:43 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2012-10-14 21:46:24 ----N---- C:\WINDOWS\system32\drivers\videX32.sys
2012-10-14 21:46:09 ----D---- C:\Documents and Settings
2012-10-14 21:46:08 ----SHD---- C:\System Volume Information
2012-10-14 21:46:08 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-10-14 21:45:14 ----SH---- C:\boot.ini
2012-10-14 21:42:11 ----SD---- C:\WINDOWS\Offline Web Pages
2012-10-14 21:42:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-10-14 21:42:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-10-14 21:42:11 ----RSD---- C:\WINDOWS\Fonts
2012-10-14 21:42:11 ----RD---- C:\WINDOWS\Web
2012-10-14 21:42:11 ----HD---- C:\WINDOWS\inf
2012-10-14 21:42:11 ----D---- C:\WINDOWS\WinSxS
2012-10-14 21:42:11 ----D---- C:\WINDOWS\WBEM
2012-10-14 21:42:11 ----D---- C:\WINDOWS\twain_32
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Temp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\wins
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\wbem
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\usmt
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\spool
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ShellExt
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\Setup
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\scripting
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ras
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\PreInstall
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\oobe
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\npp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\mui
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\Macromed
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\inetsrv
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\IME
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\icsxml
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ias
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\export
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\en-US
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\en
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers\etc
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers\disdn
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\dhcp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\config
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\3com_dmi
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\3076
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\2052
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1054
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1042
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1041
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1037
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1033
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1031
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1028
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1025
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system
2012-10-14 21:42:11 ----D---- C:\WINDOWS\SoftwareDistribution
2012-10-14 21:42:11 ----D---- C:\WINDOWS\security
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Resources
2012-10-14 21:42:11 ----D---- C:\WINDOWS\repair
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Provisioning
2012-10-14 21:42:11 ----D---- C:\WINDOWS\pchealth
2012-10-14 21:42:11 ----D---- C:\WINDOWS\PeerNet
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Network Diagnostic
2012-10-14 21:42:11 ----D---- C:\WINDOWS\mui
2012-10-14 21:42:11 ----D---- C:\WINDOWS\msapps
2012-10-14 21:42:11 ----D---- C:\WINDOWS\msagent
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Media
2012-10-14 21:42:11 ----D---- C:\WINDOWS\L2Schemas
2012-10-14 21:42:11 ----D---- C:\WINDOWS\java
2012-10-14 21:42:11 ----D---- C:\WINDOWS\ime
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Help
2012-10-14 21:42:11 ----D---- C:\WINDOWS\ehome
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Driver Cache
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Debug
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Cursors
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Connection Wizard
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Config
2012-10-14 21:42:11 ----D---- C:\WINDOWS\AppPatch
2012-10-14 21:42:11 ----D---- C:\WINDOWS\addins
2012-10-14 21:42:11 ----D---- C:\WINDOWS\$hf_mig$
2012-10-14 21:42:11 ----D---- C:\WINDOWS
2012-10-14 21:42:11 ----ASH---- C:\pagefile.sys
2012-10-14 21:33:08 ----D---- C:\Documents and Settings\Gorman\Application Data\Mozilla
2012-10-14 21:11:42 ----N---- C:\WINDOWS\system32\drivers\NdisIP.sys
2012-10-14 21:11:41 ----N---- C:\WINDOWS\system32\drivers\StreamIP.sys
2012-10-14 21:11:39 ----N---- C:\WINDOWS\system32\drivers\SLIP.sys
2012-10-14 21:11:37 ----N---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2012-10-14 21:11:36 ----N---- C:\WINDOWS\system32\drivers\MSTEE.sys
2012-10-14 21:11:34 ----N---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2012-10-14 21:11:32 ----N---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2012-10-14 21:11:26 ----D---- C:\Program Files\Common Files\logishrd
2012-10-14 21:11:26 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2012-10-14 21:09:01 ----A---- C:\WINDOWS\system32\cttele.dll
2012-10-14 21:08:54 ----D---- C:\Documents and Settings\Gorman\Application Data\Creative
2012-10-14 21:08:54 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2012-10-14 21:08:40 ----D---- C:\WINDOWS\system32\data
2012-10-14 20:57:34 ----D---- C:\WINDOWS\Minidump
2012-10-14 20:53:29 ----D---- C:\Program Files\Common Files\Adobe
2012-10-14 20:53:29 ----D---- C:\Program Files\Adobe
2012-10-14 20:52:28 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2012-10-14 20:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-10-14 20:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-10-14 20:45:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-10-14 20:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-10-14 20:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2724197$
2012-10-14 20:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-10-14 20:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-10-14 20:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847-v2$
2012-10-14 20:44:13 ----D---- C:\Documents and Settings\Gorman\Application Data\Macromedia
2012-10-14 20:43:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-10-14 20:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2756822$
2012-10-14 20:43:26 ----D---- C:\WINDOWS\ie8updates
2012-10-14 20:43:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-10-14 20:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2012-10-14 20:43:13 ----D---- C:\Program Files\MSXML 4.0
2012-10-14 20:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-10-14 20:43:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2012-10-14 20:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2012-10-14 20:42:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$
2012-10-14 20:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-10-14 20:42:44 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-10-14 20:42:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-10-14 20:37:20 ----SHD---- C:\RECYCLER
