Inactive Trouble with adding a post in the forums

Status
Not open for further replies.
W

WillCom

Posts: 30   +0
hi, im extremely new to this site and need help. i have repeated software craches,system hangs,very slugish, i even battle to get on the net. i worked through the 8step virus\spyware removal instructions, saved the .log's but finding alot of difficulty to post it? Can anyony plz advice.

Thank You!
 
Hi and welcome to TechSpot forums :).

====

I suggest you post them the same way you have posted your message :). Just copy the log then paste (Ctrl + V)) them into your reply box.
You may need to split the logs over more than one post.
 
Hi, system craches&laggs.got svchost.exe&Acgeneral.dll errors

Hi, system craches&laggs.got svchost.exe&Acgeneral.dll errors.
I worked through the 8step virus removal, saved the log files as requested.
system was fine,I installed Bit Defender,scanned the system,it found viruses,it could not repair all the files so I opped for delete. now im getting "Generic Host Process For Win32 Services Error Signatures".
szAppName:svchost.exe szAppVer:5.1.2600.5512
szModName:AcGeneral.dll szModVer:5.1.2600.5512 offset:000116e2
Error Report Contens:
c:\Docume~1\Bee\Locals~1\Temp\WER424b.dir00\svchost.exe.mdmp
c:\Docume~1\Bee\Locals~1\Temp\WER424b.dir00\appcompat.txt

here is some info I got on the svchost.exe File Version:5.1.2600.5512
(xpsp.080413-2111)

dont know if all of that would be of any extra help...

Ok, now for the logs that I save after running the 8step programe.

Attached log files:
zipped and attached as requested.

I really hope you can assist.

Thank You.

Ok..Here they are, the saved log files:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4483

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/26/2010 8:09:59 PM
mbam-log-2010-08-26 (20-09-59).txt

Scan type: Quick scan
Objects scanned: 127098
Time elapsed: 24 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-08-26 20:21:45
Windows 5.1.2600 Service Pack 3
Running: GMER.exe; Driver: C:\DOCUME~1\Bee\LOCALS~1\Temp\pxtdqpow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

---- Services - GMER 1.0.15 ----

Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] nojjcsj <-- ROOTKIT !!!

---- EOF - GMER 1.0.15 ----



DDS (Ver_10-03-17.01) - NTFSx86
Run by Bee at 20:29:54.58 on Thu 08/26/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.267 [GMT 2:00]

AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Bee\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [LXCJCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCJtime.dll,_RunDLLEntry@16
mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [DAEMON Tools-1033] "c:\program files\d-tools\daemon.exe" -lang 1033
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2009\bdagent.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

============= SERVICES / DRIVERS ===============

R2 BDVEDISK;BDVEDISK;c:\program files\bitdefender\bitdefender 2009\BDVEDISK.sys [2008-10-6 82696]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-9-18 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2009-2-12 104456]
R3 st3bus28;st3bus28;c:\windows\system32\drivers\st3bus28.sys [2002-12-28 8416]
R3 st3mp28;st3mp28;c:\windows\system32\drivers\st3mp28.sys [2002-12-28 95328]
S2 nojjcsj;texuzwhme;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe [2009-1-20 172032]

