AV Protection Virus - Cannot log on even in safe mode

y brother's compuer has a virus. The AV Prtection virus. I have tried downloading superantispyware on a different computer and put it in using a USB drive, but before the program could finish running it just disapeared. If I try to run other programs they won't stat, or the computer would keep restarting. At this point, I cannot even log on in safe mode. If I try to log on, even in safe mode or safe mode with networking it will say an error 'user profile cannot log on execute failed' or something like that, then it automatically restarts. I have no idea what to do

Hello, start with this until our Security Expert instructs you further : Remove AV Protection 2011 (Uninstall Guide)

I've alread been trying to use that article, but I can't even log in in safe mode, so I cannot do that. It won't let me log in, saying 'User log in execute failed' or something along those lines. I have shut the computer down for now until I know what to do, I need very speific instructions

Yeah, this is a tricky one, Notice in the instructions on using the TDDSkiller : When you get to the above page, please click on the Download EXE button to download the file. If you are unable to download the file for some reason, then TDSS may be blocking it. You would then need to download it first to a clean computer and then transfer it to the infected one using an external drive or USB flash drive.

If you can not even get this far, yeah, park the computer til you get some one on one help.

I can't get past the welcome log on screen. so I can't try to tssdkiller thing since I can't even log on to the desk top.

Wait for our expert to instruct you, This really is a bad one.

the problem won't get worse if I keep the computer shut down, right?

No, shut 'er down. Jacee will get with you as soon as she can, they stay busy at this time of year in different forums, so , be patient.

is the expert available yet?

I have not seen her yet, i have sent a PM to her last night .

any idea as to how long before she's able to help me? just curious

Well, being a Sunday and a time zone thing, she may be just now going to Church. Not sure, but, she will get to it , she is very good . I checked at Bleeping Computer , where i answer at also, and if that guide i gave you earlier can not be used, then , we just have to wait on the Expert who has taken many hours of Malware College training .

Here is the OTS file, if it helps you figuring out what I should do.


OTL logfile created on: 11/27/2011 5:25:53 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 88.22 Gb Free Space | 59.78% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (TOSHIBA Bluetooth Service)
SRV - File not found [Auto] -- -- (TosCoSrv)
SRV - File not found [Auto] -- -- (MSK80Service)
SRV - File not found [Auto] -- -- (MpfService)
SRV - File not found [On_Demand] -- -- (McSysmon)
SRV - File not found [Auto] -- -- (McProxy)
SRV - File not found [Auto] -- -- (mcmscsvc)
SRV - File not found [On_Demand] -- -- (iPod Service)
SRV - File not found [Auto] -- -- (Apple Mobile Device)
SRV - [2011/11/08 22:53:19 | 000,532,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2011/11/08 22:53:16 | 000,196,608 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2011/11/08 22:53:13 | 000,262,144 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2011/11/08 22:53:12 | 000,225,280 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2011/11/08 22:53:10 | 000,294,912 | ---- | M] () [Auto] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2011/11/08 22:53:05 | 000,765,952 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/11/08 22:53:04 | 002,584,576 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2011/11/08 22:52:56 | 000,569,344 | ---- | M] (WildTangent, Inc.) [Auto] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2011/11/08 22:52:55 | 000,598,016 | ---- | M] () [Auto] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2011/11/08 22:52:48 | 000,188,416 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2011/11/08 22:52:43 | 000,158,720 | ---- | M] (Agere Systems) [Auto] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2011/05/28 01:09:00 | 001,512,735 | -H-- | M] () [Auto] -- C:\ProgramData\dimlopmnjebx.dat -- (SENS)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand] -- -- (SVRPEDRV)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (IO_Memory)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2011/11/26 20:51:54 | 000,000,000 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\1970516416 -- (c0b17375)
DRV - [2011/11/17 22:52:39 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/18 19:35:53 | 000,802,936 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110415.001\bhdrvx86.sys -- (BHDrvx86)
DRV - [2011/04/18 04:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110418.018\navex15.sys -- (NAVEX15)
DRV - [2011/04/18 04:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110418.018\naveng.sys -- (NAVENG)
DRV - [2011/03/30 22:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 19:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/14 21:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\N360\0501000.01D\symefa.sys -- (SymEFA)
DRV - [2011/03/14 21:29:00 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110330.001\idsvix86.sys -- (IDSVix86)
DRV - [2011/01/27 01:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\N360\0501000.01D\symds.sys -- (SymDS)
DRV - [2010/11/15 20:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2008/01/19 02:42:48 | 000,227,896 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2008/01/19 02:41:52 | 000,035,384 | ---- | M] () [Kernel | System] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2007/09/19 13:59:12 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2007/07/24 15:02:36 | 000,033,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/07/24 10:40:36 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007/07/21 12:08:24 | 000,201,288 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007/07/21 12:08:24 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007/07/21 12:08:24 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/07/13 12:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2007/06/01 16:07:48 | 000,252,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007/01/24 17:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 18:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 01:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 01:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 01:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/06 01:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/09/27 07:06:00 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled] -- C:\Windows\system32\drivers\kr3npxp.sys -- (KR3NPXP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Home - Welcome to Toshiba
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Home - Welcome to Toshiba
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Steven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Home - Welcome to Toshiba
IE - HKU\Steven_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Steven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Steven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Steven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25402

IE - HKU\Steven_User_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle
IE - HKU\Steven_User_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Steven_User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Steven_User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Steven_User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/mswmp,version=1.0: C:\Program Files\SpiralFrog\wmp\np-mswmp.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SpiralFrog.com/Download Manager,version=1.0.0: C:\Program Files\SpiralFrog\NPSFDMGR.dll (SpiralFrog Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\ClickPotatoLite\bin\10.0.528.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/23 15:33:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/23 15:33:05 | 000,000,000 | ---D | M]