2012-10-14 20:35:21 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-10-14 20:32:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2012-10-14 20:32:33 ----D---- C:\Documents and Settings\Gorman\Application Data\Adobe
2012-10-14 20:32:30 ----N---- C:\WINDOWS\system32\drivers\ipgdnd51.sys
2012-10-14 20:07:54 ----D---- C:\WINDOWS\system32\1029
2012-10-14 20:07:54 ----A---- C:\WINDOWS\system32\WMErrCSY.dll
2012-10-14 20:04:33 ----D---- C:\Documents and Settings\Gorman\Application Data\Identities
2012-10-14 20:04:31 ----HD---- C:\Program Files\Uninstall Information
2012-10-14 20:04:25 ----SD---- C:\Documents and Settings\Gorman\Application Data\Microsoft
2012-10-14 20:04:25 ----ASH---- C:\Documents and Settings\Gorman\Application Data\desktop.ini
2012-10-14 20:02:28 ----SD---- C:\WINDOWS\system32\Microsoft
2012-10-14 20:02:28 ----D---- C:\WINDOWS\Prefetch
2012-10-14 20:02:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-10-14 20:00:31 ----AS---- C:\WINDOWS\bootstat.dat
2012-10-14 19:58:06 ----D---- C:\WINDOWS\system32\xircom
2012-10-14 19:58:06 ----D---- C:\Program Files\xerox
2012-10-14 19:58:06 ----D---- C:\Program Files\microsoft frontpage
2012-10-14 19:57:50 ----RASH---- C:\MSDOS.SYS
2012-10-14 19:57:50 ----RASH---- C:\IO.SYS
2012-10-14 19:57:50 ----A---- C:\WINDOWS\control.ini
2012-10-14 19:57:50 ----A---- C:\CONFIG.SYS
2012-10-14 19:57:50 ----A---- C:\AUTOEXEC.BAT
2012-10-14 19:57:34 ----A---- C:\WINDOWS\system32\mapi32.dll
2012-10-14 19:56:41 ----HD---- C:\Program Files\WindowsUpdate
2012-10-14 19:56:39 ----D---- C:\Program Files\Online Services
2012-10-14 19:56:20 ----D---- C:\WINDOWS\system32\DirectX
2012-10-14 19:56:12 ----A---- C:\WINDOWS\system32\atrace.dll
2012-10-14 19:56:10 ----A---- C:\WINDOWS\system32\desktop.ini
2012-10-14 19:56:10 ----A---- C:\WINDOWS\desktop.ini
2012-10-14 19:56:03 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2012-10-14 19:56:02 ----A---- C:\WINDOWS\system32\acctres.dll
2012-10-14 19:56:01 ----D---- C:\Program Files\Common Files\Services
2012-10-14 19:55:59 ----SD---- C:\WINDOWS\Tasks
2012-10-14 19:55:59 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2012-10-14 19:55:58 ----D---- C:\Program Files\Common Files\MSSoap
2012-10-14 19:55:52 ----D---- C:\WINDOWS\srchasst
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wups.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuauserv.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\qmgr.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2012-10-14 19:55:43 ----D---- C:\Program Files\Movie Maker
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrslv.dll
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrdm.dll
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2012-10-14 19:55:23 ----A---- C:\WINDOWS\system32\racpldlg.dll
2012-10-14 19:55:20 ----N---- C:\WINDOWS\system32\drivers\fltMgr.sys
2012-10-14 19:55:20 ----A---- C:\WINDOWS\system32\fltMc.exe
2012-10-14 19:55:20 ----A---- C:\WINDOWS\system32\fltlib.dll
2012-10-14 19:55:19 ----N---- C:\WINDOWS\system32\drivers\sr.sys
2012-10-14 19:55:19 ----D---- C:\WINDOWS\system32\Restore
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srsvc.dll
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srrstr.dll
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srclient.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\msconf.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\mnmdd.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\ils.dll
2012-10-14 19:55:15 ----D---- C:\Program Files\NetMeeting
2012-10-14 19:55:15 ----A---- C:\WINDOWS\system32\msoert2.dll
2012-10-14 19:55:15 ----A---- C:\WINDOWS\system32\msoeacct.dll
2012-10-14 19:55:14 ----A---- C:\WINDOWS\system32\inetres.dll
2012-10-14 19:55:13 ----A---- C:\WINDOWS\system32\inetcomm.dll
2012-10-14 19:55:12 ----D---- C:\Program Files\Outlook Express
2012-10-14 19:55:12 ----A---- C:\WINDOWS\system32\schedsvc.dll
2012-10-14 19:55:12 ----A---- C:\WINDOWS\system32\mstinit.exe
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\mstask.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\isign32.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\inetcfg.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\icwphbk.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\icwdial.dll
2012-10-14 19:55:05 ----D---- C:\Program Files\Common Files\System
2012-10-14 19:55:04 ----D---- C:\Program Files\Internet Explorer
2012-10-14 19:54:40 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2012-10-14 19:54:38 ----D---- C:\Program Files\ComPlus Applications
2012-10-14 19:54:37 ----A---- C:\WINDOWS\vbaddin.ini
2012-10-14 19:54:37 ----A---- C:\WINDOWS\vb.ini
2012-10-14 19:54:36 ----D---- C:\WINDOWS\Registration
2012-10-14 19:54:33 ----D---- C:\Program Files\Windows Media Player
2012-10-14 19:54:25 ----D---- C:\Program Files\MSN Gaming Zone
2012-10-14 19:54:25 ----A---- C:\WINDOWS\system32\write.exe
2012-10-14 19:54:15 ----A---- C:\WINDOWS\system32\sndvol32.exe
2012-10-14 19:54:15 ----A---- C:\WINDOWS\system32\hticons.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\winchat.exe
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avwav.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avtapi.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avmeter.dll
2012-10-14 19:54:07 ----A---- C:\WINDOWS\system32\charmap.exe
2012-10-14 19:54:07 ----A---- C:\WINDOWS\system32\getuname.dll
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\winmine.exe
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\sol.exe
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\calc.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tslabels.ini
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tskill.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tscon.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\shadow.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\reset.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\mshearts.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\freecell.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\rwinsta.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\regini.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\qwinsta.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\qappsrv.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\msg.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\logoff.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\cdmodem.dll
2012-10-14 19:53:58 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2012-10-14 19:53:57 ----A---- C:\WINDOWS\system32\accwiz.exe
2012-10-14 19:53:56 ----D---- C:\Program Files\Windows NT
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\sndrec32.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\mspaint.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\mplay32.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\hypertrm.dll
2012-10-14 19:53:55 ----A---- C:\WINDOWS\system32\spider.exe
2012-10-14 19:53:55 ----A---- C:\WINDOWS\system32\clipbrd.exe
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\tdtcp.sys
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\tdpipe.sys
