Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Firefox crashes, system crashes/bluescreens, Ad-Aware inoperative, Pro


  • This topic is locked This topic is locked

#1
FictiveRepose

FictiveRepose

    Member

  • Member
  • PipPip
  • 12 posts
I was told by a friend, who highly recommended the service, that I should come here for some help, rather than turning to Geek Squad or someone else, since I'm just a poor college kid. I hope I'm doing this right, please let me know if there is anything else that I need to add to help you help me.

The problems, frankly, are varied. My computer had been limping along for some time now because I haven't had the time or ability to patch things up. I have Symantec Anti-virus, Spybot Search & Destroy, and Ad-Aware on my system.

To be frank, I'm not sure about Symantec, it rarely, if ever, turns up anything on scans, and when it does, it doesn't seem to be able to do anything about it. Spybot is better, but it isn't an anti-virus program, obviously. Ad-Aware is MIA. The program will boot, but never load up, and even if it does load up, it locks up immediately, rendering it inoperable. From time to time Ad-Aware will run the auto-update routine, but that always locks up as well.

I use Firefox to surf the net, and lately I've been having a TON of crashes. I'm not sure precisely what the problem is, though I suspect it is with my plug-ins. On that note, I get a lot of sudden starts and stops from Firefox as well, it will go non-responsive for ten or twenty seconds, and then start working again.

The thing that is the biggest issue, is the fact that I have relatively frequent operating system lock ups. These come in too varieties, the good old blue screen (something about a bad pool caller), and straight up lock up where nothing will respond. I've been noticing problems with other programs, like Microsoft Word, Adobe Reader, and Steam, that are similar to what I described above for Firefox. The programs will stall unresponsively for twenty seconds or so, and then suddenly start working again.

I'm hoping someone can lend a hand for a college kid in need. I'll be glad to provide more information if you have questions, though I'm not a computer whiz, so I can't promise I'll be able to answer technical questions, but I'll do my best.

Thanks much!

OTL logfile created on: 8/3/2011 9:30:52 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Erik L Hanson\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 43.89% Memory free
3.98 Gb Paging File | 2.29 Gb Available in Paging File | 57.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.44 Gb Total Space | 50.20 Gb Free Space | 36.79% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 0.01 Gb Free Space | 0.07% Space Free | Partition Type: NTFS

Computer Name: ERIKLHANSON-PC | User Name: Erik L Hanson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Program Files\Dell Support Center\imstrayicon.exe (PC-Doctor, Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Windows\snuvcdsm.exe ()
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\PLFSetL.exe (sonix)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Wiley\Webster's New World\HKML_SRV.exe ()


========== Modules (SafeList) ==========

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (WMPNetworkSvc) -- File not found
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (nosGetPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WDSmartWareBackgroundService) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (getPlus® Helper) getPlus® -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)


========== Driver Services (SafeList) ==========

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110803.001\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110803.001\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.)
DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (MCSTRM) -- C:\Windows\System32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - (dsunidrv) -- C:\Windows\System32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=6070720
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=6070720
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...us&ibd=6070720"
FF - prefs.js..extensions.enabledItems: {CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}:1.5.2.29
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.148
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - prefs.js..keyword.URL: "http://slirsredirect...b-en-us&query="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Users\Erik L Hanson\AppData\Roaming\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/23 16:24:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/21 21:48:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/24 22:09:12 | 000,000,000 | ---D | M]