[2010/12/08 17:19:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Steven_User_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [0D1.exe] C:\Program Files\LP\4849\0D1.exe ()
O4 - HKLM..\Run: [FcSibD3pn4Q6W7E] C:\Users\Steven User\AppData\Roaming\dwme.exe ()
O4 - HKLM..\Run: [Gamevance] File not found
O4 - HKLM..\Run: [j1ivD3onFaHsJdL8234A] C:\Windows\System32\System Security 2012v121.exe ()
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [rdWK8fRL9TqUeIr8234A] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SpiralFrog] C:\Program Files\SpiralFrog\Spiralfrog.exe (SpiralFrog)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\Guest_ON_C..\Run: [swg] File not found
O4 - HKU\Guest_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\Guest_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Steven_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\Steven_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Steven_User_ON_C..\Run: [0D1.exe] C:\Users\Steven User\AppData\Roaming\Microsoft\4849\0D1.exe ()
O4 - HKU\Steven_User_ON_C..\Run: [1Y5U7AYUWGXY3X8WVZDKGNVBRXW] C:\Fonts\6DFBBA77D25.exe (Ankord Development Group)
O4 - HKU\Steven_User_ON_C..\Run: [CvS2obF3pGa8234A] File not found
O4 - HKU\Steven_User_ON_C..\Run: [Privacy Protection] C:\ProgramData\privacy.exe (mIRC Co. Ltd.)
O4 - HKU\Steven_User_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\Steven_User_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Steven_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Steven_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Steven_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Steven_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: c0b17375 = C:\Users\Steven User\AppData\Roaming\csrss.exe
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - File not found
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Steven_User_ON_C Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Local\c0b17375\X) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Windows\System32\
[2011/11/26 19:06:28 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\SUPERAntiSpyware.com
[2011/11/26 19:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/11/26 18:04:15 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\RucS2ibD3n4Q6W
[2011/11/26 18:04:14 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\iL9gTXqjYeIrOtA
[2011/11/18 20:01:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NBRTWizard
[2011/11/18 20:01:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NBRTWizard\0401000.00F
[2011/11/18 20:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2011/11/18 20:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Bootable Recovery Tool Wizard
[2011/11/18 00:11:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
[2011/11/18 00:07:17 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Local\CrashDumps
[2011/11/17 23:13:58 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Local\NPE
[2011/11/17 23:07:14 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2011/11/17 22:52:39 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011/11/17 22:52:11 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\symefa.sys
[2011/11/17 22:52:11 | 000,516,216 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\srtsp.sys
[2011/11/17 22:52:11 | 000,340,088 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\symds.sys
[2011/11/17 22:52:11 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\symtdiv.sys
[2011/11/17 22:52:11 | 000,296,568 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\symnets.sys
[2011/11/17 22:52:11 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\ironx86.sys
[2011/11/17 22:52:11 | 000,050,168 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\srtspx.sys
[2011/11/17 22:51:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0501000.01D
[2011/11/17 22:50:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2011/11/17 22:50:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2011/11/17 22:50:41 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2011/11/17 22:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2011/11/17 21:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/11/17 20:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/11/17 20:49:38 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/11/17 20:30:30 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV Protection 2011
[2011/11/17 20:30:22 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\RsQJ7dEK8R9YwUe
[2011/11/17 20:30:22 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\avD2onF4pH
[2011/11/17 20:30:14 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\QnG5aQH6dKf
[2011/11/17 20:30:12 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\WonF4pmH5Q7E8R9
[2011/11/15 17:09:26 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\30EF7
[2011/11/14 23:28:28 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\ZEoe6z4wogxWwAH
[2011/11/13 03:27:15 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\hrzONtxA0c2b3n4
[2011/11/13 03:21:57 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\XvDobF4pm5Q6E8R
[2011/11/13 03:21:57 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\U9hTXwjUeIrPyAu
[2011/11/13 03:21:49 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\l9gTXqjYCkVzNx0
[2011/11/13 03:21:47 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\NQJ6dEKfR9TwUeI
[2011/11/13 03:18:11 | 000,167,936 | ---- | C] (Корпорация Майкрософт) -- C:\Users\Steven User\Desktop\0.4678522676718392.exe
[2011/11/11 22:33:19 | 000,968,704 | ---- | C] (mIRC Co. Ltd.) -- C:\ProgramData\privacy.exe
[2011/11/08 22:58:13 | 000,000,000 | ---D | C] -- C:\Program Files\30EF7
[2011/11/08 22:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2011/11/08 22:58:02 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\90D30
[2011/11/08 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Security 2012
[2011/11/08 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\okIBrzONyAuSiF
[2011/11/08 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\NpnG5aQH6W7
[2011/11/08 22:57:32 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\LS1ibD3on4HsJfL
[2011/11/07 19:15:52 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[334 C:\Users\Steven User\Documents\*.tmp files -> C:\Users\Steven User\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Windows\System32\
[2011/11/26 20:51:54 | 000,000,000 | ---- | M] () -- C:\Windows\1970516416
[2011/11/26 20:51:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/26 19:24:11 | 146,509,049 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/26 19:09:25 | 000,607,658 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/26 19:09:25 | 000,105,530 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/26 18:43:58 | 076,004,920 | -H-- | M] () -- C:\ProgramData\xbejnmpolmid.dat
[2011/11/26 18:38:43 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/26 18:38:42 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/26 18:04:15 | 000,001,927 | ---- | M] () -- C:\Users\Steven User\Desktop\AV Protection 2011.lnk
[2011/11/26 17:58:53 | 000,000,925 | ---- | M] () -- C:\Users\Steven User\Desktop\Norton Installation Files.lnk
[2011/11/26 17:57:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
[2011/11/26 16:31:41 | 076,004,920 | ---- | M] () -- C:\Windows\System32\ej23jnm23.dat
[2011/11/26 16:31:31 | 076,004,920 | ---- | M] () -- C:\Windows\System32\ocejmiaiw.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\odej23moc.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\muhmiaol23.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\metroosehw.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\exeiuqolmis.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\ewqlldnolmia.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\otiuqarcjra.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\ocmuhmjila.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\niw46mia23.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\busmjnolexe.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\46nololarc.dat
[2011/11/26 16:12:36 | 000,000,034 | ---- | M] () -- C:\Windows\System32\BD2140.DAT
[2011/11/18 20:04:49 | 076,004,920 | ---- | M] () -- C:\Windows\System32\mia46mirmoc.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | M] () -- C:\Windows\System32\arcotniwniw.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | M] () -- C:\Windows\System32\23hwmiamoc.dat
[2011/11/18 20:01:56 | 000,001,333 | ---- | M] () -- C:\Users\Public\Desktop\Norton Bootable Recovery Tool Wizard.LNK
[2011/11/18 20:01:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2011/11/18 18:20:45 | 000,775,673 | ---- | M] () -- C:\Users\Steven User\AppData\Local\dfl20z32.dll
[2011/11/18 02:33:05 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2011/11/18 02:32:42 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlrmdr.exe
[2011/11/18 02:32:42 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpnotify.exe
[2011/11/18 02:32:14 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2011/11/18 02:31:59 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2011/11/18 02:31:15 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011/11/18 02:29:40 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2011/11/18 02:29:33 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasautou.exe
[2011/11/18 02:29:15 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2011/11/18 02:29:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2011/11/18 02:29:01 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printui.exe
[2011/11/18 02:28:41 | 000,520,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2011/11/18 02:28:41 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2011/11/18 02:28:34 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2011/11/18 02:28:32 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2011/11/18 02:28:27 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2011/11/18 02:27:50 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2011/11/18 02:26:46 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/11/18 02:26:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2011/11/18 02:26:33 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2011/11/18 02:25:45 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2011/11/18 02:24:18 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2011/11/18 02:23:55 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/11/18 02:23:22 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2011/11/18 02:22:41 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2011/11/18 02:22:13 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdbinst.exe
[2011/11/17 23:39:26 | 000,048,016 | -HS- | M] () -- C:\Windows\System32\c_77621.nl_
[2011/11/17 23:18:19 | 002,284,298 | ---- | M] () -- C:\Windows\System32\drivers\N360\0501000.01D\Cat.DB
[2011/11/17 23:16:36 | 006,691,812 | ---- | M] () -- C:\Users\Steven User\AppData\Roaming\SMRBackup210.dat
[2011/11/17 22:52:39 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011/11/17 22:52:39 | 000,007,468 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011/11/17 22:52:39 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011/11/17 22:52:17 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2011/11/17 22:52:16 | 000,002,151 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011/11/17 20:30:31 | 000,001,814 | ---- | M] () -- C:\Users\Steven User\AppData\Roaming\ldr.ini
[2011/11/17 18:52:35 | 000,968,704 | ---- | M] (mIRC Co. Ltd.) -- C:\ProgramData\privacy.exe
[2011/11/17 18:00:24 | 000,000,680 | ---- | M] () -- C:\Users\Steven User\AppData\Local\d3d9caps.dat
[2011/11/17 17:55:33 | 000,002,609 | ---- | M] () -- C:\Users\Steven User\Desktop\Microsoft Office Word 2003.lnk
[2011/11/16 00:04:52 | 000,437,248 | ---- | M] () -- C:\Users\Steven User\AppData\Roaming\java.exe
[2011/11/14 17:55:47 | 000,000,340 | ---- | M] () -- C:\Users\Steven User\AppData\Local\wsr20zt32.dll
[2011/11/13 03:55:52 | 000,760,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/11/13 03:27:36 | 000,437,248 | ---- | M] () -- C:\Users\Steven User\AppData\Roaming\dwme.exe
[2011/11/13 03:18:31 | 000,167,936 | ---- | M] (Корпорация Майкрософт) -- C:\Users\Steven User\Desktop\0.4678522676718392.exe
[2011/11/11 22:33:21 | 000,657,042 | ---- | M] () -- C:\Users\Steven User\Desktop\0.22068448169927946.exe
[2011/11/11 00:57:47 | 000,022,519 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011/11/09 23:14:20 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2011/11/09 21:09:08 | 001,818,624 | ---- | M] () -- C:\Windows\System32\System Security 2012v121.exe
[2011/11/09 01:58:19 | 000,215,552 | ---- | M] () -- C:\Windows\zip.exe
[2011/11/09 00:32:40 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2011/11/09 00:32:38 | 000,178,688 | ---- | M] (Twain Working Group) -- C:\Windows\twunk_32.exe
[2011/11/09 00:31:38 | 000,287,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011/11/09 00:31:38 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2011/11/09 00:31:37 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2011/11/09 00:31:37 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/11/09 00:31:36 | 000,393,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/11/09 00:31:36 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/11/09 00:31:35 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2011/11/09 00:31:35 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\write.exe
[2011/11/09 00:31:34 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
[2011/11/09 00:31:34 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2011/11/09 00:31:34 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcer.exe
[2011/11/09 00:31:31 | 003,364,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011/11/09 00:31:31 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winver.exe
[2011/11/09 00:31:30 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/11/09 00:31:29 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/11/09 00:31:27 | 000,355,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011/11/09 00:31:22 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2011/11/09 00:31:22 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2011/11/09 00:31:21 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\whoami.exe
[2011/11/09 00:31:21 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\where.exe
[2011/11/09 00:31:20 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2011/11/09 00:31:20 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/11/09 00:31:19 | 001,007,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011/11/09 00:31:18 | 001,290,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2011/11/09 00:31:18 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/11/09 00:30:41 | 000,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2011/11/09 00:30:41 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2011/11/09 00:30:40 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
[2011/11/09 00:30:40 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2011/11/09 00:30:39 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2011/11/09 00:30:39 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\verclsid.exe
[2011/11/09 00:30:38 | 000,786,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2011/11/09 00:30:37 | 000,458,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/11/09 00:30:37 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2011/11/09 00:30:36 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2011/11/09 00:30:35 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2011/11/09 00:30:35 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2011/11/09 00:30:34 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2011/11/09 00:30:33 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2011/11/09 00:30:33 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2011/11/09 00:30:33 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TRACERT.EXE
[2011/11/09 00:30:32 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2011/11/09 00:30:32 | 000,225,280 | ---- | M] (Toshiba Corporation) -- C:\Windows\System32\tosmreg.exe
[2011/11/09 00:30:31 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timeout.exe
[2011/11/09 00:30:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tcmsetup.exe
[2011/11/09 00:30:19 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2011/11/09 00:30:19 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2011/11/09 00:30:18 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2011/11/09 00:30:18 | 000,158,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TapiUnattend.exe