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\tsgqec.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\aaclient.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\remotepg.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\mstsc.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\termsrv.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\sessmgr.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdshost.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpclip.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdchost.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\qprocess.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\icaapi.dll
2012-10-14 19:53:51 ----D---- C:\WINDOWS\system32\MsDtc
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtctm.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\xolehlp.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\msdtclog.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\msdtc.exe
2012-10-14 19:53:49 ----D---- C:\WINDOWS\system32\Com
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\stclient.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\comrepl.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\comaddin.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\colbact.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\clbcatex.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\catsrvps.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\comuid.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\comsvcs.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\catsrvut.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\catsrv.dll
2012-10-14 19:53:47 ----A---- C:\WINDOWS\system32\comsnap.dll
2012-10-14 19:53:47 ----A---- C:\WINDOWS\system32\clbcatq.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\servdeps.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\mmfutil.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\licwmi.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\cmprops.dll
2012-10-14 19:53:40 ----N---- C:\WINDOWS\system32\drivers\termdd.sys
2012-10-14 19:53:40 ----N---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2012-10-14 20:08:52 ----A---- C:\WINDOWS\system.ini
2012-10-14 19:57:50 ----A---- C:\WINDOWS\win.ini
2012-10-14 19:57:23 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv61xxmm;mv61xxmm; C:\WINDOWS\system32\drivers\mv61xxmm.sys [2012-01-12 13616]
R0 mv64xxmm;mv64xxmm; C:\WINDOWS\system32\drivers\mv64xxmm.sys [2012-01-12 5632]
R0 mvxxmm;mvxxmm; C:\WINDOWS\system32\drivers\mvxxmm.sys [2012-01-12 13616]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2012-01-12 61824]
R0 uagp35;Microsoft AGPv3.5 Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2010-11-18 116608]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2010-02-11 13976]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2012-01-12 37760]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-03-14 160816]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2012-03-14 61936]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2012-01-12 226880]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2012-01-12 62848]
R3 3xHybrid;WinFast DTV1000 S; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-07-30 702336]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2012-01-12 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-13 701440]
R3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 emu10kx;Creative EMU10K1/EMU10K2 Audio Driver (WDM); C:\WINDOWS\system32\drivers\e10kx2k.sys [2001-10-02 1757928]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2012-03-14 40336]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ipgd;IC Plus IP1000 Family Gigabit Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\ipgdnd51.sys [2008-06-13 33536]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-05-09 41888]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2012-01-12 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2012-01-12 61824]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2001-09-11 186944]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2012-10-26 9856]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-05-09 1276832]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2012-01-12 12288]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2012-01-12 272128]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\WINDOWS\system32\COMMONFX.DLL []
S3 CT20XUT.DLL;CT20XUT.DLL; C:\WINDOWS\system32\CT20XUT.DLL [2007-04-12 164608]
S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2007-04-10 520488]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\WINDOWS\system32\CTAUDFX.DLL [2007-04-12 546048]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2007-04-10 347128]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\WINDOWS\system32\CTEAPSFX.DLL []
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\WINDOWS\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\WINDOWS\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\WINDOWS\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\WINDOWS\system32\CTERFXFX.DLL [2007-04-12 94976]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\WINDOWS\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\WINDOWS\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\WINDOWS\system32\CTSBLFX.DLL []
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2007-04-10 797992]
S3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2007-04-10 163112]
S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2007-04-10 189736]
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pbfilter;pbfilter; \??\G:\CdiskNemazat\Program Files\PeerBlock\pbfilter.sys []
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2012-01-12 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 APC UPS Service;APC UPS Service; G:\CdiskNemazat\Program Files\APC\mainserv.exe [2004-07-21 176241]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; D:\Program_Files\ESET\ekrn.exe [2012-03-07 913144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-30 250808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
G:\CdiskNemazat\Program Files\Roboform\roboform.dll
C:\Program Files\Skype\Toolbars
C:\PROGRA~1\INSTAL~1\{FA762~1\setup.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[gorman]

Buhužel mi po restartu "zmizel" Roboform, který používám k přihlašování...
zde:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Gorman at 2012-11-03 07:42:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (29%) free of 12 GB
Total RAM: 1535 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:42:22, on 3.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
G:\CdiskNemazat\Program Files\APC\mainserv.exe
D:\Program_Files\ESET\ekrn.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program_Files\ESET\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DEVI\devicom - PC·PRO\PCPRO.exe
C:\WINDOWS\system32\wuauclt.exe
G:\CdiskNemazat\Program Files\APC\apcsystray.exe
D:\Program_Files\Maxthon\Maxthon.exe
C:\Documents and Settings\Gorman\Desktop\RSIT.exe
C:\Program Files\trend micro\Gorman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [egui] "D:\Program_Files\ESET\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: devicom - PC·PRO.lnk = ?