[2009/10/23 16:34:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Extensions
[2008/09/01 15:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/08/01 18:08:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions
[2011/02/05 01:11:48 | 000,000,000 | ---D | M] () -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2010/07/24 11:47:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/01 18:08:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/06/21 21:49:55 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2009/10/23 16:34:18 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2011/04/10 00:34:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\[email protected]
[2009/11/05 08:21:57 | 000,004,554 | ---- | M] () -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\searchplugins\aim-search.xml
[2011/07/24 12:42:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/23 16:21:31 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Program Files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2011/06/21 21:48:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/07/26 19:57:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009/10/23 16:21:31 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Program Files\Mozilla Firefox\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/10/23 16:21:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/10/23 16:21:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/10/23 16:21:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/10/23 16:21:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/23 16:21:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/12/26 01:00:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2011/02/09 09:45:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/07/24 12:42:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2009/10/23 16:21:30 | 000,000,000 | ---D | M] (Firefox Campus Edition Settings) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2009/10/23 16:21:30 | 000,000,000 | ---D | M] (Zotero) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
File not found (No name found) --
[2011/06/21 21:48:50 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/07/20 18:48:04 | 000,119,808 | ---- | M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/07 16:20:42 | 000,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnu.dll
[2009/07/07 16:20:42 | 000,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll
[2008/03/20 18:21:26 | 001,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2011/06/06 12:55:30 | 000,183,696 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2008/08/29 10:01:22 | 000,106,348 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2011/04/09 16:01:51 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2010/10/21 11:07:13 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2011/04/09 16:01:51 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/10/21 11:07:13 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2011/04/09 16:01:51 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2011/04/09 16:01:51 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2010/07/20 18:48:05 | 000,002,020 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
[2011/04/09 16:01:51 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2011/04/09 16:01:51 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2009/02/25 10:02:01 | 000,303,425 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 10460 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] File not found
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Turbine Download Manager Tray Icon] File not found
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DellSupportCenter] File not found
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Erik L Hanson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe (GameStop Corporation)
O4 - Startup: C:\Users\Erik L Hanson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Erik L Hanson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000067 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000068 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000069 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000070 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000071 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000072 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000073 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000074 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000075 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000076 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000077 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000078 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000079 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000080 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000081 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000082 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000083 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000084 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000085 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000086 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000087 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000088 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000089 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000090 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Risk/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Risk/Images/armhelper.ocx (ArmHelper Control)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Erik L Hanson\Pictures\[bleep] raptors.jpg
O24 - Desktop BackupWallPaper: C:\Users\Erik L Hanson\Pictures\[bleep] raptors.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b59bd568-4031-11df-9b5f-0019b9860f32}\Shell - "" = AutoRun
O33 - MountPoints2\{b59bd568-4031-11df-9b5f-0019b9860f32}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/03 21:21:09 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Erik L Hanson\Desktop\OTL.exe
[2011/08/02 19:21:49 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2011/08/02 17:41:33 | 000,000,000 | -HSD | C] -- C:\found.007
[2011/07/24 12:42:14 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/07/24 12:42:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/07/24 12:42:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/07/20 17:39:41 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\AppData\Local\{14DB717C-6078-4ECA-BE06-A12AD7A928FD}
[2011/07/12 19:31:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/12 19:31:41 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/12 19:31:41 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/07/12 19:31:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/07/12 19:31:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/12 19:31:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/07/12 19:31:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/07/12 19:31:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/12 19:31:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/12 19:31:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/07/12 19:31:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/07/12 19:31:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/12 19:31:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/07/12 19:31:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/07/12 19:31:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/07/12 19:31:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/07/12 19:29:46 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011/07/12 19:29:46 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/12 19:28:11 | 002,332,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/10 14:49:12 | 000,000,000 | -HSD | C] -- C:\found.006
[2011/07/05 20:37:50 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\Documents\Wizards of the Coast
[2008/09/21 02:04:03 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Erik L Hanson\AppData\Roaming\DataSafeDotNet.exe

========== Files - Modified Within 30 Days ==========

[2011/08/03 21:21:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Erik L Hanson\Desktop\OTL.exe
[2011/08/03 19:15:50 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/08/03 19:10:17 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/03 19:10:17 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/03 18:54:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/03 18:53:55 | 1602,895,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/02 22:25:53 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/08/02 22:25:53 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/07/28 17:30:21 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/07/14 18:20:50 | 327,126,951 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/07/13 17:33:41 | 000,327,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/06/17 20:10:37 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/04/19 15:33:35 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/08/13 20:50:18 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/07/31 22:22:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/20 15:02:46 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2009/12/20 15:02:46 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2009/10/29 13:04:09 | 000,000,024 | ---- | C] () -- C:\ProgramData\CinemaNowSvc.ini
[2009/10/23 17:05:32 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/10/23 16:47:31 | 000,021,924 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009/09/23 19:16:08 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/09/16 16:44:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/10 10:29:50 | 001,761,280 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/08/10 08:14:26 | 000,027,184 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,327,600 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,683,404 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,130,688 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/11 09:39:16 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2009/01/23 16:36:43 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008/12/29 09:13:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/11/17 21:55:51 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2007/12/16 03:00:40 | 000,672,813 | ---- | C] () -- C:\Users\Erik L Hanson\AppData\Roaming\datasafeupdate.msi
[2007/10/30 17:29:42 | 000,025,600 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2007/10/30 17:29:41 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2007/10/30 17:29:41 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2007/09/02 10:36:22 | 000,001,803 | ---- | C] () -- C:\Windows\cdplayer.ini
[2007/09/02 10:10:46 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/07/29 19:55:57 | 000,000,775 | ---- | C] () -- C:\Windows\EReg072.dat
[2007/07/25 09:46:21 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2007/07/20 18:35:50 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/07/20 18:35:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/07/20 10:53:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/07/20 10:53:30 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE

========== LOP Check ==========

[2009/10/23 16:33:36 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\acccore
[2011/06/12 19:57:56 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\AtomZombieData
[2011/06/05 22:02:36 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\AtomZombieDemoData
[2011/05/11 03:08:56 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\BitTorrent
[2011/05/13 23:28:38 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\CBLoader
[2009/10/23 16:33:37 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\CiscoCAA
[2009/10/23 16:33:37 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/10/23 16:33:38 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\DataSafeOnline
[2011/05/07 18:50:31 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\Dwarfs
[2011/03/13 19:05:26 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\fizzy
[2009/10/23 14:29:48 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\GetRightToGo
[2010/04/07 17:47:58 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\Leadertech
[2009/10/23 16:34:19 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\OpenOffice.org
[2010/12/22 17:05:44 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\PCDr
[2009/11/17 13:55:05 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\SPORE
[2011/02/08 18:39:34 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\Stardock
[2011/07/19 21:59:38 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\SystemRequirementsLab
[2009/10/23 16:34:23 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\Unity
[2011/02/01 13:22:43 | 000,000,000 | ---D | M] -- C:\Users\Erik L Hanson\AppData\Roaming\Western Digital
[2011/07/28 17:30:21 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/05/26 17:52:11 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/08/03 19:15:50 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello FictiveRepose and welcome to G2G! :)

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Sorry for delay. Let's get started...

Intro

Be aware that we can only free your system of malware here. If this problem is system malfunction that you can ask tech guys for the help. I'll point you to them if that is the case :unsure:.

Step 1

Please uninstall these program from your system:

SpyBot Search and Destroy
Ad-Aware (unistall this only if you run Free version)

Because some of their components can interfere with our fixes.

Step 2

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in pop-up window to allow scan.
  • This will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, select Complete scan.
  • Complete scan sometimes takes up to 3 hours to finish so please be patient.
  • Click the green arrow Posted Image at the right, and the scan will start.
  • Click Yes to all if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • Copy and paste that log in the next reply. You can use Notepad to open the DrWeb.cvs report.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Step 4

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the "Scan All User" checkbox
  • Change "Extra Registry" option to "SafeList"
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows OTL.txt and Extra.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this files, and post it with your next reply.

Step 5

Please don't forget to include these items in your reply:

  • Malwarebytes log
  • Dr.Web log
  • OTL scan
  • Extras log
It would be helpful if you could post each log in separate post
  • 0

#3
FictiveRepose

FictiveRepose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hey maliprog, thanks for the help! I'm working on your instructions at the moment, more posts will follow as I complete your instructions.

Step 2, Malwarebytes' Anti-Malware Scan

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7419

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

8/9/2011 5:10:49 PM
mbam-log-2011-08-09 (17-10-49).txt

Scan type: Quick scan
Objects scanned: 161980
Time elapsed: 8 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{33A12BEB-3219-4CA8-99B4-733192704C62} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{33A12BEB-3219-4CA8-99B4-733192704C62} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\IntelVideoDivX.IntelVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\IntelVideoDivX.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#4
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi FictiveRepose,

Some systems take a long time for scan. Please stop Dr.Web and if it's possible tell me what did he found. After that continue with the steps.
  • 0

#5
FictiveRepose

FictiveRepose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
When I halted the scan originally, I forgot to save the log. I'm going to run the scan again to generate the log for you. I tried running it once, but something happened and my computer crashed and restarted, unfortunately I was away on the phone, so I'm not sure what it was. I'm going to try running the scan again, hopefully there won't be any problems this time.
  • 0

#6
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi FictiveRepose,

Are you still with me? Do you have any problems with Dr.Web?
  • 0

#7
FictiveRepose

FictiveRepose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I'm still with you, I'm having a couple of issues with DrWeb, but I think that I have it sorted out. I'm going to take another swing at getting the full scan done, sorry for the delays.
  • 0

#8
FictiveRepose

FictiveRepose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
DrWeb hasn't worked all that well, to be honest. The Express scan goes fine, but my system keeps crashing when I try to do the Complete Scan. I hope this is what you need.