[2011/11/09 00:30:17 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesRemote.exe
[2011/11/09 00:30:17 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2011/11/09 00:30:17 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\systray.exe
[2011/11/09 00:30:16 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesProtection.exe
[2011/11/09 00:30:16 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesPerformance.exe
[2011/11/09 00:30:16 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesHardware.exe
[2011/11/09 00:30:15 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesDataExecutionPrevention.exe
[2011/11/09 00:30:15 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesComputerName.exe
[2011/11/09 00:30:15 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesAdvanced.exe
[2011/11/09 00:30:14 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2011/11/09 00:30:11 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2011/11/09 00:30:11 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2011/11/09 00:30:10 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\subst.exe
[2011/11/09 00:29:58 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2011/11/09 00:29:58 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sort.exe
[2011/11/09 00:29:57 | 000,423,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2011/11/09 00:29:57 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011/11/09 00:29:54 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2011/11/09 00:29:53 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2011/11/09 00:29:52 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sigverif.exe
[2011/11/09 00:29:51 | 000,543,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2011/11/09 00:29:51 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2011/11/09 00:29:50 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setx.exe
[2011/11/09 00:29:50 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2011/11/09 00:29:49 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2011/11/09 00:29:49 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2011/11/09 00:29:48 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/11/09 00:29:47 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011/11/09 00:29:47 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2011/11/09 00:29:46 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2011/11/09 00:29:46 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secinit.exe
[2011/11/09 00:29:44 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/11/09 00:29:44 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2011/11/09 00:29:43 | 000,299,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011/11/09 00:29:42 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2011/11/09 00:29:42 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sc.exe
[2011/11/09 00:29:42 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2011/11/09 00:29:41 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RunLegacyCPLElevated.exe
[2011/11/09 00:29:41 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\runas.exe
[2011/11/09 00:29:39 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2011/11/09 00:29:39 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2011/11/09 00:29:39 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/11/09 00:29:38 | 000,235,008 | ---- | M] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2011/11/09 00:29:38 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RmClient.exe
[2011/11/09 00:29:37 | 000,494,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/11/09 00:29:37 | 000,494,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/11/09 00:29:36 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/11/09 00:29:36 | 000,658,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/11/09 00:29:35 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\replace.exe
[2011/11/09 00:29:19 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2011/11/09 00:29:19 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2011/11/09 00:29:18 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/11/09 00:29:18 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regsvr32.exe
[2011/11/09 00:29:17 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2011/11/09 00:29:17 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2011/11/09 00:29:17 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regedt32.exe
[2011/11/09 00:29:16 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\recover.exe
[2011/11/09 00:29:15 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2011/11/09 00:29:15 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2011/11/09 00:29:15 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2011/11/09 00:29:14 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2011/11/09 00:29:13 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2011/11/09 00:29:12 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2011/11/09 00:29:10 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/11/09 00:29:10 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/11/09 00:29:10 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\print.exe
[2011/11/09 00:29:09 | 000,436,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/11/09 00:29:09 | 000,211,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powercfg.exe
[2011/11/09 00:29:08 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011/11/09 00:29:08 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2011/11/09 00:29:08 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\plasrv.exe
[2011/11/09 00:29:07 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011/11/09 00:29:07 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2011/11/09 00:29:06 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2011/11/09 00:29:06 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2011/11/09 00:29:05 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcaui.exe
[2011/11/09 00:29:05 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcaelv.exe
[2011/11/09 00:29:05 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcalua.exe
[2011/11/09 00:29:04 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2011/11/09 00:29:04 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2011/11/09 00:29:04 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PATHPING.EXE
[2011/11/09 00:29:03 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2011/11/09 00:29:03 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\openfiles.exe
[2011/11/09 00:28:54 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.exe
[2011/11/09 00:28:53 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcad32.exe
[2011/11/09 00:28:53 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011/11/09 00:28:52 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe
[2011/11/09 00:28:51 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011/11/09 00:28:49 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/11/09 00:28:48 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netsh.exe
[2011/11/09 00:28:48 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NetProj.exe
[2011/11/09 00:28:47 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2011/11/09 00:28:47 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2011/11/09 00:28:46 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2011/11/09 00:28:46 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2011/11/09 00:28:45 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2011/11/09 00:28:44 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2011/11/09 00:28:42 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2011/11/09 00:28:41 | 000,632,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2011/11/09 00:28:41 | 000,612,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2011/11/09 00:28:41 | 000,555,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011/11/09 00:28:40 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/09 00:28:37 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2011/11/09 00:28:37 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2011/11/09 00:28:33 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2011/11/09 00:28:33 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/11/09 00:28:32 | 001,939,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2011/11/09 00:28:19 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2011/11/09 00:28:17 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2011/11/09 00:28:16 | 000,423,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2011/11/09 00:28:16 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2011/11/09 00:28:16 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MdRes.exe
[2011/11/09 00:28:15 | 001,086,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011/11/09 00:28:15 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2011/11/09 00:28:14 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2011/11/09 00:28:11 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2011/11/09 00:28:10 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2011/11/09 00:28:10 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011/11/09 00:28:07 | 000,242,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/11/09 00:28:06 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2011/11/09 00:28:01 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\label.exe
[2011/11/09 00:28:01 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2011/11/09 00:28:00 | 000,286,720 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/11/09 00:28:00 | 000,282,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/11/09 00:27:59 | 000,282,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/11/09 00:27:58 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\irftp.exe
[2011/11/09 00:27:58 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iscsicpl.exe
[2011/11/09 00:27:57 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2011/11/09 00:27:57 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2011/11/09 00:27:48 | 001,060,864 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe
[2011/11/09 00:27:46 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/11/09 00:27:46 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/09 00:27:45 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/09 00:27:45 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2011/11/09 00:27:44 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2011/11/09 00:27:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/11/09 00:27:42 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/11/09 00:27:41 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\help.exe
[2011/11/09 00:27:40 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\grpconv.exe
[2011/11/09 00:27:38 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2011/11/09 00:27:38 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2011/11/09 00:27:37 | 000,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2011/11/09 00:27:36 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2011/11/09 00:27:36 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011/11/09 00:27:35 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\forfiles.exe
[2011/11/09 00:27:35 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontview.exe
[2011/11/09 00:27:35 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltMC.exe
[2011/11/09 00:27:34 | 002,732,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2011/11/09 00:27:34 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallSettings.exe
[2011/11/09 00:27:34 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fixmapi.exe
[2011/11/09 00:27:33 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011/11/09 00:27:33 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\find.exe
[2011/11/09 00:27:33 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/11/09 00:27:32 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2011/11/09 00:27:31 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2011/11/09 00:27:30 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eventvwr.exe
[2011/11/09 00:27:30 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eventcreate.exe
[2011/11/09 00:27:29 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2011/11/09 00:27:29 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2011/11/09 00:27:15 | 000,400,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/11/09 00:27:15 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\efsui.exe
[2011/11/09 00:27:14 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2011/11/09 00:27:13 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dvdupgrd.exe
[2011/11/09 00:22:42 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2011/11/09 00:22:41 | 000,170,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2011/11/09 00:22:41 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dplaysvr.exe
[2011/11/09 00:22:40 | 000,554,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2011/11/09 00:22:40 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2011/11/09 00:22:39 | 000,249,856 | ---- | M] (Apple Inc.) -- C:\Windows\System32\dns-sd.exe
[2011/11/09 00:22:39 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\doskey.exe
[2011/11/09 00:22:38 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2011/11/09 00:22:38 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhst3g.exe
[2011/11/09 00:22:37 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011/11/09 00:22:37 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011/11/09 00:22:37 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2011/11/09 00:22:36 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2011/11/09 00:22:36 | 000,178,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dialer.exe
[2011/11/09 00:22:35 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2011/11/09 00:22:35 | 000,311,296 | ---- | M] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2011/11/09 00:22:34 | 000,244,224 | ---- | M] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2011/11/09 00:22:34 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2011/11/09 00:22:34 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2011/11/09 00:22:33 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2011/11/09 00:22:33 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DeviceProperties.exe
[2011/11/09 00:22:32 | 000,374,272 | ---- | M] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2011/11/09 00:22:31 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dcomcnfg.exe
[2011/11/09 00:22:29 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/11/09 00:22:29 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credwiz.exe
[2011/11/09 00:22:28 | 000,359,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\control.exe
[2011/11/09 00:22:28 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2011/11/09 00:22:27 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2011/11/09 00:21:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2011/11/09 00:21:00 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2011/11/09 00:21:00 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comp.exe
[2011/11/09 00:21:00 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\compact.exe
[2011/11/09 00:20:58 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\colorcpl.exe
[2011/11/09 00:20:57 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2011/11/09 00:20:57 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cofire.exe
[2011/11/09 00:20:56 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2011/11/09 00:20:56 | 000,196,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2011/11/09 00:20:55 | 000,466,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2011/11/09 00:20:55 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clip.exe
[2011/11/09 00:20:55 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmdkey.exe
[2011/11/09 00:20:54 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cleanmgr.exe
[2011/11/09 00:20:54 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2011/11/09 00:20:54 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cliconfg.exe
[2011/11/09 00:20:53 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\choice.exe
[2011/11/09 00:20:53 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\chkntfs.exe
[2011/11/09 00:20:52 | 000,946,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2011/11/09 00:20:52 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\charmap.exe
[2011/11/09 00:20:52 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\chkdsk.exe