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\OFFICE\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - G:\CdiskNemazat\Program Files\APC\mainserv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program_Files\ESET\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4646 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Gorman\Application Data\Mozilla\Firefox\Profiles\xzqlbjcc.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program_Files\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

G:\CdiskNemazat\Program Files\firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

G:\CdiskNemazat\Program Files\firefox\components\
binary.manifest
browsercomps.dll

G:\CdiskNemazat\Program Files\firefox\plugins\
NPOFF12.DLL
nppdf32.dll

G:\CdiskNemazat\Program Files\firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"egui"=D:\Program_Files\ESET\egui.exe [2012-03-07 3117344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-02-06 170496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\WINDOWS\system32\CTHELPER.EXE [2007-04-09 19456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
C:\WINDOWS\system32\CTXFIHLP.EXE [2007-04-09 19968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WIAWizardMenu]
C:\WINDOWS\system32\sti_ci.dll [2008-04-14 136704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
G:\CdiskNemazat\Program Files\WF\WFDTV\WFWIZ.exe [2012-03-02 2920448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
G:\CdiskNemazat\Program Files\WF\WFDTV\DTVSchdl.exe [2012-04-05 101888]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
APC UPS Status.lnk - G:\CdiskNemazat\Program Files\APC\Display.exe

C:\Documents and Settings\Gorman\Start Menu\Programs\Startup
devicom - PC·PRO.lnk - C:\Program Files\DEVI\devicom - PC·PRO\PCPRO.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"D:\Program_Files\torent\uTorrent.exe"="D:\Program_Files\torent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-11-03 07:38:04 ----D---- C:\_OTM
2012-11-02 21:37:08 ----A---- C:\AdwCleaner[S1].txt
2012-11-02 21:17:05 ----A---- C:\AdwCleaner[R1].txt
2012-11-02 20:24:43 ----D---- C:\rsit
2012-11-02 20:24:43 ----D---- C:\Program Files\trend micro
2012-11-01 19:30:38 ----A---- C:\userdump.exe
2012-11-01 19:14:35 ----D---- C:\kktools
2012-10-30 20:55:59 ----D---- C:\Program Files\Google
2012-10-27 20:55:53 ----D---- C:\Program Files\Compiled Driver Disk (Sony Ericsson)
2012-10-27 20:55:43 ----D---- C:\Program Files\Compiled Driver Disk (Nokia)
2012-10-27 20:55:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-10-27 20:55:34 ----D---- C:\Program Files\Compiled Driver Disk (Apple)
2012-10-27 20:50:36 ----D---- C:\Program Files\COMPELSON Labs
2012-10-26 19:06:36 ----D---- C:\Documents and Settings\Gorman\Application Data\ACD Systems
2012-10-26 19:00:21 ----D---- C:\Program Files\ACD Systems
2012-10-26 19:00:21 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2012-10-26 19:00:20 ----A---- C:\WINDOWS\system32\drivers\pfc.sys
2012-10-26 18:57:24 ----D---- C:\WINDOWS\Downloaded Installations
2012-10-26 18:53:52 ----D---- C:\Program Files\Common Files\ACD Systems
2012-10-25 20:09:07 ----D---- C:\Documents and Settings\Gorman\Application Data\ESET
2012-10-25 20:07:12 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2012-10-25 19:58:24 ----ASH---- C:\hiberfil.sys
2012-10-23 20:34:07 ----RD---- C:\Documents and Settings\Gorman\Application Data\Brother
2012-10-23 18:45:33 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2012-10-21 21:52:24 ----D---- C:\Documents and Settings\Gorman\Application Data\uTorrent
2012-10-21 21:47:40 ----HD---- C:\WINDOWS\system32\GroupPolicy
2012-10-21 13:59:31 ----D---- C:\Documents and Settings\Gorman\Application Data\dvdcss
2012-10-20 21:16:59 ----D---- C:\Program Files\Common Files\EZB Systems
2012-10-19 19:54:29 ----A---- C:\WINDOWS\WDICT32.INI
2012-10-19 19:52:24 ----A---- C:\WINDOWS\WTRAN32.INI
2012-10-19 19:29:55 ----D---- C:\Documents and Settings\Gorman\Application Data\MOBILedit
2012-10-19 19:28:17 ----D---- C:\Documents and Settings\Gorman\Application Data\TeamViewer
2012-10-19 19:28:08 ----D---- C:\Program Files\TeamViewer
2012-10-19 19:05:05 ----D---- C:\Documents and Settings\Gorman\Application Data\Skype
2012-10-19 19:04:57 ----RD---- C:\Program Files\Skype
2012-10-19 19:04:57 ----D---- C:\Program Files\Common Files\Skype
2012-10-19 19:04:27 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2012-10-18 20:49:25 ----A---- C:\WINDOWS\wcx_ftp.ini
2012-10-18 20:05:28 ----D---- C:\Program Files\Microsoft Expression
2012-10-18 20:05:11 ----RHD---- C:\MSOCache
2012-10-18 19:38:33 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2012-10-18 19:31:13 ----D---- C:\Documents and Settings\Gorman\Application Data\kompozer.net
2012-10-17 22:05:23 ----A---- C:\WINDOWS\WINCMD.INI
2012-10-17 22:00:36 ----D---- C:\Documents and Settings\Gorman\Application Data\vlc
2012-10-17 20:38:22 ----D---- C:\Documents and Settings\Gorman\Application Data\KompoZer
2012-10-17 20:24:20 ----D---- C:\Documents and Settings\Gorman\Application Data\ArcSoft
2012-10-17 20:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\ArcSoft
2012-10-17 20:24:05 ----D---- C:\Program Files\Common Files\ArcSoft
2012-10-17 20:24:05 ----A---- C:\WINDOWS\system32\unicows.dll
2012-10-17 20:23:58 ----A---- C:\WINDOWS\system32\drivers\ULCDRHlp.sys
2012-10-17 20:23:46 ----D---- C:\Program Files\Windows Sidebar
2012-10-17 20:23:17 ----D---- C:\Documents and Settings\Gorman\Application Data\InstallShield
2012-10-16 20:11:57 ----D---- C:\Program Files\Microsoft Works
2012-10-16 20:11:45 ----D---- C:\Program Files\Microsoft Visual Studio
2012-10-16 20:11:45 ----D---- C:\Program Files\Common Files\DESIGNER
2012-10-16 20:11:32 ----D---- C:\Program Files\Microsoft.NET
2012-10-16 20:10:08 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-10-16 20:09:42 ----D---- C:\WINDOWS\SHELLNEW
2012-10-16 20:09:28 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-10-16 12:28:28 ----D---- C:\WINDOWS\system32\Adobe
2012-10-15 22:21:35 ----D---- C:\Documents and Settings\Gorman\Application Data\KOSTAL Solar Electric GmbH
2012-10-15 22:20:54 ----D---- C:\Documents and Settings\All Users\Application Data\KOSTAL Solar Electric GmbH
2012-10-15 22:18:36 ----D---- C:\WINDOWS\system32\XPSViewer
2012-10-15 22:18:33 ----D---- C:\Program Files\MSBuild
2012-10-15 22:18:28 ----D---- C:\Program Files\Reference Assemblies
2012-10-15 22:18:03 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2012-10-15 22:17:58 ----N---- C:\WINDOWS\system32\prntvpt.dll
2012-10-15 22:17:30 ----RSD---- C:\WINDOWS\assembly
2012-10-15 22:17:08 ----D---- C:\WINDOWS\Microsoft.NET
2012-10-15 21:51:13 ----D---- C:\Program Files\ESET
2012-10-15 21:33:48 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2012-10-15 21:33:40 ----A---- C:\WINDOWS\system32\fxtls432.dll
2012-10-15 20:33:04 ----A---- C:\WINDOWS\system32\Dvbpws.dll
2012-10-15 20:29:01 ----D---- C:\Program Files\CCleaner
2012-10-15 20:08:13 ----D---- C:\Program Files\Common Files\Ulead Systems
2012-10-15 20:04:26 ----D---- C:\Documents and Settings\Gorman\Application Data\Ahead
2012-10-15 20:03:28 ----D---- C:\Program Files\Common Files\Ahead
2012-10-15 20:00:16 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2012-10-15 20:00:16 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2012-10-15 19:47:08 ----A---- C:\WINDOWS\system32\qtintf.dll
2012-10-15 19:44:32 ----A---- C:\WINDOWS\system32\drivers\MPE.sys
2012-10-15 19:44:21 ----A---- C:\WINDOWS\system32\PsisDecd.dll