=============== Created Last 30 ================

2010-08-26 17:35:24 0 d-----w- c:\docume~1\bee\applic~1\Malwarebytes
2010-08-26 17:34:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-26 17:34:31 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-08-26 17:34:23 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-26 17:34:22 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-26 14:12:06 0 d-----w- c:\docume~1\bee\applic~1\Auslogics
2010-08-26 14:09:23 0 d-----w- c:\program files\Auslogics
2010-08-26 13:09:00 0 d-sh--w- c:\documents and settings\bee\IECompatCache
2010-08-26 13:07:50 0 d-sh--w- c:\documents and settings\bee\PrivacIE
2010-08-26 12:57:09 0 d-sh--w- c:\documents and settings\bee\IETldCache
2010-08-26 12:41:19 16896 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-08-26 12:40:41 0 d-----w- c:\windows\ie8updates
2010-08-26 12:40:16 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-08-26 12:40:14 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-08-26 12:40:13 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-08-26 12:40:10 1986560 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-08-26 12:40:09 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-08-26 12:40:08 11077120 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-08-26 12:40:07 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-08-26 12:34:27 0 dc-h--w- c:\windows\ie8
2010-08-26 11:48:14 0 d-----w- c:\program files\MSXML 4.0
2010-08-26 11:28:04 0 d-----w- c:\docume~1\bee\applic~1\NewSoft
2010-08-26 09:46:49 0 d-----w- c:\windows\system32\NtmsData
2010-08-25 15:25:43 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-08-25 15:25:43 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-08-25 15:24:51 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-08-25 15:18:56 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-08-25 15:18:54 2189056 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-08-25 15:18:51 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-08-25 14:04:36 0 d-----w- c:\windows\system32\PreInstall
2010-08-25 14:04:33 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-08-25 14:04:29 0 d--h--w- c:\windows\$hf_mig$
2010-08-25 12:48:48 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-08-25 12:44:29 13700 ----a-w- c:\windows\system32\wpa.bak
2010-08-25 11:49:37 850 ----a-w- c:\windows\system32\ProductTweaks.xml
2010-08-25 11:49:15 385 ----a-w- c:\windows\system32\user_gensett.xml
2010-08-25 11:47:22 81984 ----a-w- c:\windows\system32\bdod.bin
2010-08-25 11:46:40 121 ----a-w- c:\windows\bdagent.INI
2010-08-25 10:39:02 0 d-----w- c:\docume~1\bee\applic~1\BitDefender
2010-08-25 10:38:15 0 d-----w- c:\program files\BitDefender
2010-08-25 10:38:15 0 d-----w- c:\docume~1\alluse~1\applic~1\BitDefender
2010-08-25 10:22:14 0 d-----w- c:\program files\common files\BitDefender
2010-08-24 13:43:19 110592 ----a-w- c:\windows\system32\tsccvid.dll
2010-08-24 10:48:47 0 d-----w- c:\windows\Cache
2010-08-24 06:59:08 0 d-----w- c:\docume~1\bee\applic~1\SolidWorks
2010-08-23 17:04:30 0 d-----w- c:\program files\common files\eDrawings2005
2010-08-23 17:03:16 0 d-----w- c:\docume~1\bee\applic~1\DWGEditor
2010-08-23 17:03:14 42 ----a-w- c:\windows\trailer.xws
2010-08-23 17:03:11 23 ---ha-w- c:\windows\yacht.xws
2010-08-23 17:02:48 639052 ----a-w- c:\windows\system32\BBPDFPortMon.dll
2010-08-23 16:53:42 0 d-----w- c:\program files\common files\SolidWorks Shared
2010-08-23 16:53:31 0 d-----w- c:\program files\common files\Bluebeam Software
2010-08-23 16:42:51 0 d-----w- c:\program files\Bluebeam Software
2010-08-23 16:42:51 0 d-----w- c:\docume~1\alluse~1\applic~1\Bluebeam Software
2010-08-23 16:35:36 0 d-----w- c:\program files\D-Tools
2010-08-23 11:10:52 88566 ----a-w- c:\windows\system32\nvapps.xml
2010-08-23 11:10:52 208896 ----a-w- c:\windows\system32\nvudisp.exe
2010-08-23 11:10:52 17056 ----a-w- c:\windows\system32\nvdisp.nvu
2010-08-23 11:10:52 0 d-----w- c:\windows\nview
2010-08-23 11:10:34 208896 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-08-23 11:09:36 0 d-----w- C:\NVIDIA
2010-08-23 11:03:25 0 d-sh--w- c:\documents and settings\bee\UserData
2010-08-23 11:00:09 3243 ----a-w- c:\windows\system32\wbem\Outlook_01cb42b259f12840.mof
2010-08-23 10:58:53 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-08-23 10:58:53 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-08-23 10:58:08 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2010-08-23 10:58:08 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2010-08-23 10:58:08 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-08-23 10:58:08 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-08-23 10:57:27 0 d-----w- c:\program files\Altech
2010-08-23 07:45:52 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-08-23 07:31:08 0 d-----w- c:\windows\SHELLNEW
2010-08-23 06:46:20 0 d-----w- c:\program files\Abbyy FineReader 6.0 Sprint
2010-08-23 06:44:28 28672 ----a-w- c:\windows\hookdllX.dll
2010-08-23 06:44:28 0 d-----w- c:\program files\common files\NewSoft
2010-08-23 06:44:15 11776 ----a-w- c:\windows\system32\pmsbfn32.dll
2010-08-23 06:44:15 0 d-----w- c:\windows\system32\color
2010-08-23 06:44:15 0 d-----w- c:\program files\Lexmark Applications
2010-08-23 06:44:09 257 ----a-w- c:\windows\setup.iss
2010-08-23 06:43:30 0 d-----w- c:\program files\Lx_cats
2010-08-23 06:43:05 40960 ----a-w- c:\windows\system32\lxcjvs.dll
2010-08-23 06:43:04 344064 ----a-w- c:\windows\system32\lxcjcoin.dll
2010-08-23 06:42:47 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-08-23 06:42:47 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-08-23 06:42:39 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2010-08-23 06:42:39 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2010-08-23 06:42:35 413696 ----a-w- c:\windows\system32\lxcjdrs.dll
2010-08-23 06:42:34 61440 ----a-w- c:\windows\system32\lxcjcnv4.dll
2010-08-23 06:13:06 0 d-----w- c:\program files\Lexmark 8300 Series
2010-08-22 13:38:23 384 ----a-w- c:\windows\pfe32.ini
2010-08-22 13:14:01 0 d-----w- c:\program files\CNC Software, Inc
2010-08-22 12:47:15 457216 ----a-w- c:\windows\system32\drivers\hardlock.sys
2010-08-22 12:47:13 6656 ----a-w- c:\windows\system32\haspvdd.dll
2010-08-22 12:47:13 47616 ----a-w- c:\windows\system32\drivers\Haspnt.sys
2010-08-22 12:47:13 383 ----a-w- c:\windows\system32\haspdos.sys
2010-08-22 12:47:13 2577 ----a-w- c:\windows\system32\config.hsp
2010-08-22 12:45:04 86016 ----a-w- c:\windows\system32\MCLSTCTL.OCX
2010-08-22 12:45:04 53248 ----a-w- c:\windows\system32\MCREAL.OCX
2010-08-22 12:45:04 53248 ----a-w- c:\windows\system32\MCBITMAP.OCX
2010-08-22 12:45:04 45056 ----a-w- c:\windows\system32\MCINT.OCX
2010-08-22 12:45:04 29028 ----a-w- c:\windows\system32\MSPLIT.EXE
2010-08-22 12:45:04 21638 ----a-w- c:\windows\system32\Mpack.exe
2010-08-22 12:45:04 17858 ----a-w- c:\windows\system32\Munpack.exe
2010-08-22 12:45:04 15956 ----a-w- c:\windows\system32\MJOIN.EXE
2010-08-22 12:17:58 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-08-22 11:52:37 0 d-----w- c:\docume~1\alluse~1\applic~1\Nero
2010-08-22 11:52:36 0 d-----w- c:\program files\Nero
2010-08-22 11:22:25 0 d-----w- c:\program files\common files\ODBC
2010-08-22 11:22:20 0 d-----w- c:\program files\common files\SpeechEngines
2010-08-22 11:21:48 0 d-----r- c:\documents and settings\all users\Documents
2010-08-22 11:02:50 0 d-----w- c:\program files\Realtek Sound Manager
2010-08-22 11:02:49 0 d-----w- c:\program files\AvRack
2010-08-22 11:02:37 0 d-----w- c:\program files\Realtek AC97
2010-08-22 09:59:33 0 d-sh--w- c:\documents and settings\all users\DRM
2010-08-22 09:58:53 0 d--h--w- c:\program files\WindowsUpdate
2010-08-22 09:58:01 0 d-----w- c:\program files\common files\MSSoap
2010-08-22 09:55:31 0 d-----w- c:\program files\Online Services
2010-08-22 09:55:20 0 d-----w- c:\program files\Messenger
2010-08-22 09:55:16 0 d-----w- c:\program files\MSN Gaming Zone
2010-08-22 09:54:34 0 d-----w- c:\program files\Windows NT

==================== Find3M ====================

2010-08-25 15:59:10 104456 ----a-w- c:\windows\system32\drivers\bdfndisf.sys
2010-08-22 09:56:10 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-24 12:22:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:10:44 81920 ------w- c:\windows\system32\ieencode.dll

============= FINISH: 20:33:20.64 ==============
 

Attachments

  • #attach.zip
    2.9 KB · Views: 0
  • #DDS.txt
    12.5 KB · Views: 1
  • gmer.log
    1.1 KB · Views: 2
  • mbam-log-2010-08-26 (20-09-59).txt
    1.2 KB · Views: 1
I am looking at your logs now. Please do not start a new thread again, but just answer in this one :).