[2011/11/09 00:20:51 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2011/11/09 00:20:51 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2011/11/09 00:20:46 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2011/11/09 00:20:46 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2011/11/09 00:20:45 | 000,241,664 | ---- | M] (Brother Industries Ltd) -- C:\Windows\System32\BRRBTOOL.EXE
[2011/11/09 00:20:45 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2011/11/09 00:20:44 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2011/11/09 00:20:42 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2011/11/09 00:20:41 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2011/11/09 00:20:39 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011/11/09 00:20:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\attrib.exe
[2011/11/09 00:20:38 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2011/11/09 00:20:38 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2011/11/09 00:20:38 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/11/09 00:20:36 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AdapterTroubleshooter.exe
[2011/11/09 00:20:35 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2011/11/09 00:19:23 | 000,246,272 | ---- | M] () -- C:\Windows\sed.exe
[2011/11/09 00:19:20 | 000,425,984 | ---- | M] (Toshiba America Information Systems) -- C:\Windows\SavePOH.exe
[2011/11/09 00:19:19 | 004,591,616 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2011/11/09 00:19:19 | 001,339,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2011/11/09 00:19:08 | 000,403,968 | ---- | M] () -- C:\Windows\PEV.exe
[2011/11/09 00:15:49 | 000,462,848 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011/11/09 00:15:48 | 000,645,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2011/11/09 00:15:43 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2011/11/09 00:14:57 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011/11/09 00:08:50 | 000,195,072 | ---- | M] (Agere Systems) -- C:\Windows\agrsmdel.exe
[2011/11/09 00:05:34 | 000,430,080 | ---- | M] () -- C:\Users\Steven User\Desktop\0.6255255489322431.exe
[2011/11/08 23:35:12 | 000,638,976 | ---- | M] (Toshiba Corporation) -- C:\Windows\System32\cselect.exe
[2011/11/08 22:59:47 | 001,267,298 | ---- | M] () -- C:\Users\Steven User\Desktop\0.8543574810547517.exe
[2011/11/08 22:53:30 | 005,292,544 | ---- | M] (ParetoLogic, Inc.) -- C:\Users\Steven User\Desktop\PCHA.exe
[2011/11/08 22:53:13 | 000,262,144 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
[2011/11/08 22:52:43 | 000,158,720 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
[2011/11/08 22:52:17 | 000,133,632 | ---- | M] () -- C:\Users\Steven User\Desktop\0.4049731133631722.exe
[2011/11/06 23:35:41 | 000,001,100 | ---- | M] () -- C:\Users\Steven User\AppData\Local\d3d8caps.dat
[2011/11/04 13:46:15 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[334 C:\Users\Steven User\Documents\*.tmp files -> C:\Users\Steven User\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/26 16:31:41 | 076,004,920 | ---- | C] () -- C:\Windows\System32\ej23jnm23.dat
[2011/11/26 16:31:31 | 076,004,920 | ---- | C] () -- C:\Windows\System32\ocejmiaiw.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\odej23moc.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\muhmiaol23.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\metroosehw.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\exeiuqolmis.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\ewqlldnolmia.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\otiuqarcjra.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\ocmuhmjila.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\niw46mia23.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\busmjnolexe.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\46nololarc.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | C] () -- C:\Windows\System32\mia46mirmoc.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | C] () -- C:\Windows\System32\arcotniwniw.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | C] () -- C:\Windows\System32\23hwmiamoc.dat
[2011/11/18 20:01:56 | 000,001,333 | ---- | C] () -- C:\Users\Public\Desktop\Norton Bootable Recovery Tool Wizard.LNK
[2011/11/18 20:01:13 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NBRTWizard\0401000.00F\isolate.ini
[2011/11/17 23:17:25 | 002,284,298 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\Cat.DB
[2011/11/17 23:15:54 | 006,691,812 | ---- | C] () -- C:\Users\Steven User\AppData\Roaming\SMRBackup210.dat
[2011/11/17 23:07:14 | 000,000,925 | ---- | C] () -- C:\Users\Steven User\Desktop\Norton Installation Files.lnk
[2011/11/17 22:52:39 | 000,007,468 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011/11/17 22:52:39 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011/11/17 22:52:16 | 000,002,151 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011/11/17 22:52:11 | 000,007,877 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symnetv.cat
[2011/11/17 22:52:11 | 000,007,528 | R--- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\iron.cat
[2011/11/17 22:52:11 | 000,007,458 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symnet.cat
[2011/11/17 22:52:11 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symefa.cat
[2011/11/17 22:52:11 | 000,007,454 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\srtspx.cat
[2011/11/17 22:52:11 | 000,007,450 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\srtsp.cat
[2011/11/17 22:52:11 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symefa.inf
[2011/11/17 22:52:11 | 000,002,792 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symds.inf
[2011/11/17 22:52:11 | 000,001,474 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symnetv.inf
[2011/11/17 22:52:11 | 000,001,446 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symnet.inf
[2011/11/17 22:52:11 | 000,001,389 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\srtspx.inf
[2011/11/17 22:52:11 | 000,001,383 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\srtsp.inf
[2011/11/17 22:52:11 | 000,000,742 | R--- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\iron.inf
[2011/11/17 22:52:11 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\isolate.ini
[2011/11/17 22:51:41 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symds.cat
[2011/11/17 20:30:31 | 000,001,927 | ---- | C] () -- C:\Users\Steven User\Desktop\AV Protection 2011.lnk
[2011/11/15 17:08:22 | 000,437,248 | ---- | C] () -- C:\Users\Steven User\AppData\Roaming\java.exe
[2011/11/13 03:21:49 | 000,437,248 | ---- | C] () -- C:\Users\Steven User\AppData\Roaming\dwme.exe
[2011/11/12 01:33:53 | 000,048,016 | -HS- | C] () -- C:\Windows\System32\c_77621.nl_
[2011/11/11 22:32:20 | 000,657,042 | ---- | C] () -- C:\Users\Steven User\Desktop\0.22068448169927946.exe
[2011/11/08 23:52:09 | 000,775,673 | ---- | C] () -- C:\Users\Steven User\AppData\Local\dfl20z32.dll
[2011/11/08 22:59:47 | 000,430,080 | ---- | C] () -- C:\Users\Steven User\Desktop\0.6255255489322431.exe
[2011/11/08 22:57:40 | 000,001,814 | ---- | C] () -- C:\Users\Steven User\AppData\Roaming\ldr.ini
[2011/11/08 22:57:32 | 001,818,624 | ---- | C] () -- C:\Windows\System32\System Security 2012v121.exe
[2011/11/08 22:53:33 | 000,000,340 | ---- | C] () -- C:\Users\Steven User\AppData\Local\wsr20zt32.dll
[2011/11/08 22:52:12 | 001,267,298 | ---- | C] () -- C:\Users\Steven User\Desktop\0.8543574810547517.exe
[2011/11/08 22:52:12 | 000,133,632 | ---- | C] () -- C:\Users\Steven User\Desktop\0.4049731133631722.exe
[2011/06/06 21:59:30 | 000,000,680 | ---- | C] () -- C:\Users\Steven User\AppData\Local\d3d9caps.dat
[2011/06/05 22:09:49 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~30531320r
[2011/06/05 22:09:48 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~30531320
[2011/06/05 22:08:44 | 000,000,392 | -H-- | C] () -- C:\ProgramData\30531320
[2011/06/05 17:51:42 | 000,001,100 | ---- | C] () -- C:\Users\Steven User\AppData\Local\d3d8caps.dat
[2011/05/28 01:09:00 | 076,004,920 | -H-- | C] () -- C:\ProgramData\xbejnmpolmid.dat
[2011/05/28 01:09:00 | 003,748,983 | -H-- | C] () -- C:\Windows\System32\32mnj32je.dat
[2011/05/28 01:09:00 | 003,412,402 | -H-- | C] () -- C:\Windows\System32\com32jedo.dat
[2011/05/28 01:09:00 | 003,255,548 | -H-- | C] () -- C:\Windows\System32\winwintocra.dat
[2011/05/28 01:09:00 | 003,255,548 | -H-- | C] () -- C:\Windows\System32\comrim64aim.dat
[2011/05/28 01:09:00 | 003,255,548 | -H-- | C] () -- C:\Windows\System32\comaimwh32.dat
[2011/05/28 01:09:00 | 003,233,636 | -H-- | C] () -- C:\Windows\System32\wiaimjeco.dat
[2011/05/28 01:09:00 | 003,195,681 | -H-- | C] () -- C:\Windows\System32\exelonjmsub.dat
[2011/05/28 01:09:00 | 003,195,681 | -H-- | C] () -- C:\Windows\System32\alijmhumco.dat
[2011/05/28 01:09:00 | 002,938,007 | -H-- | C] () -- C:\Windows\System32\simloquiexe.dat
[2011/05/28 01:09:00 | 002,610,209 | -H-- | C] () -- C:\Windows\System32\arjcraquito.dat
[2011/05/28 01:09:00 | 002,554,671 | -H-- | C] () -- C:\Windows\System32\32aim64win.dat
[2011/05/28 01:09:00 | 002,499,132 | -H-- | C] () -- C:\Windows\System32\32loaimhum.dat
[2011/05/28 01:09:00 | 002,480,750 | -H-- | C] () -- C:\Windows\System32\cralolon64.dat
[2011/05/28 01:09:00 | 002,024,737 | -H-- | C] () -- C:\Windows\System32\aimlondllqwe.dat
[2011/05/28 01:09:00 | 002,016,254 | -H-- | C] () -- C:\Windows\System32\whesoortem.dat
[2011/05/28 01:09:00 | 001,512,735 | -H-- | C] () -- C:\ProgramData\dimlopmnjebx.dat
[2010/11/29 16:08:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/11/29 16:08:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/11/25 17:10:48 | 000,227,896 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2010/11/25 17:07:39 | 000,035,384 | ---- | C] () -- C:\Windows\System32\drivers\kbdclass.sys
[2010/11/24 14:42:18 | 000,000,680 | ---- | C] () -- C:\Users\Steven\AppData\Local\d3d9caps.dat
[2010/09/30 14:47:29 | 000,403,968 | ---- | C] () -- C:\Windows\PEV.exe
[2010/09/30 14:47:29 | 000,246,272 | ---- | C] () -- C:\Windows\sed.exe
[2010/09/30 14:47:29 | 000,215,552 | ---- | C] () -- C:\Windows\zip.exe
[2010/09/30 14:47:29 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010/09/30 14:47:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/09/10 20:45:27 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/07/28 23:18:47 | 000,003,584 | ---- | C] () -- C:\Users\Guest\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/03 19:20:27 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/12/03 19:20:27 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2140.DAT
[2008/10/26 11:26:38 | 000,006,656 | ---- | C] () -- C:\Users\Steven User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/16 19:10:14 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/03/29 17:35:45 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2007/11/06 18:23:34 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/11/06 18:13:22 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/11/06 18:13:22 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/11/06 18:13:22 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/11/06 18:13:22 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/11/06 18:13:22 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/11/06 18:13:22 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/11/06 17:33:45 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/11/06 17:33:45 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007/11/06 17:33:44 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/11/06 17:33:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/11/06 17:27:21 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007/11/06 17:27:21 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007/11/06 17:27:21 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007/11/06 17:27:21 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/09/13 18:31:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007/09/13 18:22:46 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/09/13 18:22:46 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/09/13 18:11:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/12/05 16:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,321,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,607,658 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,105,530 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 13:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/07/23 00:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2010/09/10 21:55:04 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\DriverCure
[2010/10/04 20:13:00 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\gtk-2.0
[2010/12/15 15:03:25 | 000,000,000 | -HSD | M] -- C:\Users\Steven\AppData\Roaming\Internet Security Suite
[2010/07/11 15:05:20 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\My Battle for Middle-earth Files
[2010/09/10 21:55:04 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\ParetoLogic
[2008/04/06 10:57:17 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\TOSHIBA
[2008/03/29 17:43:54 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\WildTangent
[2008/04/06 10:55:30 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\WinBatch
[2011/11/15 17:09:26 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\30EF7
[2011/11/16 00:04:25 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\90D30
[2011/11/17 20:30:22 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\avD2onF4pH
[2011/06/05 22:05:46 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\BitTorrent
[2010/12/07 15:45:17 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\DriverCure
[2011/11/13 03:27:15 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\hrzONtxA0c2b3n4
[2011/11/26 18:04:14 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\iL9gTXqjYeIrOtA
[2011/11/13 03:21:49 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\l9gTXqjYCkVzNx0
[2011/11/08 22:57:32 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\LS1ibD3on4HsJfL
[2011/06/06 22:12:55 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\My Battle for Middle-earth Files
[2011/06/06 22:12:55 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011/11/08 22:57:40 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\NpnG5aQH6W7
[2011/11/13 03:21:47 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\NQJ6dEKfR9TwUeI
[2011/11/08 22:57:40 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\okIBrzONyAuSiF
[2010/12/07 15:45:12 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\ParetoLogic
[2011/11/17 20:30:14 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\QnG5aQH6dKf
[2011/11/17 20:30:30 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\RsQJ7dEK8R9YwUe
[2011/11/26 18:04:15 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\RucS2ibD3n4Q6W
[2011/11/13 03:27:08 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\U9hTXwjUeIrPyAu
[2009/12/13 16:18:55 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\WeatherBug
[2008/06/27 16:19:46 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\WinBatch
[2011/11/17 20:30:12 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\WonF4pmH5Q7E8R9
[2011/11/13 03:21:57 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\XvDobF4pm5Q6E8R
[2011/11/14 23:28:28 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\ZEoe6z4wogxWwAH
[2011/01/13 03:07:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\2f8725
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/06/06 22:12:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Flip Video
[2010/12/08 18:35:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\ISVZJKWXPS
[2010/09/10 19:40:12 | 000,000,000 | -HSD | M] -- C:\ProgramData\MSDXBJHHS
[2011/06/05 21:17:26 | 000,000,000 | -H-D | M] -- C:\ProgramData\Napster
[2011/11/26 17:58:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\ParetoLogic
[2011/11/17 22:36:51 | 000,000,000 | ---D | M] -- C:\ProgramData\PCSettings
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2007/12/11 08:36:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\Toshiba
[2011/06/06 22:12:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2011/06/06 22:12:47 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2009/03/15 14:23:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/12/11 08:13:39 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2010/05/02 13:17:26 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/08/14 23:59:59 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011/10/01 00:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2010/09/10 21:54:55 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor Defrag.job
[2011/11/26 16:31:01 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 816 bytes -> C:\Windows\1970516416:1062112394.exe
< End of report >