2012-10-15 19:44:18 ----A---- C:\WINDOWS\system32\drivers\BdaSup.sys
2012-10-15 19:44:12 ----A---- C:\WINDOWS\system32\NXPMV32.dll
2012-10-15 19:44:11 ----A---- C:\WINDOWS\system32\drivers\3xHybrid.sys
2012-10-15 19:42:48 ----D---- C:\WINDOWS\system32\WinFast
2012-10-15 00:56:03 ----A---- C:\WINDOWS\system32\ctbas2w.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\drivers\ctoss2k.sys
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctstatic.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctdlang.dat
2012-10-15 00:56:02 ----A---- C:\WINDOWS\system32\ctdaught.dat
2012-10-15 00:56:01 ----A---- C:\WINDOWS\system32\drivers\e10kx2k.sys
2012-10-15 00:42:26 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-10-15 00:31:16 ----A---- C:\WINDOWS\CTREGRUN.EXE
2012-10-15 00:30:23 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-10-15 00:30:11 ----N---- C:\WINDOWS\system32\mfcuia32.dll
2012-10-15 00:30:11 ----N---- C:\WINDOWS\system32\mfcans32.dll
2012-10-15 00:29:06 ----A---- C:\WINDOWS\SBWIN.INI
2012-10-15 00:26:04 ----N---- C:\WINDOWS\system32\PfModNT.sys
2012-10-15 00:26:04 ----D---- C:\Program Files\Creative
2012-10-15 00:26:01 ----A---- C:\WINDOWS\IsUninst.exe
2012-10-15 00:22:42 ----D---- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
2012-10-15 00:17:28 ----A---- C:\WINDOWS\BRVIDEO.INI
2012-10-15 00:17:28 ----A---- C:\WINDOWS\Brownie.ini
2012-10-15 00:17:28 ----A---- C:\WINDOWS\BRDIAG.INI
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRVPDNTA.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRVPD95A.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRRBTOOL.EXE
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BROSNMP.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\brlm03a.dll
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRGSRC32.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\BRGSRC16.DLL
2012-10-15 00:17:21 ----N---- C:\WINDOWS\system32\Brdiag2.exe
2012-10-15 00:17:20 ----N---- C:\WINDOWS\system32\drivers\BRPAR.SYS
2012-10-15 00:17:19 ----D---- C:\Program Files\Brownie
2012-10-15 00:17:19 ----A---- C:\WINDOWS\HL-2030.INI
2012-10-15 00:17:07 ----A---- C:\WINDOWS\system32\BD2030.DAT
2012-10-15 00:17:07 ----A---- C:\WINDOWS\BRWMARK.INI
2012-10-15 00:17:02 ----N---- C:\WINDOWS\system32\drivers\usbprint.sys
2012-10-15 00:16:30 ----D---- C:\Program Files\Brother
2012-10-15 00:16:29 ----N---- C:\WINDOWS\system32\BRWEBUP.EXE
2012-10-15 00:16:29 ----A---- C:\WINDOWS\system32\Pdrvinst.dll
2012-10-15 00:16:29 ----A---- C:\WINDOWS\system32\BrWebIns.dll
2012-10-14 23:42:57 ----HD---- C:\Program Files\InstallShield Installation Information
2012-10-14 23:42:57 ----D---- C:\Program Files\DEVI
2012-10-14 23:42:51 ----D---- C:\Program Files\Common Files\InstallShield
2012-10-14 23:12:44 ----D---- C:\Documents and Settings\Gorman\Application Data\Thunderbird
2012-10-14 23:12:12 ----D---- C:\Program Files\Microsoft Office
2012-10-14 23:06:56 ----D---- C:\Program Files\MSECache
2012-10-14 22:13:07 ----D---- C:\Documents and Settings\All Users\Application Data\RoboForm
2012-10-14 22:08:00 ----D---- C:\Program Files\Siber Systems
2012-10-14 21:56:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-10-14 21:56:37 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla
2012-10-14 21:52:10 ----A---- C:\WINDOWS\system32\h323log.txt
2012-10-14 21:49:56 ----N---- C:\WINDOWS\system32\drivers\splitter.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\swmidi.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\DMusic.sys
2012-10-14 21:49:55 ----N---- C:\WINDOWS\system32\drivers\aec.sys
2012-10-14 21:49:54 ----N---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-10-14 21:49:54 ----N---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-10-14 21:49:53 ----N---- C:\WINDOWS\system32\drivers\sysaudio.sys
2012-10-14 21:49:53 ----N---- C:\WINDOWS\system32\drivers\kmixer.sys
2012-10-14 21:49:52 ----N---- C:\WINDOWS\system32\drivers\wdmaud.sys
2012-10-14 21:49:52 ----N---- C:\WINDOWS\system32\drivers\drmkaud.sys
2012-10-14 21:49:51 ----N---- C:\WINDOWS\system32\drivers\MSPQM.sys
2012-10-14 21:49:50 ----N---- C:\WINDOWS\system32\drivers\audstub.sys
2012-10-14 21:49:40 ----N---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\hidbatt.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\compbatt.sys
2012-10-14 21:49:39 ----N---- C:\WINDOWS\system32\drivers\battc.sys
2012-10-14 21:49:38 ----A---- C:\WINDOWS\system32\hidserv.dll
2012-10-14 21:49:35 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2012-10-14 21:49:34 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2012-10-14 21:49:34 ----N---- C:\WINDOWS\system32\drivers\BthEnum.sys
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\wshirda.dll
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\irmon.dll
2012-10-14 21:49:34 ----A---- C:\WINDOWS\system32\irftp.exe
2012-10-14 21:49:24 ----N---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2012-10-14 21:49:13 ----N---- C:\WINDOWS\system32\drivers\redbook.sys
2012-10-14 21:49:02 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati3duag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2012-10-14 21:49:02 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2012-10-14 21:48:51 ----A---- C:\WINDOWS\system32\drivers\gameenum.sys
2012-10-14 21:48:50 ----N---- C:\WINDOWS\system32\drivers\enum1394.sys
2012-10-14 21:48:35 ----A---- C:\WINDOWS\system32\usbui.dll
2012-10-14 21:48:34 ----N---- C:\WINDOWS\system32\drivers\UAGP35.SYS
2012-10-14 21:48:33 ----N---- C:\WINDOWS\system32\drivers\msmpu401.sys
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\ksuser.dll
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2012-10-14 21:48:33 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2012-10-14 21:48:31 ----N---- C:\WINDOWS\system32\drivers\i8042prt.sys
2012-10-14 21:47:37 ----SHD---- C:\WINDOWS\Installer
2012-10-14 21:47:37 ----D---- C:\Program Files\Common Files\ODBC
2012-10-14 21:47:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-10-14 21:47:37 ----A---- C:\WINDOWS\ODBCINST.INI
2012-10-14 21:47:34 ----D---- C:\Program Files\Common Files\SpeechEngines
2012-10-14 21:47:33 ----RD---- C:\Program Files
2012-10-14 21:47:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-10-14 21:47:33 ----D---- C:\Program Files\Common Files
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2012-10-14 21:47:30 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdur.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2012-10-14 21:47:28 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdru.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2012-10-14 21:47:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2012-10-14 21:47:26 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2012-10-14 21:47:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2012-10-14 21:47:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2012-10-14 21:47:24 ----RA---- C:\WINDOWS\system32\kbdest.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdro.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2012-10-14 21:47:22 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2012-10-14 21:47:17 ----A---- C:\WINDOWS\system32\irclass.dll
2012-10-14 21:47:17 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2012-10-14 21:47:16 ----A---- C:\WINDOWS\system32\dgsetup.dll