Do not attach zip files please and can you please paste the logs as requested, not attach them.
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/22/2010 12:06:05 PM
System Uptime: 8/26/2010 8:14:01 PM (0 hours ago)

Motherboard: MSI | | MS-6559
Processor: Intel(R) Pentium(R) 4 CPU 1.60GHz | PGA478 | 1611/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 10 GiB total, 1.995 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 4.968 GiB free.
E: is CDROM ()
F: is CDROM ()
H: is CDROM ()
I: is CDROM ()
J: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_11C1&DEV_048F&SUBSYS_00011848&REV_02\3&61AAA01&0&38
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_11C1&DEV_048F&SUBSYS_00011848&REV_02\3&61AAA01&0&38
Service:

==== System Restore Points ===================

RP1: 8/23/2010 1:13:05 PM - System Checkpoint
RP2: 8/23/2010 6:35:34 PM - Installed DAEMON Tools
RP3: 8/23/2010 6:37:35 PM - 23-08-2010RESTORE1
RP4: 8/23/2010 6:42:13 PM - Installed SolidWorks 2005 SP0
RP5: 8/23/2010 7:02:59 PM - Printer Driver BluebeamPSDriver Installed
RP6: 8/23/2010 7:04:26 PM - Installed PDMWorks Clients 2005
RP7: 8/23/2010 7:05:24 PM - Installed eDrawings 2005
RP8: 8/24/2010 12:51:31 PM - Installed Adobe Reader 6.0
RP9: 8/24/2010 2:40:51 PM - Removed Adobe Reader 6.0
RP10: 8/24/2010 2:41:16 PM - Installed Adobe Reader 9.1.
RP11: 8/24/2010 3:10:50 PM - 24-08-2010RSTRPOINT2
RP12: 8/24/2010 3:11:19 PM - Revo Uninstaller's restore point - Mastercam 9 SP1
RP13: 8/24/2010 3:11:43 PM - Removed Mastercam 9 SP1
RP14: 8/24/2010 3:40:33 PM - Installed Mastercam 9 SP1
RP15: 8/24/2010 3:45:18 PM - Installed Mastercam 9.0 Service Pack 1
RP16: 8/25/2010 9:05:42 AM - Printer Driver Send To Microsoft OneNote Driver Installed
RP17: 8/25/2010 12:37:46 PM - Installed BitDefender Internet Security 2009
RP18: 8/25/2010 4:04:14 PM - Software Distribution Service 3.0
RP19: 8/25/2010 7:58:32 PM - 25810stmslugish
RP20: 8/26/2010 11:44:05 AM - ranBitDfstlslugzcvhosterr
RP21: 8/26/2010 3:05:42 PM - Installed Windows XP WgaNotify.

==== Installed Programs ======================


ABBYY FineReader 6.0 Sprint
Acrobat.com
Adobe AIR
Adobe Reader 9.1
Altech
Auslogics BoostSpeed
BitDefender Internet Security 2009
DAEMON Tools
eDrawings 2005
Hotfix for Windows XP (KB981793)
Lexmark 8300 Series
Malwarebytes' Anti-Malware
Mastercam 9 SP1
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Essentials
NVIDIA Drivers
PDMWorks Clients 2005
Presto! Forms 3.50.02
Presto! PageManager 7.12.10
Print to Fax
Realtek AC'97 Audio
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB982214)
SolidWorks 2005 SP0
Update for Windows Internet Explorer 8 (KB982664)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Media Format Runtime

==== Event Viewer Messages From Past Week ========

8/26/2010 7:27:12 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
8/26/2010 7:27:12 PM, error: Service Control Manager [7034] - The lxcj_device service terminated unexpectedly. It has done this 1 time(s).
8/25/2010 7:56:07 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/25/2010 7:56:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
8/25/2010 4:10:35 PM, error: Service Control Manager [7023] - The texuzwhme service terminated with the following error: The specified module could not be found.
8/25/2010 12:39:30 PM, error: PSched [14107] - QoS [Adapter NDISWANIP]: The Packet Scheduler could not initialize the virtual miniport with NDIS.
8/25/2010 11:44:56 AM, error: Print [6161] - The document Microsoft Office Outlook - Memo Style owned by Bee failed to print on printer Lexmark 8300 Series. Data type: LEMF. Size of the spool file in bytes: 294712. Number of bytes printed: 294712. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\CAD. Win32 error code returned by the print processor: 0 (0x0).
8/25/2010 1:50:21 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
8/25/2010 1:48:55 PM, error: Service Control Manager [7023] - The texuzwhme service terminated with the following error: A dynamic link library (DLL) initialization routine failed.
8/23/2010 5:56:54 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 960 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/23/2010 1:27:53 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/23/2010 1:12:53 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/22/2010 9:56:50 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 480 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/22/2010 5:56:48 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 240 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/22/2010 3:56:48 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/22/2010 2:56:47 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/22/2010 12:46:38 PM, error: Service Control Manager [7000] - The MSICPL service failed to start due to the following error: The system cannot find the file specified.

==== End Of File ===========================
 
Please run GMER again and then right click on the following line;

Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] nojjcsj and select disable and reboot the pc. Run GMER again and then right click that service and select delete.

Reboot again and rescan with GMER and post the log.
 
Hi...i did as you requested...

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-08-28 13:28:59
Windows 5.1.2600 Service Pack 3
Running: GMER.exe; Driver: C:\DOCUME~1\Bee\LOCALS~1\Temp\pxtdqpow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

---- EOF - GMER 1.0.15 ----
 
Looks like that worked ok.

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

==

Can you list the problems you are still having please.
 
it says "text is too long(70912 characters),shorten to 20000

im going to break it up for you... is that ok?
 