Here is my most recent OTL scan, can anyone help me?


OTL logfile created on: 11/27/2011 11:35:23 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 81.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 88.22 Gb Free Space | 59.78% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.86 Gb Free Space | 99.78% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (TOSHIBA Bluetooth Service)
SRV - File not found [Auto] -- -- (TosCoSrv)
SRV - File not found [Auto] -- -- (MSK80Service)
SRV - File not found [Auto] -- -- (MpfService)
SRV - File not found [On_Demand] -- -- (McSysmon)
SRV - File not found [Auto] -- -- (McProxy)
SRV - File not found [Auto] -- -- (mcmscsvc)
SRV - File not found [On_Demand] -- -- (iPod Service)
SRV - File not found [Auto] -- -- (Apple Mobile Device)
SRV - [2011/11/08 22:53:19 | 000,532,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2011/11/08 22:53:16 | 000,196,608 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2011/11/08 22:53:13 | 000,262,144 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2011/11/08 22:53:12 | 000,225,280 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2011/11/08 22:53:10 | 000,294,912 | ---- | M] () [Auto] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2011/11/08 22:53:05 | 000,765,952 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/11/08 22:53:04 | 002,584,576 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2011/11/08 22:52:56 | 000,569,344 | ---- | M] (WildTangent, Inc.) [Auto] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2011/11/08 22:52:55 | 000,598,016 | ---- | M] () [Auto] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2011/11/08 22:52:48 | 000,188,416 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2011/11/08 22:52:43 | 000,158,720 | ---- | M] (Agere Systems) [Auto] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2011/05/28 01:09:00 | 001,512,735 | -H-- | M] () [Auto] -- C:\ProgramData\dimlopmnjebx.dat -- (SENS)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand] -- -- (SVRPEDRV)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (IO_Memory)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2011/11/26 20:51:54 | 000,000,000 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\1970516416 -- (c0b17375)
DRV - [2011/11/17 22:52:39 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/18 19:35:53 | 000,802,936 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110415.001\bhdrvx86.sys -- (BHDrvx86)
DRV - [2011/04/18 04:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110418.018\navex15.sys -- (NAVEX15)
DRV - [2011/04/18 04:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110418.018\naveng.sys -- (NAVENG)
DRV - [2011/03/30 22:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 19:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/14 21:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\N360\0501000.01D\symefa.sys -- (SymEFA)
DRV - [2011/03/14 21:29:00 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110330.001\idsvix86.sys -- (IDSVix86)
DRV - [2011/01/27 01:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\N360\0501000.01D\symds.sys -- (SymDS)
DRV - [2010/11/15 20:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2008/01/19 02:42:48 | 000,227,896 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2008/01/19 02:41:52 | 000,035,384 | ---- | M] () [Kernel | System] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2007/09/19 13:59:12 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2007/07/24 15:02:36 | 000,033,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/07/24 10:40:36 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007/07/21 12:08:24 | 000,201,288 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007/07/21 12:08:24 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007/07/21 12:08:24 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/07/13 12:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2007/06/01 16:07:48 | 000,252,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007/01/24 17:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 18:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 01:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 01:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 01:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/06 01:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/09/27 07:06:00 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled] -- C:\Windows\system32\drivers\kr3npxp.sys -- (KR3NPXP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Home - Welcome to Toshiba
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Home - Welcome to Toshiba
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Steven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Home - Welcome to Toshiba
IE - HKU\Steven_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Steven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Steven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Steven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25402