2012-10-14 21:47:14 ----N---- C:\WINDOWS\system32\drivers\irenum.sys
2012-10-14 21:47:14 ----A---- C:\WINDOWS\TASKMAN.EXE
2012-10-14 21:47:13 ----A---- C:\WINDOWS\system32\storprop.dll
2012-10-14 21:47:13 ----A---- C:\WINDOWS\system32\batt.dll
2012-10-14 21:47:13 ----A---- C:\WINDOWS\NOTEPAD.EXE
2012-10-14 21:47:09 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2012-10-14 21:46:48 ----D---- C:\WINDOWS\system32\CatRoot2
2012-10-14 21:46:48 ----D---- C:\WINDOWS\system32\CatRoot
2012-10-14 21:46:43 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2012-10-14 21:46:24 ----N---- C:\WINDOWS\system32\drivers\videX32.sys
2012-10-14 21:46:09 ----D---- C:\Documents and Settings
2012-10-14 21:46:08 ----SHD---- C:\System Volume Information
2012-10-14 21:46:08 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-10-14 21:45:14 ----SH---- C:\boot.ini
2012-10-14 21:42:11 ----SD---- C:\WINDOWS\Offline Web Pages
2012-10-14 21:42:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-10-14 21:42:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-10-14 21:42:11 ----RSD---- C:\WINDOWS\Fonts
2012-10-14 21:42:11 ----RD---- C:\WINDOWS\Web
2012-10-14 21:42:11 ----HD---- C:\WINDOWS\inf
2012-10-14 21:42:11 ----D---- C:\WINDOWS\WinSxS
2012-10-14 21:42:11 ----D---- C:\WINDOWS\WBEM
2012-10-14 21:42:11 ----D---- C:\WINDOWS\twain_32
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Temp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\wins
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\wbem
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\usmt
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\spool
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ShellExt
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\Setup
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\scripting
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ras
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\PreInstall
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\oobe
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\npp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\mui
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\Macromed
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\inetsrv
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\IME
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\icsxml
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\ias
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\export
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\en-US
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\en
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers\etc
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers\disdn
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\drivers
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\dhcp
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\config
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\3com_dmi
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\3076
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\2052
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1054
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1042
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1041
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1037
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1033
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1031
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1028
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32\1025
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system32
2012-10-14 21:42:11 ----D---- C:\WINDOWS\system
2012-10-14 21:42:11 ----D---- C:\WINDOWS\SoftwareDistribution
2012-10-14 21:42:11 ----D---- C:\WINDOWS\security
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Resources
2012-10-14 21:42:11 ----D---- C:\WINDOWS\repair
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Provisioning
2012-10-14 21:42:11 ----D---- C:\WINDOWS\pchealth
2012-10-14 21:42:11 ----D---- C:\WINDOWS\PeerNet
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Network Diagnostic
2012-10-14 21:42:11 ----D---- C:\WINDOWS\mui
2012-10-14 21:42:11 ----D---- C:\WINDOWS\msapps
2012-10-14 21:42:11 ----D---- C:\WINDOWS\msagent
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Media
2012-10-14 21:42:11 ----D---- C:\WINDOWS\L2Schemas
2012-10-14 21:42:11 ----D---- C:\WINDOWS\java
2012-10-14 21:42:11 ----D---- C:\WINDOWS\ime
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Help
2012-10-14 21:42:11 ----D---- C:\WINDOWS\ehome
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Driver Cache
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Debug
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Cursors
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Connection Wizard
2012-10-14 21:42:11 ----D---- C:\WINDOWS\Config
2012-10-14 21:42:11 ----D---- C:\WINDOWS\AppPatch
2012-10-14 21:42:11 ----D---- C:\WINDOWS\addins
2012-10-14 21:42:11 ----D---- C:\WINDOWS\$hf_mig$
2012-10-14 21:42:11 ----D---- C:\WINDOWS
2012-10-14 21:42:11 ----ASH---- C:\pagefile.sys
2012-10-14 21:33:08 ----D---- C:\Documents and Settings\Gorman\Application Data\Mozilla
2012-10-14 21:11:42 ----N---- C:\WINDOWS\system32\drivers\NdisIP.sys
2012-10-14 21:11:41 ----N---- C:\WINDOWS\system32\drivers\StreamIP.sys
2012-10-14 21:11:39 ----N---- C:\WINDOWS\system32\drivers\SLIP.sys
2012-10-14 21:11:37 ----N---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2012-10-14 21:11:36 ----N---- C:\WINDOWS\system32\drivers\MSTEE.sys
2012-10-14 21:11:34 ----N---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2012-10-14 21:11:32 ----N---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2012-10-14 21:11:26 ----D---- C:\Program Files\Common Files\logishrd
2012-10-14 21:11:26 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2012-10-14 21:09:01 ----A---- C:\WINDOWS\system32\cttele.dll
2012-10-14 21:08:54 ----D---- C:\Documents and Settings\Gorman\Application Data\Creative
2012-10-14 21:08:54 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2012-10-14 21:08:40 ----D---- C:\WINDOWS\system32\data
2012-10-14 20:57:34 ----D---- C:\WINDOWS\Minidump
2012-10-14 20:53:29 ----D---- C:\Program Files\Common Files\Adobe
2012-10-14 20:53:29 ----D---- C:\Program Files\Adobe
2012-10-14 20:52:28 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2012-10-14 20:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-10-14 20:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-10-14 20:45:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-10-14 20:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-10-14 20:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2724197$
2012-10-14 20:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-10-14 20:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-10-14 20:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847-v2$
2012-10-14 20:44:13 ----D---- C:\Documents and Settings\Gorman\Application Data\Macromedia
2012-10-14 20:43:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-10-14 20:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2756822$
2012-10-14 20:43:26 ----D---- C:\WINDOWS\ie8updates
2012-10-14 20:43:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-10-14 20:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2012-10-14 20:43:13 ----D---- C:\Program Files\MSXML 4.0