OTL logfile created on: 8/28/2010 3:23:38 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Bee\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 302.00 Mb Available Physical Memory | 59.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9.77 Gb Total Space | 1.76 Gb Free Space | 18.00% Space Free | Partition Type: NTFS
Drive D: | 8.87 Gb Total Space | 4.94 Gb Free Space | 55.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CAD
Current User Name: Bee
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/28 15:17:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bee\Desktop\OTL.exe
PRC - [2010/08/25 17:59:11 | 000,413,696 | ---- | M] (BitDefender SRL) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2010/08/25 17:59:04 | 001,638,240 | ---- | M] (BitDefender S. R. L.) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
PRC - [2010/08/25 17:58:59 | 000,442,368 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
PRC - [2010/08/25 17:58:48 | 000,782,336 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
PRC - [2008/04/14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/12 10:32:50 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2007/01/30 16:30:39 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcjcoms.exe
PRC - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
PRC - [2002/12/28 12:14:56 | 000,077,824 | ---- | M] (DAEMON.S HOME) -- C:\Program Files\D-Tools\daemon.exe


========== Modules (SafeList) ==========

MOD - [2010/08/28 15:17:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bee\Desktop\OTL.exe
MOD - [2008/04/14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/08/25 17:59:11 | 000,413,696 | ---- | M] (BitDefender SRL) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2010/08/25 17:59:04 | 001,638,240 | ---- | M] (BitDefender S. R. L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- (VSSERV)
SRV - [2010/08/25 17:58:29 | 000,323,584 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2009/01/20 19:16:20 | 000,172,032 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe -- (Arrakis3)
SRV - [2007/01/30 16:30:39 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxcjcoms.exe -- (lxcj_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2010/08/25 17:59:10 | 000,104,456 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf)
DRV - [2010/08/25 17:58:32 | 000,137,224 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2010/08/25 17:58:31 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2010/08/22 14:47:15 | 000,457,216 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2010/08/22 14:47:13 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2009/01/12 12:27:58 | 000,008,832 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys -- (BDSelfPr)
DRV - [2008/12/10 20:42:46 | 000,242,184 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2008/10/06 18:16:16 | 000,082,696 | ---- | M] (BitDefender S.R.L.) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys -- (BDVEDISK)
DRV - [2008/09/26 18:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/09/18 12:09:12 | 000,111,112 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)
DRV - [2008/09/02 14:32:06 | 000,013,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2008/04/14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/14 02:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007/10/12 10:32:48 | 004,019,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007/07/12 05:49:16 | 000,096,384 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/10/22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2002/12/28 12:16:58 | 000,095,328 | ---- | M] (Generic) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\st3mp28.sys -- (st3mp28)
DRV - [2002/12/28 12:16:40 | 000,008,416 | ---- | M] (Generic) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\st3bus28.sys -- (st3bus28)
DRV - [2001/08/17 16:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\tbextension\ [2010/08/25 12:38:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2008/04/14 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe (BitDefender)
O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON.S HOME)
O4 - HKLM..\Run: [LXCJCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Bee\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bee\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/22 12:01:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{52540db5-ade7-11df-938a-005022980000}\Shell - "" = AutoRun
O33 - MountPoints2\{52540db5-ade7-11df-938a-005022980000}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{52540db5-ade7-11df-938a-005022980000}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{52540db8-ade7-11df-938a-005022980000}\Shell - "" = AutoRun
O33 - MountPoints2\{52540db8-ade7-11df-938a-005022980000}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{52540db8-ade7-11df-938a-005022980000}\Shell\AutoRun\command - "" = K:\AutoRun.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: nojjcsj - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
 