IE - HKU\Steven_User_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle
IE - HKU\Steven_User_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Steven_User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Steven_User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Steven_User_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/mswmp,version=1.0: C:\Program Files\SpiralFrog\wmp\np-mswmp.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SpiralFrog.com/Download Manager,version=1.0.0: C:\Program Files\SpiralFrog\NPSFDMGR.dll (SpiralFrog Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\ClickPotatoLite\bin\10.0.528.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/23 15:33:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/23 15:33:05 | 000,000,000 | ---D | M]

[2010/12/08 17:19:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Steven_User_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SpiralFrog] C:\Program Files\SpiralFrog\Spiralfrog.exe (SpiralFrog)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\Guest_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\Guest_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Steven_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\Steven_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Steven_User_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\Steven_User_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Steven_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Steven_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Steven_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Steven_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Steven_User_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - File not found
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Windows\System32\
[2011/11/27 22:34:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/26 19:06:28 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\SUPERAntiSpyware.com
[2011/11/26 19:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/11/18 20:01:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NBRTWizard
[2011/11/18 20:01:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NBRTWizard\0401000.00F
[2011/11/18 20:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2011/11/18 20:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Bootable Recovery Tool Wizard
[2011/11/18 00:11:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
[2011/11/18 00:07:17 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Local\CrashDumps
[2011/11/17 23:13:58 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Local\NPE
[2011/11/17 23:07:14 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2011/11/17 22:52:39 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011/11/17 22:52:11 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\symefa.sys
[2011/11/17 22:52:11 | 000,516,216 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\srtsp.sys
[2011/11/17 22:52:11 | 000,340,088 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\symds.sys
[2011/11/17 22:52:11 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\symtdiv.sys
[2011/11/17 22:52:11 | 000,296,568 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\symnets.sys
[2011/11/17 22:52:11 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\ironx86.sys
[2011/11/17 22:52:11 | 000,050,168 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0501000.01D\srtspx.sys
[2011/11/17 22:51:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0501000.01D
[2011/11/17 22:50:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2011/11/17 22:50:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2011/11/17 22:50:41 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2011/11/17 22:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2011/11/17 21:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/11/17 20:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/11/17 20:49:38 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/11/08 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Steven User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Security 2012
[2011/11/07 19:15:52 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[334 C:\Users\Steven User\Documents\*.tmp files -> C:\Users\Steven User\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Windows\System32\
[2011/11/26 20:51:54 | 000,000,000 | ---- | M] () -- C:\Windows\1970516416
[2011/11/26 20:51:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/26 19:24:11 | 146,509,049 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/26 19:09:25 | 000,607,658 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/26 19:09:25 | 000,105,530 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/26 18:43:58 | 076,004,920 | -H-- | M] () -- C:\ProgramData\xbejnmpolmid.dat
[2011/11/26 18:38:43 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/26 18:38:42 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/26 18:04:15 | 000,001,927 | ---- | M] () -- C:\Users\Steven User\Desktop\AV Protection 2011.lnk
[2011/11/26 17:58:53 | 000,000,925 | ---- | M] () -- C:\Users\Steven User\Desktop\Norton Installation Files.lnk
[2011/11/26 17:57:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
[2011/11/26 16:31:41 | 076,004,920 | ---- | M] () -- C:\Windows\System32\ej23jnm23.dat
[2011/11/26 16:31:31 | 076,004,920 | ---- | M] () -- C:\Windows\System32\ocejmiaiw.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\odej23moc.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\muhmiaol23.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\metroosehw.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\exeiuqolmis.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | M] () -- C:\Windows\System32\ewqlldnolmia.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\otiuqarcjra.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\ocmuhmjila.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\niw46mia23.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\busmjnolexe.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | M] () -- C:\Windows\System32\46nololarc.dat
[2011/11/26 16:12:36 | 000,000,034 | ---- | M] () -- C:\Windows\System32\BD2140.DAT
[2011/11/18 20:04:49 | 076,004,920 | ---- | M] () -- C:\Windows\System32\mia46mirmoc.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | M] () -- C:\Windows\System32\arcotniwniw.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | M] () -- C:\Windows\System32\23hwmiamoc.dat
[2011/11/18 20:01:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2011/11/18 18:20:45 | 000,775,673 | ---- | M] () -- C:\Users\Steven User\AppData\Local\dfl20z32.dll
[2011/11/18 02:33:05 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2011/11/18 02:32:42 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlrmdr.exe
[2011/11/18 02:32:42 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpnotify.exe
[2011/11/18 02:32:14 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2011/11/18 02:31:59 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2011/11/18 02:31:15 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011/11/18 02:29:40 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2011/11/18 02:29:33 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasautou.exe
[2011/11/18 02:29:15 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2011/11/18 02:29:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2011/11/18 02:29:01 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printui.exe
[2011/11/18 02:28:41 | 000,520,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2011/11/18 02:28:41 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2011/11/18 02:28:34 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2011/11/18 02:28:32 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2011/11/18 02:28:27 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2011/11/18 02:27:50 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2011/11/18 02:26:46 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/11/18 02:26:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2011/11/18 02:26:33 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2011/11/18 02:25:45 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2011/11/18 02:24:18 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2011/11/18 02:23:55 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/11/18 02:23:22 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2011/11/18 02:22:41 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2011/11/18 02:22:13 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdbinst.exe
[2011/11/17 23:39:26 | 000,048,016 | -HS- | M] () -- C:\Windows\System32\c_77621.nl_
[2011/11/17 23:18:19 | 002,284,298 | ---- | M] () -- C:\Windows\System32\drivers\N360\0501000.01D\Cat.DB
[2011/11/17 23:16:36 | 006,691,812 | ---- | M] () -- C:\Users\Steven User\AppData\Roaming\SMRBackup210.dat
[2011/11/17 22:52:39 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011/11/17 22:52:39 | 000,007,468 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011/11/17 22:52:39 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011/11/17 22:52:17 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2011/11/17 20:30:31 | 000,001,814 | ---- | M] () -- C:\Users\Steven User\AppData\Roaming\ldr.ini
[2011/11/17 18:00:24 | 000,000,680 | ---- | M] () -- C:\Users\Steven User\AppData\Local\d3d9caps.dat
[2011/11/17 17:55:33 | 000,002,609 | ---- | M] () -- C:\Users\Steven User\Desktop\Microsoft Office Word 2003.lnk
[2011/11/16 00:04:52 | 000,437,248 | ---- | M] () -- C:\Users\Steven User\AppData\Roaming\java.exe
[2011/11/14 17:55:47 | 000,000,340 | ---- | M] () -- C:\Users\Steven User\AppData\Local\wsr20zt32.dll
[2011/11/13 03:55:52 | 000,760,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/11/11 22:33:21 | 000,657,042 | ---- | M] () -- C:\Users\Steven User\Desktop\0.22068448169927946.exe
[2011/11/11 00:57:47 | 000,022,519 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011/11/09 23:14:20 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2011/11/09 21:09:08 | 001,818,624 | ---- | M] () -- C:\Windows\System32\System Security 2012v121.exe
[2011/11/09 01:58:19 | 000,215,552 | ---- | M] () -- C:\Windows\zip.exe
[2011/11/09 00:32:40 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2011/11/09 00:32:38 | 000,178,688 | ---- | M] (Twain Working Group) -- C:\Windows\twunk_32.exe
[2011/11/09 00:31:38 | 000,287,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011/11/09 00:31:38 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2011/11/09 00:31:37 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2011/11/09 00:31:37 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/11/09 00:31:36 | 000,393,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/11/09 00:31:36 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/11/09 00:31:35 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2011/11/09 00:31:35 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\write.exe
[2011/11/09 00:31:34 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
[2011/11/09 00:31:34 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2011/11/09 00:31:34 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcer.exe
[2011/11/09 00:31:31 | 003,364,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011/11/09 00:31:31 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winver.exe
[2011/11/09 00:31:30 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/11/09 00:31:29 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/11/09 00:31:27 | 000,355,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011/11/09 00:31:22 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2011/11/09 00:31:22 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2011/11/09 00:31:21 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\whoami.exe
[2011/11/09 00:31:21 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\where.exe
[2011/11/09 00:31:20 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2011/11/09 00:31:20 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/11/09 00:31:19 | 001,007,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011/11/09 00:31:18 | 001,290,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2011/11/09 00:31:18 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/11/09 00:30:41 | 000,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2011/11/09 00:30:41 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2011/11/09 00:30:40 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
[2011/11/09 00:30:40 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2011/11/09 00:30:39 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2011/11/09 00:30:39 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\verclsid.exe
[2011/11/09 00:30:38 | 000,786,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2011/11/09 00:30:37 | 000,458,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/11/09 00:30:37 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2011/11/09 00:30:36 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2011/11/09 00:30:35 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2011/11/09 00:30:35 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2011/11/09 00:30:34 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2011/11/09 00:30:33 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2011/11/09 00:30:33 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2011/11/09 00:30:33 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TRACERT.EXE
[2011/11/09 00:30:32 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2011/11/09 00:30:32 | 000,225,280 | ---- | M] (Toshiba Corporation) -- C:\Windows\System32\tosmreg.exe
[2011/11/09 00:30:31 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timeout.exe
[2011/11/09 00:30:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tcmsetup.exe
[2011/11/09 00:30:19 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2011/11/09 00:30:19 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2011/11/09 00:30:18 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2011/11/09 00:30:18 | 000,158,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TapiUnattend.exe
[2011/11/09 00:30:17 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesRemote.exe
[2011/11/09 00:30:17 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2011/11/09 00:30:17 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\systray.exe
[2011/11/09 00:30:16 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesProtection.exe
[2011/11/09 00:30:16 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesPerformance.exe
[2011/11/09 00:30:16 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesHardware.exe
[2011/11/09 00:30:15 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesDataExecutionPrevention.exe
[2011/11/09 00:30:15 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesComputerName.exe
[2011/11/09 00:30:15 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesAdvanced.exe
[2011/11/09 00:30:14 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2011/11/09 00:30:11 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2011/11/09 00:30:11 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2011/11/09 00:30:10 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\subst.exe
[2011/11/09 00:29:58 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2011/11/09 00:29:58 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sort.exe