2012-10-14 20:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-10-14 20:43:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2012-10-14 20:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2012-10-14 20:42:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$
2012-10-14 20:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-10-14 20:42:44 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-10-14 20:42:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-10-14 20:37:20 ----SHD---- C:\RECYCLER
2012-10-14 20:35:21 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-10-14 20:32:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2012-10-14 20:32:33 ----D---- C:\Documents and Settings\Gorman\Application Data\Adobe
2012-10-14 20:32:30 ----N---- C:\WINDOWS\system32\drivers\ipgdnd51.sys
2012-10-14 20:07:54 ----D---- C:\WINDOWS\system32\1029
2012-10-14 20:07:54 ----A---- C:\WINDOWS\system32\WMErrCSY.dll
2012-10-14 20:04:33 ----D---- C:\Documents and Settings\Gorman\Application Data\Identities
2012-10-14 20:04:31 ----HD---- C:\Program Files\Uninstall Information
2012-10-14 20:04:25 ----SD---- C:\Documents and Settings\Gorman\Application Data\Microsoft
2012-10-14 20:04:25 ----ASH---- C:\Documents and Settings\Gorman\Application Data\desktop.ini
2012-10-14 20:02:28 ----SD---- C:\WINDOWS\system32\Microsoft
2012-10-14 20:02:28 ----D---- C:\WINDOWS\Prefetch
2012-10-14 20:02:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-10-14 20:00:31 ----AS---- C:\WINDOWS\bootstat.dat
2012-10-14 19:58:06 ----D---- C:\WINDOWS\system32\xircom
2012-10-14 19:58:06 ----D---- C:\Program Files\xerox
2012-10-14 19:58:06 ----D---- C:\Program Files\microsoft frontpage
2012-10-14 19:57:50 ----RASH---- C:\MSDOS.SYS
2012-10-14 19:57:50 ----RASH---- C:\IO.SYS
2012-10-14 19:57:50 ----A---- C:\WINDOWS\control.ini
2012-10-14 19:57:50 ----A---- C:\CONFIG.SYS
2012-10-14 19:57:50 ----A---- C:\AUTOEXEC.BAT
2012-10-14 19:57:34 ----A---- C:\WINDOWS\system32\mapi32.dll
2012-10-14 19:56:41 ----HD---- C:\Program Files\WindowsUpdate
2012-10-14 19:56:39 ----D---- C:\Program Files\Online Services
2012-10-14 19:56:20 ----D---- C:\WINDOWS\system32\DirectX
2012-10-14 19:56:12 ----A---- C:\WINDOWS\system32\atrace.dll
2012-10-14 19:56:10 ----A---- C:\WINDOWS\system32\desktop.ini
2012-10-14 19:56:10 ----A---- C:\WINDOWS\desktop.ini
2012-10-14 19:56:03 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2012-10-14 19:56:02 ----A---- C:\WINDOWS\system32\acctres.dll
2012-10-14 19:56:01 ----D---- C:\Program Files\Common Files\Services
2012-10-14 19:55:59 ----SD---- C:\WINDOWS\Tasks
2012-10-14 19:55:59 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2012-10-14 19:55:58 ----D---- C:\Program Files\Common Files\MSSoap
2012-10-14 19:55:52 ----D---- C:\WINDOWS\srchasst
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wups.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuauserv.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2012-10-14 19:55:48 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\qmgr.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2012-10-14 19:55:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2012-10-14 19:55:43 ----D---- C:\Program Files\Movie Maker
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrslv.dll
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrdm.dll
2012-10-14 19:55:24 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2012-10-14 19:55:23 ----A---- C:\WINDOWS\system32\racpldlg.dll
2012-10-14 19:55:20 ----N---- C:\WINDOWS\system32\drivers\fltMgr.sys
2012-10-14 19:55:20 ----A---- C:\WINDOWS\system32\fltMc.exe
2012-10-14 19:55:20 ----A---- C:\WINDOWS\system32\fltlib.dll
2012-10-14 19:55:19 ----N---- C:\WINDOWS\system32\drivers\sr.sys
2012-10-14 19:55:19 ----D---- C:\WINDOWS\system32\Restore
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srsvc.dll
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srrstr.dll
2012-10-14 19:55:19 ----A---- C:\WINDOWS\system32\srclient.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\msconf.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\mnmdd.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2012-10-14 19:55:18 ----A---- C:\WINDOWS\system32\ils.dll
2012-10-14 19:55:15 ----D---- C:\Program Files\NetMeeting
2012-10-14 19:55:15 ----A---- C:\WINDOWS\system32\msoert2.dll
2012-10-14 19:55:15 ----A---- C:\WINDOWS\system32\msoeacct.dll
2012-10-14 19:55:14 ----A---- C:\WINDOWS\system32\inetres.dll
2012-10-14 19:55:13 ----A---- C:\WINDOWS\system32\inetcomm.dll
2012-10-14 19:55:12 ----D---- C:\Program Files\Outlook Express
2012-10-14 19:55:12 ----A---- C:\WINDOWS\system32\schedsvc.dll
2012-10-14 19:55:12 ----A---- C:\WINDOWS\system32\mstinit.exe
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\mstask.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\isign32.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\inetcfg.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\icwphbk.dll
2012-10-14 19:55:11 ----A---- C:\WINDOWS\system32\icwdial.dll
2012-10-14 19:55:05 ----D---- C:\Program Files\Common Files\System
2012-10-14 19:55:04 ----D---- C:\Program Files\Internet Explorer
2012-10-14 19:54:40 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2012-10-14 19:54:38 ----D---- C:\Program Files\ComPlus Applications
2012-10-14 19:54:37 ----A---- C:\WINDOWS\vbaddin.ini
2012-10-14 19:54:37 ----A---- C:\WINDOWS\vb.ini
2012-10-14 19:54:36 ----D---- C:\WINDOWS\Registration
2012-10-14 19:54:33 ----D---- C:\Program Files\Windows Media Player
2012-10-14 19:54:25 ----D---- C:\Program Files\MSN Gaming Zone
2012-10-14 19:54:25 ----A---- C:\WINDOWS\system32\write.exe
2012-10-14 19:54:15 ----A---- C:\WINDOWS\system32\sndvol32.exe
2012-10-14 19:54:15 ----A---- C:\WINDOWS\system32\hticons.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\winchat.exe
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avwav.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avtapi.dll
2012-10-14 19:54:14 ----A---- C:\WINDOWS\system32\avmeter.dll
2012-10-14 19:54:07 ----A---- C:\WINDOWS\system32\charmap.exe
2012-10-14 19:54:07 ----A---- C:\WINDOWS\system32\getuname.dll
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\winmine.exe
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\sol.exe
2012-10-14 19:54:06 ----A---- C:\WINDOWS\system32\calc.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tslabels.ini
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tskill.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\tscon.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\shadow.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\reset.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\mshearts.exe
2012-10-14 19:54:05 ----A---- C:\WINDOWS\system32\freecell.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\rwinsta.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\regini.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\qwinsta.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\qappsrv.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\msg.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\logoff.exe
2012-10-14 19:54:04 ----A---- C:\WINDOWS\system32\cdmodem.dll
2012-10-14 19:53:58 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2012-10-14 19:53:57 ----A---- C:\WINDOWS\system32\accwiz.exe