========== Files/Folders - Created Within 90 Days ==========

[2010/08/28 15:21:21 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bee\Desktop\OTL.exe
[2010/08/26 19:35:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\Malwarebytes
[2010/08/26 19:34:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/26 19:34:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/26 19:34:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/26 19:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/26 16:19:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bee\Desktop\SharedDocs on Kevin (Kevin)
[2010/08/26 16:19:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bee\Desktop\data.sch on Cnc
[2010/08/26 16:19:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bee\Desktop\data.lgn on Cnc
[2010/08/26 15:09:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bee\IECompatCache
[2010/08/26 15:07:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bee\PrivacIE
[2010/08/26 15:05:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/08/26 14:57:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bee\IETldCache
[2010/08/26 14:40:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/08/26 14:38:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/08/26 14:34:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/08/26 13:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/08/26 13:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\NewSoft
[2010/08/26 11:46:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/08/25 16:04:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/08/25 16:04:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/08/25 14:48:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/08/25 12:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\BitDefender
[2010/08/25 12:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2010/08/25 12:38:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/08/25 12:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/08/25 10:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/08/25 10:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/08/25 10:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\WinRAR
[2010/08/25 09:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Local Settings\Application Data\PCHealth
[2010/08/24 14:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/08/24 14:45:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\Macromedia
[2010/08/24 14:44:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/08/24 12:52:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\AdobeUM
[2010/08/24 12:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Local Settings\Application Data\Adobe
[2010/08/24 12:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\My Documents\My eBooks
[2010/08/24 12:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\Adobe
[2010/08/24 12:52:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/24 12:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/24 12:48:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2010/08/24 08:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\SolidWorks
[2010/08/23 19:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\eDrawings2005
[2010/08/23 19:03:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\DWGEditor
[2010/08/23 19:02:48 | 000,639,052 | ---- | C] (Bluebeam Software, Inc.) -- C:\WINDOWS\System32\BBPDFPortMon.dll
[2010/08/23 18:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SolidWorks Shared
[2010/08/23 18:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bluebeam Software
[2010/08/23 18:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bluebeam Software
[2010/08/23 18:42:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bluebeam Software
[2010/08/23 18:35:36 | 000,000,000 | ---D | C] -- C:\Program Files\D-Tools
[2010/08/23 14:12:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Local Settings\Application Data\BVRP Software
[2010/08/23 13:55:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Local Settings\Application Data\Help
[2010/08/23 13:55:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\Help
[2010/08/23 13:36:00 | 000,605,112 | ---- | C] (VS Revo Group) -- C:\Documents and Settings\Bee\Desktop\revouninstaller.exe
[2010/08/23 13:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010/08/23 13:09:36 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/08/23 13:03:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bee\UserData
[2010/08/23 12:58:08 | 000,621,056 | ---- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys
[2010/08/23 12:58:08 | 000,113,664 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2010/08/23 12:58:08 | 000,101,376 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010/08/23 12:58:08 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2010/08/23 12:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Altech
[2010/08/23 09:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/08/23 09:40:38 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/08/23 09:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/08/23 09:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/08/23 09:31:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/08/23 09:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Local Settings\Application Data\Microsoft Help
[2010/08/23 09:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/08/23 09:30:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/08/23 09:29:44 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/08/23 08:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/08/23 08:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2010/08/23 08:45:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\WINDOWS
[2010/08/23 08:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\NewSoft
[2010/08/23 08:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Applications
[2010/08/23 08:44:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\color
[2010/08/23 08:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\Lx_cats
[2010/08/23 08:13:06 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 8300 Series
[2010/08/23 08:12:52 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjinpa.dll
[2010/08/23 08:12:52 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjiesc.dll
[2010/08/23 08:12:52 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjhcp.dll
[2010/08/23 08:12:51 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjserv.dll
[2010/08/23 08:12:51 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjusb1.dll
[2010/08/23 08:12:50 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjpmui.dll
[2010/08/23 08:12:50 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjprox.dll
[2010/08/23 08:12:50 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjpplc.dll
[2010/08/23 08:12:49 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjlmpm.dll
[2010/08/23 08:12:48 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjih.exe
[2010/08/23 08:12:47 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjhbn3.dll
[2010/08/23 08:12:46 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcoms.exe
[2010/08/23 08:12:46 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcomm.dll
[2010/08/23 08:12:45 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcomc.dll
[2010/08/23 08:12:45 | 000,381,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcfg.exe
[2010/08/23 08:12:44 | 000,069,632 | ---- | C] (Lexmark International) -- C:\WINDOWS\System32\lxcjcfg.dll
[2010/08/22 15:26:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/22 15:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\CNC Software, Inc
[2010/08/22 14:47:15 | 000,457,216 | ---- | C] (Aladdin Knowledge Systems) -- C:\WINDOWS\System32\drivers\hardlock.sys
[2010/08/22 14:47:13 | 000,047,616 | ---- | C] (Aladdin Knowledge Systems) -- C:\WINDOWS\System32\drivers\Haspnt.sys
[2010/08/22 14:47:13 | 000,006,656 | ---- | C] (Aladdin Knowledge Systems.) -- C:\WINDOWS\System32\haspvdd.dll
[2010/08/22 14:45:04 | 000,086,016 | ---- | C] (CNC Software, Inc.) -- C:\WINDOWS\System32\MCLSTCTL.OCX
[2010/08/22 14:45:04 | 000,053,248 | ---- | C] (CNC Software, Inc.) -- C:\WINDOWS\System32\MCREAL.OCX
[2010/08/22 14:45:04 | 000,053,248 | ---- | C] (CNC Software Inc.) -- C:\WINDOWS\System32\MCBITMAP.OCX
[2010/08/22 14:45:04 | 000,045,056 | ---- | C] (CNC Software, Inc.) -- C:\WINDOWS\System32\MCINT.OCX
[2010/08/22 13:54:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\Ahead
[2010/08/22 13:52:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010/08/22 13:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/08/22 13:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010/08/22 13:51:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/08/22 13:24:11 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2010/08/22 13:22:26 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/08/22 13:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/08/22 13:22:20 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/08/22 13:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/08/22 13:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/08/22 13:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/08/22 13:21:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/08/22 13:21:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/08/22 13:21:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/08/22 13:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/08/22 13:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/08/22 13:21:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/08/22 13:21:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/08/22 13:21:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/08/22 13:21:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/08/22 13:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/08/22 13:17:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/08/22 13:11:57 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/08/22 13:11:57 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/08/22 13:11:57 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/08/22 13:11:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/08/22 13:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/08/22 13:02:50 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2010/08/22 13:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2010/08/22 13:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2010/08/22 13:02:26 | 000,000,000 | R--D | C] -- C:\Program Files\InstallShield Installation Information
[2010/08/22 13:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/08/22 12:47:10 | 000,096,384 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtnicxp.sys
[2010/08/22 12:47:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/08/22 12:34:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Application Data\Identities
[2010/08/22 12:33:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/08/22 12:33:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bee\My Documents\My Music
[2010/08/22 12:33:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bee\My Documents\My Pictures
[2010/08/22 12:33:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Bee\Application Data\Microsoft
[2010/08/22 12:33:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bee\SendTo
[2010/08/22 12:33:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bee\Recent
[2010/08/22 12:33:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bee\Application Data
[2010/08/22 12:33:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bee\Start Menu
[2010/08/22 12:33:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bee\My Documents
[2010/08/22 12:33:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bee\Favorites
[2010/08/22 12:33:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bee\Cookies
[2010/08/22 12:33:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bee\Templates
[2010/08/22 12:33:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bee\PrintHood
[2010/08/22 12:33:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bee\NetHood
[2010/08/22 12:33:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bee\Local Settings
 
[2010/08/22 12:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Local Settings\Application Data\Microsoft
[2010/08/22 12:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bee\Desktop
[2010/08/22 12:09:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/08/22 12:07:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/08/22 12:07:49 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/08/22 12:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/08/22 12:07:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/08/22 12:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/08/22 12:07:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/08/22 12:05:04 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/08/22 12:05:04 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/08/22 12:05:04 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/08/22 12:03:08 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/08/22 12:02:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/08/22 12:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/08/22 12:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/08/22 11:59:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/08/22 11:59:13 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/08/22 11:59:13 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/08/22 11:58:53 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/08/22 11:58:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/08/22 11:58:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/08/22 11:58:02 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/08/22 11:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/08/22 11:57:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/08/22 11:57:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/08/22 11:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/08/22 11:57:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/08/22 11:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/08/22 11:57:14 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/08/22 11:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/08/22 11:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/08/22 11:57:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/08/22 11:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/08/22 11:55:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/08/22 11:55:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/08/22 11:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/08/22 11:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/08/22 11:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/08/22 11:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/08/22 11:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/08/22 11:54:35 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/08/22 11:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/08/22 11:54:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/08/22 11:54:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/08/22 11:54:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/08/22 11:54:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos


========== Files - Modified Within 90 Days ==========

[2010/08/28 15:21:31 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\Bee\NTUSER.DAT
[2010/08/28 15:17:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bee\Desktop\OTL.exe
[2010/08/28 15:11:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\pfe32.ini
[2010/08/28 13:27:06 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI
[2010/08/28 13:26:48 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/28 13:26:43 | 000,013,700 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/28 13:26:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/28 13:26:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/28 13:26:19 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/28 13:25:16 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2010/08/28 13:25:04 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Bee\ntuser.ini
[2010/08/27 14:52:02 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Bee\Desktop\Shortcut to Internet.lnk
[2010/08/27 14:51:57 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Bee\Desktop\Shortcut to E-mail.lnk
[2010/08/27 08:11:21 | 000,360,124 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/27 08:11:21 | 000,314,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/27 08:11:21 | 000,040,836 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/27 08:04:46 | 000,288,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/27 03:21:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/26 20:54:13 | 000,000,811 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/26 19:34:47 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/26 14:57:21 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/26 13:32:01 | 000,008,345 | ---- | M] () -- C:\WINDOWS\System32\NEWSOFT
[2010/08/25 17:59:10 | 000,104,456 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\System32\drivers\bdfndisf.sys
[2010/08/25 14:44:26 | 000,013,700 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/08/25 13:49:37 | 000,000,850 | ---- | M] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2010/08/25 13:49:15 | 000,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/08/25 12:39:03 | 000,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Internet Security 2009.lnk
[2010/08/25 12:28:32 | 000,002,139 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SolidWorks 2005 .lnk
[2010/08/25 11:29:38 | 000,080,984 | ---- | M] () -- C:\Documents and Settings\Bee\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/25 11:13:29 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/08/24 15:42:18 | 000,000,267 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mill 9 SP1.lnk
[2010/08/24 15:28:36 | 005,886,442 | -H-- | M] () -- C:\Documents and Settings\Bee\Local Settings\Application Data\IconCache.db
[2010/08/23 19:05:29 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\eDrawings 2005.lnk
[2010/08/23 19:05:29 | 000,001,818 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\eDrawings 2005.lnk
[2010/08/23 19:04:58 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDMWorks 2005 Standalone Client.lnk
[2010/08/23 19:04:58 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\PDMWorks 2005 Standalone Client.lnk
[2010/08/23 19:03:14 | 000,000,042 | ---- | M] () -- C:\WINDOWS\trailer.xws
[2010/08/23 19:03:11 | 000,000,023 | -H-- | M] () -- C:\WINDOWS\yacht.xws
[2010/08/23 19:02:19 | 000,001,868 | ---- | M] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks 2005 .lnk
[2010/08/23 12:58:27 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Altech.lnk
[2010/08/23 08:47:30 | 000,016,908 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2010/08/23 08:46:04 | 000,000,257 | ---- | M] () -- C:\WINDOWS\setup.iss
[2010/08/23 08:45:43 | 000,151,566 | ---- | M] () -- C:\WINDOWS\System32\UninstIPP.isu
[2010/08/22 15:33:52 | 000,000,454 | ---- | M] () -- C:\Documents and Settings\Bee\Desktop\Shortcut to NC.lnk
[2010/08/22 14:47:15 | 000,457,216 | ---- | M] (Aladdin Knowledge Systems) -- C:\WINDOWS\System32\drivers\hardlock.sys
[2010/08/22 14:47:13 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) -- C:\WINDOWS\System32\drivers\Haspnt.sys
[2010/08/22 14:47:13 | 000,006,656 | ---- | M] (Aladdin Knowledge Systems.) -- C:\WINDOWS\System32\haspvdd.dll
[2010/08/22 14:47:13 | 000,002,620 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/22 14:47:13 | 000,000,383 | ---- | M] () -- C:\WINDOWS\System32\haspdos.sys
[2010/08/22 14:09:34 | 000,002,361 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk
[2010/08/22 13:51:55 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/22 13:36:33 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/08/22 13:22:19 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/22 12:34:12 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/08/22 12:07:39 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/08/22 12:06:18 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/08/22 12:01:31 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\config.hsp
[2010/08/22 12:01:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/22 12:01:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/22 12:01:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/08/22 12:01:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/22 12:01:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/22 12:01:19 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/08/22 12:01:19 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/08/22 12:00:59 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/22 11:59:13 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/08/22 11:59:13 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/08/22 11:56:10 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/08/22 11:55:52 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/08/22 11:55:52 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/08/22 11:38:23 | 000,000,211 | -HS- | M] () -- C:\boot.ini
 