[2011/11/09 00:29:57 | 000,423,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2011/11/09 00:29:57 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011/11/09 00:29:54 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2011/11/09 00:29:53 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2011/11/09 00:29:52 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sigverif.exe
[2011/11/09 00:29:51 | 000,543,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2011/11/09 00:29:51 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2011/11/09 00:29:50 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setx.exe
[2011/11/09 00:29:50 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2011/11/09 00:29:49 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2011/11/09 00:29:49 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2011/11/09 00:29:48 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/11/09 00:29:47 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011/11/09 00:29:47 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2011/11/09 00:29:46 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2011/11/09 00:29:46 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secinit.exe
[2011/11/09 00:29:44 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/11/09 00:29:44 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2011/11/09 00:29:43 | 000,299,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011/11/09 00:29:42 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2011/11/09 00:29:42 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sc.exe
[2011/11/09 00:29:42 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2011/11/09 00:29:41 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RunLegacyCPLElevated.exe
[2011/11/09 00:29:41 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\runas.exe
[2011/11/09 00:29:39 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2011/11/09 00:29:39 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2011/11/09 00:29:39 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/11/09 00:29:38 | 000,235,008 | ---- | M] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2011/11/09 00:29:38 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RmClient.exe
[2011/11/09 00:29:37 | 000,494,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/11/09 00:29:37 | 000,494,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/11/09 00:29:36 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/11/09 00:29:36 | 000,658,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/11/09 00:29:35 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\replace.exe
[2011/11/09 00:29:19 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2011/11/09 00:29:19 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2011/11/09 00:29:18 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/11/09 00:29:18 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regsvr32.exe
[2011/11/09 00:29:17 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2011/11/09 00:29:17 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2011/11/09 00:29:17 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regedt32.exe
[2011/11/09 00:29:16 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\recover.exe
[2011/11/09 00:29:15 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2011/11/09 00:29:15 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2011/11/09 00:29:15 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2011/11/09 00:29:14 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2011/11/09 00:29:13 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2011/11/09 00:29:12 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2011/11/09 00:29:10 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/11/09 00:29:10 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/11/09 00:29:10 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\print.exe
[2011/11/09 00:29:09 | 000,436,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/11/09 00:29:09 | 000,211,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powercfg.exe
[2011/11/09 00:29:08 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011/11/09 00:29:08 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2011/11/09 00:29:08 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\plasrv.exe
[2011/11/09 00:29:07 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011/11/09 00:29:07 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2011/11/09 00:29:06 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2011/11/09 00:29:06 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2011/11/09 00:29:05 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcaui.exe
[2011/11/09 00:29:05 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcaelv.exe
[2011/11/09 00:29:05 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcalua.exe
[2011/11/09 00:29:04 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2011/11/09 00:29:04 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2011/11/09 00:29:04 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PATHPING.EXE
[2011/11/09 00:29:03 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2011/11/09 00:29:03 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\openfiles.exe
[2011/11/09 00:28:54 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.exe
[2011/11/09 00:28:53 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcad32.exe
[2011/11/09 00:28:53 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011/11/09 00:28:52 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe
[2011/11/09 00:28:51 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011/11/09 00:28:49 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/11/09 00:28:48 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netsh.exe
[2011/11/09 00:28:48 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NetProj.exe
[2011/11/09 00:28:47 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2011/11/09 00:28:47 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2011/11/09 00:28:46 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2011/11/09 00:28:46 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2011/11/09 00:28:45 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2011/11/09 00:28:44 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2011/11/09 00:28:42 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2011/11/09 00:28:41 | 000,632,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2011/11/09 00:28:41 | 000,612,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2011/11/09 00:28:41 | 000,555,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011/11/09 00:28:40 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/09 00:28:37 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2011/11/09 00:28:37 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2011/11/09 00:28:33 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2011/11/09 00:28:33 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/11/09 00:28:32 | 001,939,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2011/11/09 00:28:19 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2011/11/09 00:28:17 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2011/11/09 00:28:16 | 000,423,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2011/11/09 00:28:16 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2011/11/09 00:28:16 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MdRes.exe
[2011/11/09 00:28:15 | 001,086,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011/11/09 00:28:15 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2011/11/09 00:28:14 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2011/11/09 00:28:11 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2011/11/09 00:28:10 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2011/11/09 00:28:10 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011/11/09 00:28:07 | 000,242,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/11/09 00:28:06 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2011/11/09 00:28:01 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\label.exe
[2011/11/09 00:28:01 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2011/11/09 00:28:00 | 000,286,720 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/11/09 00:28:00 | 000,282,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/11/09 00:27:59 | 000,282,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/11/09 00:27:58 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\irftp.exe
[2011/11/09 00:27:58 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iscsicpl.exe
[2011/11/09 00:27:57 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2011/11/09 00:27:57 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2011/11/09 00:27:48 | 001,060,864 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe
[2011/11/09 00:27:46 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/11/09 00:27:46 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/09 00:27:45 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/09 00:27:45 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2011/11/09 00:27:44 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2011/11/09 00:27:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/11/09 00:27:42 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/11/09 00:27:41 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\help.exe
[2011/11/09 00:27:40 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\grpconv.exe
[2011/11/09 00:27:38 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2011/11/09 00:27:38 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2011/11/09 00:27:37 | 000,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2011/11/09 00:27:36 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2011/11/09 00:27:36 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011/11/09 00:27:35 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\forfiles.exe
[2011/11/09 00:27:35 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontview.exe
[2011/11/09 00:27:35 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltMC.exe
[2011/11/09 00:27:34 | 002,732,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2011/11/09 00:27:34 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallSettings.exe
[2011/11/09 00:27:34 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fixmapi.exe
[2011/11/09 00:27:33 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011/11/09 00:27:33 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\find.exe
[2011/11/09 00:27:33 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/11/09 00:27:32 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2011/11/09 00:27:31 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2011/11/09 00:27:30 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eventvwr.exe
[2011/11/09 00:27:30 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eventcreate.exe
[2011/11/09 00:27:29 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2011/11/09 00:27:29 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2011/11/09 00:27:15 | 000,400,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/11/09 00:27:15 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\efsui.exe
[2011/11/09 00:27:14 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2011/11/09 00:27:13 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dvdupgrd.exe
[2011/11/09 00:22:42 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2011/11/09 00:22:41 | 000,170,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2011/11/09 00:22:41 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dplaysvr.exe
[2011/11/09 00:22:40 | 000,554,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2011/11/09 00:22:40 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2011/11/09 00:22:39 | 000,249,856 | ---- | M] (Apple Inc.) -- C:\Windows\System32\dns-sd.exe
[2011/11/09 00:22:39 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\doskey.exe
[2011/11/09 00:22:38 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2011/11/09 00:22:38 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhst3g.exe
[2011/11/09 00:22:37 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011/11/09 00:22:37 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011/11/09 00:22:37 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2011/11/09 00:22:36 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2011/11/09 00:22:36 | 000,178,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dialer.exe
[2011/11/09 00:22:35 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2011/11/09 00:22:35 | 000,311,296 | ---- | M] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2011/11/09 00:22:34 | 000,244,224 | ---- | M] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2011/11/09 00:22:34 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2011/11/09 00:22:34 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2011/11/09 00:22:33 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2011/11/09 00:22:33 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DeviceProperties.exe
[2011/11/09 00:22:32 | 000,374,272 | ---- | M] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2011/11/09 00:22:31 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dcomcnfg.exe
[2011/11/09 00:22:29 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/11/09 00:22:29 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credwiz.exe
[2011/11/09 00:22:28 | 000,359,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\control.exe
[2011/11/09 00:22:28 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2011/11/09 00:22:27 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2011/11/09 00:21:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2011/11/09 00:21:00 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2011/11/09 00:21:00 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comp.exe
[2011/11/09 00:21:00 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\compact.exe
[2011/11/09 00:20:58 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\colorcpl.exe
[2011/11/09 00:20:57 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2011/11/09 00:20:57 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cofire.exe
[2011/11/09 00:20:56 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2011/11/09 00:20:56 | 000,196,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2011/11/09 00:20:55 | 000,466,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2011/11/09 00:20:55 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clip.exe
[2011/11/09 00:20:55 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmdkey.exe
[2011/11/09 00:20:54 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cleanmgr.exe
[2011/11/09 00:20:54 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2011/11/09 00:20:54 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cliconfg.exe
[2011/11/09 00:20:53 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\choice.exe
[2011/11/09 00:20:53 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\chkntfs.exe
[2011/11/09 00:20:52 | 000,946,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2011/11/09 00:20:52 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\charmap.exe
[2011/11/09 00:20:52 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\chkdsk.exe
[2011/11/09 00:20:51 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2011/11/09 00:20:51 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2011/11/09 00:20:46 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2011/11/09 00:20:46 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2011/11/09 00:20:45 | 000,241,664 | ---- | M] (Brother Industries Ltd) -- C:\Windows\System32\BRRBTOOL.EXE