2012-10-14 19:53:56 ----D---- C:\Program Files\Windows NT
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\sndrec32.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\mspaint.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\mplay32.exe
2012-10-14 19:53:56 ----A---- C:\WINDOWS\system32\hypertrm.dll
2012-10-14 19:53:55 ----A---- C:\WINDOWS\system32\spider.exe
2012-10-14 19:53:55 ----A---- C:\WINDOWS\system32\clipbrd.exe
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\tdtcp.sys
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\tdpipe.sys
2012-10-14 19:53:54 ----N---- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\tsgqec.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2012-10-14 19:53:54 ----A---- C:\WINDOWS\system32\aaclient.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\remotepg.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2012-10-14 19:53:53 ----A---- C:\WINDOWS\system32\mstsc.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\termsrv.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\sessmgr.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdshost.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdpclip.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\rdchost.dll
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\qprocess.exe
2012-10-14 19:53:52 ----A---- C:\WINDOWS\system32\icaapi.dll
2012-10-14 19:53:51 ----D---- C:\WINDOWS\system32\MsDtc
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtctm.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2012-10-14 19:53:51 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\xolehlp.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\msdtclog.dll
2012-10-14 19:53:50 ----A---- C:\WINDOWS\system32\msdtc.exe
2012-10-14 19:53:49 ----D---- C:\WINDOWS\system32\Com
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\stclient.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\comrepl.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\comaddin.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\colbact.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\clbcatex.dll
2012-10-14 19:53:49 ----A---- C:\WINDOWS\system32\catsrvps.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\comuid.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\comsvcs.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\catsrvut.dll
2012-10-14 19:53:48 ----A---- C:\WINDOWS\system32\catsrv.dll
2012-10-14 19:53:47 ----A---- C:\WINDOWS\system32\comsnap.dll
2012-10-14 19:53:47 ----A---- C:\WINDOWS\system32\clbcatq.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\servdeps.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\mmfutil.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\licwmi.dll
2012-10-14 19:53:41 ----A---- C:\WINDOWS\system32\cmprops.dll
2012-10-14 19:53:40 ----N---- C:\WINDOWS\system32\drivers\termdd.sys
2012-10-14 19:53:40 ----N---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2012-10-14 20:08:52 ----A---- C:\WINDOWS\system.ini
2012-10-14 19:57:50 ----A---- C:\WINDOWS\win.ini
2012-10-14 19:57:23 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv61xxmm;mv61xxmm; C:\WINDOWS\system32\drivers\mv61xxmm.sys [2012-01-12 13616]
R0 mv64xxmm;mv64xxmm; C:\WINDOWS\system32\drivers\mv64xxmm.sys [2012-01-12 5632]
R0 mvxxmm;mvxxmm; C:\WINDOWS\system32\drivers\mvxxmm.sys [2012-01-12 13616]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2012-01-12 61824]
R0 uagp35;Microsoft AGPv3.5 Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2010-11-18 116608]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2010-02-11 13976]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2012-01-12 37760]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-03-14 160816]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2012-03-14 61936]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2012-01-12 226880]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2012-01-12 62848]
R3 3xHybrid;WinFast DTV1000 S; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-07-30 702336]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2012-01-12 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-13 701440]
R3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 emu10kx;Creative EMU10K1/EMU10K2 Audio Driver (WDM); C:\WINDOWS\system32\drivers\e10kx2k.sys [2001-10-02 1757928]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2012-03-14 40336]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ipgd;IC Plus IP1000 Family Gigabit Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\ipgdnd51.sys [2008-06-13 33536]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-05-09 41888]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2012-01-12 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2012-01-12 61824]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2001-09-11 186944]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2012-10-26 9856]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-05-09 1276832]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2012-01-12 12288]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2012-01-12 272128]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\WINDOWS\system32\COMMONFX.DLL []
S3 CT20XUT.DLL;CT20XUT.DLL; C:\WINDOWS\system32\CT20XUT.DLL [2007-04-12 164608]
S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2007-04-10 520488]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\WINDOWS\system32\CTAUDFX.DLL [2007-04-12 546048]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2007-04-10 347128]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\WINDOWS\system32\CTEAPSFX.DLL []
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\WINDOWS\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\WINDOWS\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\WINDOWS\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\WINDOWS\system32\CTERFXFX.DLL [2007-04-12 94976]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\WINDOWS\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\WINDOWS\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\WINDOWS\system32\CTSBLFX.DLL []
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2007-04-10 797992]
S3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2007-04-10 163112]
S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2007-04-10 189736]
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pbfilter;pbfilter; \??\G:\CdiskNemazat\Program Files\PeerBlock\pbfilter.sys []
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2012-01-12 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 APC UPS Service;APC UPS Service; G:\CdiskNemazat\Program Files\APC\mainserv.exe [2004-07-21 176241]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; D:\Program_Files\ESET\ekrn.exe [2012-03-07 913144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-30 250808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Gorman.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp<. OTM po sobě uklidí. Nakonec restartujte PC. Roboform přeinstalujte.

[gorman]

Děkuji za Vaše rady a jsem s pozdravem. Gorman.

[Rudy]

ESS už nepadá?

[gorman]

Jak jsem psal již na začátku, padal nepravidelně = někdy 2x za den, jindy až po dvou dnech. Takže uvidíme. Každopádně od včerejšího "léčení" zatím nic