========== Files Created - No Company Name ==========

[2010/08/27 14:52:02 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Bee\Desktop\Shortcut to Internet.lnk
[2010/08/27 14:51:57 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Bee\Desktop\Shortcut to E-mail.lnk
[2010/08/26 19:34:47 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/25 14:44:29 | 000,013,700 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010/08/25 13:49:37 | 000,000,850 | ---- | C] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2010/08/25 13:49:15 | 000,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/08/25 13:47:22 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2010/08/25 13:46:40 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2010/08/25 12:39:03 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Internet Security 2009.lnk
[2010/08/25 08:55:19 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/08/24 15:42:18 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mill 9 SP1.lnk
[2010/08/23 19:04:58 | 000,001,836 | ---- | C] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\eDrawings 2005.lnk
[2010/08/23 19:04:58 | 000,001,818 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\eDrawings 2005.lnk
[2010/08/23 19:04:58 | 000,001,765 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDMWorks 2005 Standalone Client.lnk
[2010/08/23 19:04:58 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\PDMWorks 2005 Standalone Client.lnk
[2010/08/23 19:03:14 | 000,000,042 | ---- | C] () -- C:\WINDOWS\trailer.xws
[2010/08/23 19:03:11 | 000,000,023 | -H-- | C] () -- C:\WINDOWS\yacht.xws
[2010/08/23 19:02:19 | 000,002,139 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SolidWorks 2005 .lnk
[2010/08/23 19:02:19 | 000,001,868 | ---- | C] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks 2005 .lnk
[2010/08/23 13:10:52 | 000,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/23 13:10:52 | 000,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/08/23 12:58:27 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Altech.lnk
[2010/08/23 08:45:52 | 000,008,345 | ---- | C] () -- C:\WINDOWS\System32\NEWSOFT
[2010/08/23 08:45:41 | 000,151,566 | ---- | C] () -- C:\WINDOWS\System32\UninstIPP.isu
[2010/08/23 08:45:41 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2010/08/23 08:44:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\hookdllX.dll
[2010/08/23 08:44:15 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2010/08/23 08:44:09 | 000,000,257 | ---- | C] () -- C:\WINDOWS\setup.iss
[2010/08/23 08:43:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcjvs.dll
[2010/08/23 08:43:04 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcjcoin.dll
[2010/08/23 08:42:34 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcjcnv4.dll
[2010/08/23 08:12:52 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lxcjinst.dll
[2010/08/23 08:12:52 | 000,016,908 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf
[2010/08/23 08:12:47 | 000,296,650 | ---- | C] () -- C:\WINDOWS\System32\lxcjhelp.chm
[2010/08/23 08:12:44 | 000,002,284 | ---- | C] () -- C:\WINDOWS\System32\lxcj.loc
[2010/08/22 15:38:23 | 000,000,254 | ---- | C] () -- C:\WINDOWS\pfe32.ini
[2010/08/22 15:33:54 | 000,000,454 | ---- | C] () -- C:\Documents and Settings\Bee\Desktop\Shortcut to NC.lnk
[2010/08/22 14:47:13 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\config.hsp
[2010/08/22 14:47:13 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2010/08/22 14:45:04 | 000,029,028 | ---- | C] () -- C:\WINDOWS\System32\MSPLIT.EXE
[2010/08/22 14:45:04 | 000,021,638 | ---- | C] () -- C:\WINDOWS\System32\Mpack.exe
[2010/08/22 14:45:04 | 000,017,858 | ---- | C] () -- C:\WINDOWS\System32\Munpack.exe
[2010/08/22 14:45:04 | 000,015,956 | ---- | C] () -- C:\WINDOWS\System32\MJOIN.EXE
[2010/08/22 14:09:34 | 000,002,361 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk
[2010/08/22 13:36:32 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/08/22 13:22:30 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/08/22 13:22:21 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/08/22 13:22:21 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/08/22 13:22:21 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/08/22 13:22:20 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/08/22 13:22:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/08/22 13:22:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/08/22 13:22:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/08/22 13:22:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/08/22 13:22:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/08/22 13:22:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/08/22 13:22:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/08/22 13:22:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/08/22 13:22:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/08/22 13:22:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/08/22 13:22:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/08/22 13:22:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/08/22 13:22:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/08/22 13:22:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/08/22 13:22:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/08/22 13:22:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/08/22 13:22:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/08/22 13:22:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/08/22 13:22:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/08/22 13:22:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/08/22 13:22:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/08/22 13:22:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/08/22 13:22:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/08/22 13:22:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/08/22 13:22:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/08/22 13:22:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/08/22 13:22:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/08/22 13:22:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/08/22 13:22:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/08/22 13:22:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/08/22 13:22:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/08/22 13:22:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/08/22 13:22:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/08/22 13:22:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/08/22 13:22:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/08/22 13:22:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/08/22 13:22:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/08/22 13:22:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/08/22 13:22:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/08/22 13:22:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/08/22 13:22:03 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/08/22 13:21:46 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/08/22 13:21:46 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/08/22 13:21:46 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/08/22 13:21:46 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/08/22 13:21:46 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/08/22 13:21:46 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/08/22 13:21:46 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/08/22 13:21:46 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/08/22 13:21:45 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/08/22 13:21:45 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/08/22 13:21:45 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/08/22 13:21:45 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/08/22 13:21:45 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/08/22 13:21:45 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/08/22 13:21:45 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/08/22 13:21:45 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/08/22 13:21:44 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/08/22 13:21:44 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/08/22 13:21:44 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/08/22 13:20:52 | 000,288,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/22 13:19:51 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/08/22 13:19:45 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/08/22 13:03:29 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/08/22 13:03:16 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/08/22 13:03:15 | 000,141,016 | R--- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2010/08/22 13:02:49 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2010/08/22 12:34:12 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/08/22 12:33:57 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Bee\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/22 12:33:50 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Bee\ntuser.ini
[2010/08/22 12:33:49 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Bee\ntuser.dat.LOG
[2010/08/22 12:33:48 | 002,097,152 | -H-- | C] () -- C:\Documents and Settings\Bee\NTUSER.DAT
[2010/08/22 12:33:46 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/22 12:07:39 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/08/22 12:06:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/08/22 12:05:52 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/08/22 12:04:55 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/08/22 12:04:55 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/08/22 12:04:53 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/08/22 12:04:18 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/08/22 12:04:17 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/08/22 12:04:05 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/08/22 12:04:04 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/08/22 12:04:01 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/08/22 12:03:48 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/08/22 12:03:41 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/08/22 12:03:34 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/08/22 12:03:12 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/08/22 12:03:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/08/22 12:03:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/08/22 12:03:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/08/22 12:03:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/08/22 12:03:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/08/22 12:03:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/08/22 12:03:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/08/22 12:03:05 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/08/22 12:03:05 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/08/22 12:03:05 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/08/22 12:03:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/08/22 12:03:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/08/22 12:03:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/08/22 12:03:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/08/22 12:03:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/08/22 12:03:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/08/22 12:03:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/08/22 12:03:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/08/22 12:03:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/08/22 12:03:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/08/22 12:03:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/08/22 12:03:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/08/22 12:03:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/08/22 12:03:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/08/22 12:03:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/08/22 12:03:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/08/22 12:03:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/08/22 12:03:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/08/22 12:03:02 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/08/22 12:03:02 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/08/22 12:03:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/08/22 12:03:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/08/22 12:03:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/08/22 12:03:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/08/22 12:03:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/08/22 12:03:01 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/08/22 12:03:01 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/08/22 12:03:01 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/08/22 12:03:01 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/08/22 12:03:01 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/08/22 12:03:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/08/22 12:03:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/08/22 12:03:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/08/22 12:03:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/08/22 12:03:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/08/22 12:03:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/08/22 12:03:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/08/22 12:02:59 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/08/22 12:02:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/08/22 12:02:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/08/22 12:02:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/08/22 12:02:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/08/22 12:02:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/08/22 12:02:58 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/08/22 12:02:58 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/08/22 12:02:58 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/08/22 12:02:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/08/22 12:02:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/08/22 12:02:57 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/08/22 12:02:56 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/08/22 12:01:31 | 000,002,620 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/22 12:01:31 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/08/22 12:01:31 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/08/22 12:01:31 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/08/22 12:01:31 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/08/22 12:01:19 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/08/22 12:01:19 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/08/22 12:01:16 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/22 11:59:13 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/08/22 11:59:13 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
 
[2010/08/22 11:59:02 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/08/22 11:59:02 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/08/22 11:58:30 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/08/22 11:58:13 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/08/22 11:58:13 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/08/22 11:58:07 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf

[2010/08/22 11:57:24 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/08/22 11:56:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/08/22 11:54:58 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/08/22 11:54:58 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/08/22 11:54:58 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/08/22 11:54:58 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/08/22 11:54:58 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/08/22 11:54:57 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/08/22 11:54:57 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/08/22 11:54:57 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/08/22 11:54:57 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/08/22 11:54:57 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/08/22 11:54:57 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/08/22 11:54:57 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/08/22 11:54:57 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/08/22 11:54:56 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/08/22 11:54:56 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/08/22 11:54:56 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/08/22 11:54:56 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/08/22 11:54:56 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/08/22 11:54:56 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/08/22 11:54:54 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/08/22 11:54:54 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/08/22 11:54:53 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/08/22 11:54:47 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/10/09 16:31:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2006/10/22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2003/12/09 00:08:20 | 002,539,520 | ---- | C] () -- C:\WINDOWS\System32\Bbgspdf.dll
[2003/12/02 13:39:08 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\InstallPrinter.dll
[2003/01/30 06:04:00 | 000,618,496 | ---- | C] () -- C:\WINDOWS\System32\stlpmt45.dll
[2002/03/13 16:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