[2011/11/09 00:20:45 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2011/11/09 00:20:44 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2011/11/09 00:20:42 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2011/11/09 00:20:41 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2011/11/09 00:20:39 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011/11/09 00:20:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\attrib.exe
[2011/11/09 00:20:38 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2011/11/09 00:20:38 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2011/11/09 00:20:38 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/11/09 00:20:36 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AdapterTroubleshooter.exe
[2011/11/09 00:20:35 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2011/11/09 00:19:23 | 000,246,272 | ---- | M] () -- C:\Windows\sed.exe
[2011/11/09 00:19:20 | 000,425,984 | ---- | M] (Toshiba America Information Systems) -- C:\Windows\SavePOH.exe
[2011/11/09 00:19:19 | 004,591,616 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2011/11/09 00:19:19 | 001,339,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2011/11/09 00:19:08 | 000,403,968 | ---- | M] () -- C:\Windows\PEV.exe
[2011/11/09 00:15:49 | 000,462,848 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011/11/09 00:15:48 | 000,645,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2011/11/09 00:15:43 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2011/11/09 00:14:57 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011/11/09 00:08:50 | 000,195,072 | ---- | M] (Agere Systems) -- C:\Windows\agrsmdel.exe
[2011/11/09 00:05:34 | 000,430,080 | ---- | M] () -- C:\Users\Steven User\Desktop\0.6255255489322431.exe
[2011/11/08 23:35:12 | 000,638,976 | ---- | M] (Toshiba Corporation) -- C:\Windows\System32\cselect.exe
[2011/11/08 22:59:47 | 001,267,298 | ---- | M] () -- C:\Users\Steven User\Desktop\0.8543574810547517.exe
[2011/11/08 22:53:30 | 005,292,544 | ---- | M] (ParetoLogic, Inc.) -- C:\Users\Steven User\Desktop\PCHA.exe
[2011/11/08 22:53:13 | 000,262,144 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
[2011/11/08 22:52:43 | 000,158,720 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
[2011/11/08 22:52:17 | 000,133,632 | ---- | M] () -- C:\Users\Steven User\Desktop\0.4049731133631722.exe
[2011/11/06 23:35:41 | 000,001,100 | ---- | M] () -- C:\Users\Steven User\AppData\Local\d3d8caps.dat
[334 C:\Users\Steven User\Documents\*.tmp files -> C:\Users\Steven User\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/26 16:31:41 | 076,004,920 | ---- | C] () -- C:\Windows\System32\ej23jnm23.dat
[2011/11/26 16:31:31 | 076,004,920 | ---- | C] () -- C:\Windows\System32\ocejmiaiw.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\odej23moc.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\muhmiaol23.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\metroosehw.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\exeiuqolmis.dat
[2011/11/26 16:31:30 | 076,004,920 | ---- | C] () -- C:\Windows\System32\ewqlldnolmia.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\otiuqarcjra.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\ocmuhmjila.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\niw46mia23.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\busmjnolexe.dat
[2011/11/26 16:31:29 | 076,004,920 | ---- | C] () -- C:\Windows\System32\46nololarc.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | C] () -- C:\Windows\System32\mia46mirmoc.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | C] () -- C:\Windows\System32\arcotniwniw.dat
[2011/11/18 20:04:49 | 076,004,920 | ---- | C] () -- C:\Windows\System32\23hwmiamoc.dat
[2011/11/18 20:01:13 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NBRTWizard\0401000.00F\isolate.ini
[2011/11/17 23:17:25 | 002,284,298 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\Cat.DB
[2011/11/17 23:15:54 | 006,691,812 | ---- | C] () -- C:\Users\Steven User\AppData\Roaming\SMRBackup210.dat
[2011/11/17 23:07:14 | 000,000,925 | ---- | C] () -- C:\Users\Steven User\Desktop\Norton Installation Files.lnk
[2011/11/17 22:52:39 | 000,007,468 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011/11/17 22:52:39 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011/11/17 22:52:11 | 000,007,877 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symnetv.cat
[2011/11/17 22:52:11 | 000,007,528 | R--- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\iron.cat
[2011/11/17 22:52:11 | 000,007,458 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symnet.cat
[2011/11/17 22:52:11 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symefa.cat
[2011/11/17 22:52:11 | 000,007,454 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\srtspx.cat
[2011/11/17 22:52:11 | 000,007,450 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\srtsp.cat
[2011/11/17 22:52:11 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symefa.inf
[2011/11/17 22:52:11 | 000,002,792 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symds.inf
[2011/11/17 22:52:11 | 000,001,474 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symnetv.inf
[2011/11/17 22:52:11 | 000,001,446 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symnet.inf
[2011/11/17 22:52:11 | 000,001,389 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\srtspx.inf
[2011/11/17 22:52:11 | 000,001,383 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\srtsp.inf
[2011/11/17 22:52:11 | 000,000,742 | R--- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\iron.inf
[2011/11/17 22:52:11 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\isolate.ini
[2011/11/17 22:51:41 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\N360\0501000.01D\symds.cat
[2011/11/17 20:30:31 | 000,001,927 | ---- | C] () -- C:\Users\Steven User\Desktop\AV Protection 2011.lnk
[2011/11/15 17:08:22 | 000,437,248 | ---- | C] () -- C:\Users\Steven User\AppData\Roaming\java.exe
[2011/11/12 01:33:53 | 000,048,016 | -HS- | C] () -- C:\Windows\System32\c_77621.nl_
[2011/11/11 22:32:20 | 000,657,042 | ---- | C] () -- C:\Users\Steven User\Desktop\0.22068448169927946.exe
[2011/11/08 23:52:09 | 000,775,673 | ---- | C] () -- C:\Users\Steven User\AppData\Local\dfl20z32.dll
[2011/11/08 22:59:47 | 000,430,080 | ---- | C] () -- C:\Users\Steven User\Desktop\0.6255255489322431.exe
[2011/11/08 22:57:40 | 000,001,814 | ---- | C] () -- C:\Users\Steven User\AppData\Roaming\ldr.ini
[2011/11/08 22:57:32 | 001,818,624 | ---- | C] () -- C:\Windows\System32\System Security 2012v121.exe
[2011/11/08 22:53:33 | 000,000,340 | ---- | C] () -- C:\Users\Steven User\AppData\Local\wsr20zt32.dll
[2011/11/08 22:52:12 | 001,267,298 | ---- | C] () -- C:\Users\Steven User\Desktop\0.8543574810547517.exe
[2011/11/08 22:52:12 | 000,133,632 | ---- | C] () -- C:\Users\Steven User\Desktop\0.4049731133631722.exe
[2011/06/06 21:59:30 | 000,000,680 | ---- | C] () -- C:\Users\Steven User\AppData\Local\d3d9caps.dat
[2011/06/05 22:09:49 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~30531320r
[2011/06/05 22:09:48 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~30531320
[2011/06/05 22:08:44 | 000,000,392 | -H-- | C] () -- C:\ProgramData\30531320
[2011/06/05 17:51:42 | 000,001,100 | ---- | C] () -- C:\Users\Steven User\AppData\Local\d3d8caps.dat
[2011/05/28 01:09:00 | 076,004,920 | -H-- | C] () -- C:\ProgramData\xbejnmpolmid.dat
[2011/05/28 01:09:00 | 003,748,983 | -H-- | C] () -- C:\Windows\System32\32mnj32je.dat
[2011/05/28 01:09:00 | 003,412,402 | -H-- | C] () -- C:\Windows\System32\com32jedo.dat
[2011/05/28 01:09:00 | 003,255,548 | -H-- | C] () -- C:\Windows\System32\winwintocra.dat
[2011/05/28 01:09:00 | 003,255,548 | -H-- | C] () -- C:\Windows\System32\comrim64aim.dat
[2011/05/28 01:09:00 | 003,255,548 | -H-- | C] () -- C:\Windows\System32\comaimwh32.dat
[2011/05/28 01:09:00 | 003,233,636 | -H-- | C] () -- C:\Windows\System32\wiaimjeco.dat
[2011/05/28 01:09:00 | 003,195,681 | -H-- | C] () -- C:\Windows\System32\exelonjmsub.dat
[2011/05/28 01:09:00 | 003,195,681 | -H-- | C] () -- C:\Windows\System32\alijmhumco.dat
[2011/05/28 01:09:00 | 002,938,007 | -H-- | C] () -- C:\Windows\System32\simloquiexe.dat
[2011/05/28 01:09:00 | 002,610,209 | -H-- | C] () -- C:\Windows\System32\arjcraquito.dat
[2011/05/28 01:09:00 | 002,554,671 | -H-- | C] () -- C:\Windows\System32\32aim64win.dat
[2011/05/28 01:09:00 | 002,499,132 | -H-- | C] () -- C:\Windows\System32\32loaimhum.dat
[2011/05/28 01:09:00 | 002,480,750 | -H-- | C] () -- C:\Windows\System32\cralolon64.dat
[2011/05/28 01:09:00 | 002,024,737 | -H-- | C] () -- C:\Windows\System32\aimlondllqwe.dat
[2011/05/28 01:09:00 | 002,016,254 | -H-- | C] () -- C:\Windows\System32\whesoortem.dat
[2011/05/28 01:09:00 | 001,512,735 | -H-- | C] () -- C:\ProgramData\dimlopmnjebx.dat
[2010/11/29 16:08:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/11/29 16:08:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/11/25 17:10:48 | 000,227,896 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2010/11/25 17:07:39 | 000,035,384 | ---- | C] () -- C:\Windows\System32\drivers\kbdclass.sys
[2010/11/24 14:42:18 | 000,000,680 | ---- | C] () -- C:\Users\Steven\AppData\Local\d3d9caps.dat
[2010/09/30 14:47:29 | 000,403,968 | ---- | C] () -- C:\Windows\PEV.exe
[2010/09/30 14:47:29 | 000,246,272 | ---- | C] () -- C:\Windows\sed.exe
[2010/09/30 14:47:29 | 000,215,552 | ---- | C] () -- C:\Windows\zip.exe
[2010/09/30 14:47:29 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010/09/30 14:47:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/09/10 20:45:27 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/07/28 23:18:47 | 000,003,584 | ---- | C] () -- C:\Users\Guest\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/03 19:20:27 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/12/03 19:20:27 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2140.DAT
[2008/10/26 11:26:38 | 000,006,656 | ---- | C] () -- C:\Users\Steven User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/16 19:10:14 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/03/29 17:35:45 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2007/11/06 18:23:34 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/11/06 18:13:22 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/11/06 18:13:22 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/11/06 18:13:22 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/11/06 18:13:22 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/11/06 18:13:22 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/11/06 18:13:22 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/11/06 17:33:45 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/11/06 17:33:45 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007/11/06 17:33:44 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/11/06 17:33:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/11/06 17:27:21 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007/11/06 17:27:21 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007/11/06 17:27:21 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007/11/06 17:27:21 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/09/13 18:31:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007/09/13 18:22:46 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/09/13 18:22:46 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/09/13 18:11:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/12/05 16:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,321,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,607,658 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,105,530 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 13:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/07/23 00:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2010/09/10 21:55:04 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\DriverCure
[2010/10/04 20:13:00 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\gtk-2.0
[2010/12/15 15:03:25 | 000,000,000 | -HSD | M] -- C:\Users\Steven\AppData\Roaming\Internet Security Suite
[2010/07/11 15:05:20 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\My Battle for Middle-earth Files
[2010/09/10 21:55:04 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\ParetoLogic
[2008/04/06 10:57:17 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\TOSHIBA
[2008/03/29 17:43:54 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\WildTangent
[2008/04/06 10:55:30 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\WinBatch
[2011/06/05 22:05:46 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\BitTorrent
[2010/12/07 15:45:17 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\DriverCure
[2011/06/06 22:12:55 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\My Battle for Middle-earth Files
[2011/06/06 22:12:55 | 000,000,000 | ---D | M] -- C:\Users\Steven User\AppData\Roaming\My Battle for Middle-earth™ II Files
[2010/12/07 15:45:12 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\ParetoLogic
[2009/12/13 16:18:55 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\WeatherBug
[2008/06/27 16:19:46 | 000,000,000 | -H-D | M] -- C:\Users\Steven User\AppData\Roaming\WinBatch
[2011/01/13 03:07:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\2f8725
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/06/06 22:12:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Flip Video
[2010/12/08 18:35:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\ISVZJKWXPS
[2010/09/10 19:40:12 | 000,000,000 | -HSD | M] -- C:\ProgramData\MSDXBJHHS
[2011/06/05 21:17:26 | 000,000,000 | -H-D | M] -- C:\ProgramData\Napster
[2011/11/26 17:58:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\ParetoLogic
[2011/11/17 22:36:51 | 000,000,000 | ---D | M] -- C:\ProgramData\PCSettings
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2007/12/11 08:36:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\Toshiba
[2011/06/06 22:12:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2011/06/06 22:12:47 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2009/03/15 14:23:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/12/11 08:13:39 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2010/05/02 13:17:26 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/08/14 23:59:59 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011/10/01 00:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2010/09/10 21:54:55 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor Defrag.job
[2011/11/26 16:31:01 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< :OTL >

< @Alternate Data Stream - 816 bytes -> C:\Windows\1970516416:1062112394.exe >


< :files >

< C:\Windows\System32\drivers\kbdclass.sys|C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys /replace >
Invalid Switch: replace

< C:\Windows\System32\drivers\volsnap.sys|C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys /replace >
Invalid Switch: replace


========== Alternate Data Streams ==========

@Alternate Data Stream - 816 bytes -> C:\Windows\1970516416:1062112394.exe

< End of report >

OP getting help elsewhere. Please do not post here unless the OP returns with a different problem.

AV Protection Virus - Cannot boot even in safe mode
AV Protection Virus - Cannot boot even in safe mode [Solved] - Geeks to Go Forums

That computer is highly compromised!! I would suggest a wipe and re-install of the OS!
Looks to be ZeroAccess Rootkit.