DDS (Ver_09-11-24.02) - NTFSx86 Run by Torjus at 17:46:12,94 on 26.11.2009 Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_15 Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.47.1044.18.3001.1762 [GMT 1:00] SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k Akamai C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Windows\system32\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Logitech\SetPoint\LBTWiz.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Users\Torjus\Program Files\DNA\btdna.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\vghd\vghd.exe C:\Program Files\Kuma Games\kgsystray\Kuma_tray.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\vghd\VirtuaGirl_downloader.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\igfxext.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Torjus\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search13.net/ uDefault_Page_URL = hxxp://search13.net/ uSearch Page = hxxp://search13.net/ uSearch Bar = hxxp://search13.net/ uDefault_Search_URL = hxxp://search13.net/ mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0414&s=2&o=vb32&d=0609&m=e520 mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0414&s=2&o=vb32&d=0609&m=e520 uInternet Settings,ProxyOverride = uInternet Settings,ProxyServer = http=127.0.0.1:5555 uSearchAssistant = hxxp://search13.net/ uCustomizeSearch = hxxp://search13.net/ BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: TomBHO Class: {8aa217b9-d729-4ee0-aed7-e93d695e94a2} - c:\program files\stylish profile\tom4ie.dll BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent uRun: [Steam] c:\valve\steam\Steam.exe -silent uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun uRun: [BitTorrent DNA] "c:\users\torjus\program files\dna\btdna.exe" mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [BkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [WarReg_PopUp] c:\program files\emachines\wr_popup\WarReg_PopUp.exe mRun: [LManager] c:\progra~1\launch~1\LManager.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [eRecoveryService] mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [Skytel] Skytel.exe mRun: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe" mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript StartupFolder: c:\users\torjus\appdata\roaming\micros~1\windows\startm~1\programs\startup\deskto~1.lnk - c:\program files\vghd\vghd.exe StartupFolder: c:\users\torjus\appdata\roaming\micros~1\windows\startm~1\programs\startup\kuma_t~1.lnk - c:\program files\kuma games\kgsystray\Kuma_tray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\gamers~1.lnk - c:\program files\gamersfirst\live!\Live.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\stylish profile\ct.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-1_3_1_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab Notify: igfxcui - igfxdev.dll AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\users\torjus\appdata\roaming\mozilla\firefox\profiles\q97xxgm7.default\ FF - prefs.js: browser.startup.homepage - hxxp://search13.net?clid=486 FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q= FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - component: c:\users\torjus\appdata\roaming\mozilla\firefox\profiles\q97xxgm7.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_HotbarSA.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\torjus\program files\dna\plugins\npbtdna.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); ============= SERVICES / DRIVERS =============== R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-11-23 207280] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-21 21504] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384] R2 ETService;Empowering Technology Service;c:\program files\emachines\emachines recovery management\service\ETService.exe [2009-6-6 24576] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\NBService.exe [2009-7-20 935208] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-6 50424] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-4 131072] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-11-23 358600] R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512] S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-6-6 234888] S2 gupdate1ca1c42e5a81690;Googles oppdateringstjeneste (gupdate1ca1c42e5a81690);c:\program files\google\update\GoogleUpdate.exe [2009-8-13 133104] S3 GoogleDesktopManager-071508-051939;Google Desktop Manager 5.7.807.15159;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-8-9 24064] =============== Created Last 30 ================ 2009-11-24 15:45:06 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-11-23 21:22:11 0 d-----w- c:\users\torjus\appdata\roaming\Malwarebytes 2009-11-23 21:17:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-23 