========== LOP Check ==========

[2010/08/25 12:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/08/23 18:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluebeam Software
[2010/08/23 08:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/08/25 12:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bee\Application Data\BitDefender
[2010/08/23 19:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bee\Application Data\DWGEditor
[2010/08/26 13:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bee\Application Data\NewSoft

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/04/14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2009/01/20 19:16:14 | 000,001,536 | ---- | M] () MD5=58B81BFA8841E41639BDD81A7FEE2B8E -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\lib\eventlog.dll
[2008/04/14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/08/22 13:19:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/08/22 13:19:49 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/08/22 13:19:49 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< End of report >
 
OTL Extras logfile created on: 8/28/2010 3:23:38 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Bee\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 302.00 Mb Available Physical Memory | 59.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9.77 Gb Total Space | 1.76 Gb Free Space | 18.00% Space Free | Partition Type: NTFS
Drive D: | 8.87 Gb Total Space | 4.94 Gb Free Space | 55.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CAD
Current User Name: Bee
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\PROGRA~1\MICROS~2\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\PROGRA~1\MICROS~2\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3409:TCP" = 3409:TCP:*:Enabled:fnrpjst

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\lxcjcoms.exe" = C:\WINDOWS\system32\lxcjcoms.exe:*:Enabled:8300 Series Server -- ( )
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0801DB64-A004-4640-BF13-F05D75409627}" = BitDefender Internet Security 2009
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A8C5C0E-DC54-46BF-92AE-A062C63A1033}" = Nero 7 Essentials
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5BF2B19D-9C79-492A-8969-F059F06A627F}" = Print to Fax
"{5E479D3B-4A87-42B9-A91E-2EB2284A54D4}" = DAEMON Tools
"{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}" = Presto! PageManager 7.12.10
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{97917FA0-00C5-4351-AD6B-87AB99C52792}" = eDrawings 2005
"{9FB978C4-FB73-42E3-9DCA-0748984D7FBF}" = PDMWorks Clients 2005
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B79920F8-AB6E-45B2-B257-900BBA969FF7}" = Presto! Forms 3.50.02
"{B7FFC71C-CD9C-4A48-8DD1-12BC9B43B2BB}" = SolidWorks 2005 SP0
"{DA97E170-9898-4280-8BE1-6D53624EA0AE}" = Mastercam 9 SP1
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe AIR" = Adobe AIR
"Altech" = Altech
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ie8" = Windows Internet Explorer 8
"Lexmark 8300 Series" = Lexmark 8300 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NVIDIA Drivers" = NVIDIA Drivers
"Windows Media Format Runtime" = Windows Media Format Runtime

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/26/2010 2:50:44 PM | Computer Name = CAD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/26/2010 2:50:45 PM | Computer Name = CAD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/26/2010 2:51:08 PM | Computer Name = CAD | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.

Error - 8/26/2010 2:51:11 PM | Computer Name = CAD | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.

Error - 8/26/2010 2:58:40 PM | Computer Name = CAD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/26/2010 2:58:47 PM | Computer Name = CAD | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.

Error - 8/27/2010 2:14:53 AM | Computer Name = CAD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/27/2010 2:15:08 AM | Computer Name = CAD | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.

Error - 8/27/2010 3:45:47 AM | Computer Name = CAD | Source = Application Hang | ID = 1002
Description = Hanging application MILL9.EXE, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/27/2010 7:56:24 AM | Computer Name = CAD | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 9.1.0.163, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ OSession Events ]
Error - 8/25/2010 4:36:46 AM | Computer Name = CAD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7166
seconds with 1680 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8/27/2010 4:03:20 AM | Computer Name = CAD | Source = Print | ID = 6161
Description = The document Microsoft Office Outlook - Memo Style owned by Bee failed
to print on printer Lexmark 8300 Series. Data type: LEMF. Size of the spool file
in bytes: 1345548. Number of bytes printed: 1345548. Total number of pages in the
document: 4. Number of pages printed: 0. Client machine: \\CAD. Win32 error code
returned by the print processor: 0 (0x0).

Error - 8/27/2010 7:56:50 AM | Computer Name = CAD | Source = Service Control Manager | ID = 7034
Description = The lxcj_device service terminated unexpectedly. It has done this
1 time(s).

Error - 8/27/2010 7:56:50 AM | Computer Name = CAD | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 8/27/2010 8:00:06 AM | Computer Name = CAD | Source = Service Control Manager | ID = 7023
Description = The texuzwhme service terminated with the following error: %%126

Error - 8/27/2010 9:02:22 AM | Computer Name = CAD | Source = Service Control Manager | ID = 7023
Description = The texuzwhme service terminated with the following error: %%126

Error - 8/27/2010 9:03:35 AM | Computer Name = CAD | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.

Error - 8/27/2010 9:03:35 AM | Computer Name = CAD | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053

Error - 8/27/2010 9:20:50 AM | Computer Name = CAD | Source = Service Control Manager | ID = 7023
Description = The texuzwhme service terminated with the following error: %%126

Error - 8/28/2010 2:25:18 AM | Computer Name = CAD | Source = Service Control Manager | ID = 7023
Description = The texuzwhme service terminated with the following error: %%126

Error - 8/28/2010 2:25:19 AM | Computer Name = CAD | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.


< End of report >
 
Ok. Can you let me know what problems you are still having please.

==

Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.
  • You will need to use Internet Explorer to complete this scan.
  • You will need to temporarily Disable your current Anti-virus program.
  • Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
  • When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.

NOTE: If you are unable to complete the ESET scan, please try another from the list below:

 
the pc still extremely slow,take forever to open apps.
so far havent had that error,dont want to speak to soon though...will keep you updated on what the pc does,any funny things of some sort...

Thanks Alot for your time and effort in helping me!
 
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=36882
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=d3734ed4f5a57341ac95c18b7f72f4ac
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-29 09:04:49
# local_time=2010-08-29 11:04:49 (+0200, South Africa Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=2053 16776869 100 97 942 203553384 0 0
# compatibility_mode=8192 67108863 100 0 9192 9192 0 0
# scanned=38699
# found=0
# cleaned=0
# scan_time=2289
 
Status
Not open for further replies.

Similar threads

G
  • Locked
A "message box" like thing with nothing inside appear before logging in.
Replies
1
Views
1K
CCT
C

Latest posts

Back