21:17:05 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-23 21:17:05 0 d-----w- c:\programdata\Malwarebytes 2009-11-23 21:17:05 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-23 20:53:56 97208 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys 2009-11-23 20:53:56 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat 2009-11-23 20:53:56 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2009-11-23 20:53:52 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-11-23 20:53:52 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat 2009-11-23 20:53:52 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat 2009-11-23 20:53:52 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2009-11-23 20:53:46 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat 2009-11-23 20:53:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2009-11-23 20:53:44 0 d-----w- C:\_117172_ 2009-11-23 20:53:40 0 d-----w- c:\users\torjus\appdata\roaming\PC Tools 2009-11-23 20:53:40 0 d-----w- c:\programdata\PC Tools 2009-11-23 20:53:40 0 d-----w- c:\program files\Spyware Doctor 2009-11-23 20:53:40 0 d-----w- c:\program files\common files\PC Tools 2009-11-23 15:46:39 50688 --sha-r- c:\windows\system32\JCEJ.dll 2009-11-22 10:25:12 0 d-----w- c:\programdata\Real 2009-11-22 10:19:29 65536 --sha-w- c:\users\torjus\ntuser.dat{ab775eda-d74f-11de-9a44-001eecde009c}.TM.blf 2009-11-22 10:19:29 524288 --sha-w- c:\users\torjus\ntuser.dat{ab775eda-d74f-11de-9a44-001eecde009c}.TMContainer00000000000000000002.regtrans-ms 2009-11-22 10:19:29 524288 --sha-w- c:\users\torjus\ntuser.dat{ab775eda-d74f-11de-9a44-001eecde009c}.TMContainer00000000000000000001.regtrans-ms 2009-11-19 20:08:23 0 d-----w- c:\program files\Gmail Password Recovery 2009-11-18 17:38:16 0 d-----w- c:\users\torjus\Program Files 2009-11-17 18:33:37 0 d-----w- c:\users\torjus\appdata\roaming\DNA 2009-11-17 18:33:37 0 d-----w- c:\program files\DNA 2009-11-17 18:33:35 0 d-----w- c:\program files\GamersFirst 2009-11-11 15:04:35 2035712 ----a-w- c:\windows\system32\win32k.sys 2009-11-11 15:04:26 351232 ----a-w- c:\windows\system32\WSDApi.dll 2009-11-10 13:54:41 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2009-11-10 13:53:07 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-11-10 13:48:59 0 d-----w- c:\program files\Microsoft 2009-11-08 22:42:44 0 d-----w- c:\programdata\HotbarSA 2009-11-08 22:42:43 0 d-----w- c:\users\torjus\appdata\roaming\WeatherDPA 2009-11-08 22:42:40 0 d-----w- c:\users\torjus\appdata\roaming\Hotbar 2009-11-04 22:17:38 0 d-----w- c:\program files\Stylish Profile 2009-11-04 17:01:17 0 d-sh--w- c:\windows\ftpcache 2009-11-04 14:50:00 1383424 ----a-w- c:\windows\system32\mshtml.tlb 2009-10-27 17:26:23 310784 ----a-w- c:\windows\system32\unregmp2.exe 2009-10-27 17:26:20 8147456 ----a-w- c:\windows\system32\wmploc.DLL ==================== Find3M ==================== 2009-11-16 20:29:44 76478 ----a-w- c:\windows\system32\perfc014.dat 2009-11-16 20:29:44 452326 ----a-w- c:\windows\system32\perfh014.dat 2009-10-25 14:47:06 722416 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-10-19 14:05:46 15341 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2009-10-19 14:04:50 5640880 ----a-w- c:\windows\system32\SpoonUninstall.exe 2009-10-19 13:14:12 152904 ----a-w- c:\windows\system32\vghd.scr 2009-10-02 20:14:30 19500 ----a-w- c:\windows\hpqins13.dat 2009-10-02 18:41:38 2140160 ----a-w- c:\windows\system32\python26.dll 2009-09-27 12:35:09 86016 ----a-w- c:\windows\inf\infstrng.dat 2009-09-27 12:35:09 86016 ----a-w- c:\windows\inf\infstor.dat 2009-09-27 12:35:09 51200 ----a-w- c:\windows\inf\infpub.dat 2009-09-26 18:04:11 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-09-16 13:13:16 37 ----a-w- c:\users\torjus\jagex_runescape_preferences.dat 2009-09-16 13:13:13 45 ----a-w- c:\users\torjus\jagex_runescape_preferences2.dat 2009-09-10 17:30:12 213504 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-08 18:00:11 189672 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-09-04 12:24:34 61440 ----a-w- c:\windows\system32\msasn1.dll 2009-08-28 17:42:52 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll 2008-08-09 17:39:29 665600 ----a-w- c:\windows\inf\drvindex.dat 2008-01-21 05:55:42 35166 ----a-w- c:\windows\inf\perflib\0414\perfd.dat 2008-01-21 05:55:42 35166 ----a-w- c:\windows\inf\perflib\0414\perfc.dat 2008-01-21 05:55:42 294254 ----a-w- c:\windows\inf\perflib\0414\perfi.dat 2008-01-21 05:55:42 294254 ----a-w- c:\windows\inf\perflib\0414\perfh.dat 2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-08-12 18:53:35 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat 2009-08-12 18:53:35 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2009-08-12 18:53:35 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat ============= FINISH: 17:46:26,64 ===============