=============================================================================
Dr.Web Scanner for Windows v6.00.11 (6.00.11.07112)
© Doctor Web, Ltd., 1992-2011
Log generated on: 2011-08-16, 17:57:39 [ERIKLHANSON-PC][Erik L Hanson]
Command line: "C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\32f5a_xp.exe" /lng /ini:setup_xp.ini /fast
Operating system: Windows Seven Premium x86 (Build 7600)
=============================================================================
DwShield started
Engine version: 5.00 (5.00.2.03300)
Engine API version: 2.02
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\451ba15d - 1604 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\74baddef - 4267 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\c080c63e - 23517 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2e6ebad9 - 20563 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\deed3c2a - 29147 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2b1b3064 - 20771 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\b52e448e - 41547 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\47bc7d3b - 35434 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\5a78bb72 - 41517 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2da0fe16 - 25512 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\26022546 - 28999 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\96b3bb94 - 36564 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\71d73084 - 30676 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\4fcf6617 - 25157 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\a473808b - 21479 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\3eb72009 - 23541 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d2aba33f - 24447 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\b339ef45 - 21471 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2e648747 - 17824 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\9147daf7 - 18737 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\436ea67e - 8998 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\4f03fd42 - 9352 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\c2cf09ed - 4901 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\be8e08f6 - 7472 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\c3a34d64 - 13720 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\ac3951ff - 12944 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\581dd301 - 17300 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\1a2a2c9e - 17443 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\fd54c610 - 18483 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\a748de5e - 14834 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\58a0faf6 - 14185 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\0971466e - 13370 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\c1036976 - 7482 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\b40d532b - 11624 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\41bbcb7d - 10523 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d24e5825 - 10122 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\4f91424c - 10453 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\f11ff951 - 10778 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\ea8c534a - 9822 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\73dede84 - 14045 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\ff73df42 - 7028 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d08a2656 - 8674 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\65c7e399 - 8626 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d533e6f0 - 8231 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\f2d4ba6b - 10397 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d6b95f5f - 11234 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\5e9f45d6 - 10356 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\6b1a7a1d - 11383 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e885170f - 8957 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e0626178 - 11015 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\cb73454d - 11168 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\37dd4a7c - 7798 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d17a454e - 7873 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\02832004 - 6904 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\36870e13 - 6503 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\ab23fadf - 9823 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\dacc019a - 7572 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e19cd3d5 - 6996 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\72320cdf - 16360 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\46be2034 - 29168 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\b6d51400 - 34202 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\21812507 - 28292 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\36ee3ad2 - 27164 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e067e69d - 25131 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\764a5445 - 31464 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\7bcb7468 - 18281 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\7783463d - 18009 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\a52b6eaf - 24685 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\c57f4569 - 13651 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\5c51f888 - 16025 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\31f4257a - 15644 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\22bceb61 - 23265 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\b02562bf - 23135 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\ffc47944 - 20510 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\a11f0f97 - 25475 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\55217a89 - 16298 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\5ef8d6c1 - 19357 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\10350431 - 18381 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\8bfb51b6 - 19562 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\b53e991e - 27102 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\1d0c7d24 - 21223 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\83c172bd - 24847 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d3599cb8 - 23251 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\1f64e2b5 - 14982 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\0caa100c - 16778 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e06c4640 - 18725 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\c3b266c8 - 18429 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\45bd1497 - 6220 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2a3fb16a - 142240 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\8edb7305 - 66726 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\4edadfd1 - 24512 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\92ad4c76 - 82762 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\6f083531 - 508543 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\9ca8bf0b - 994 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\8a55f14a - 1843 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\4e4a9d6d - 1694 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\43475f1e - 1578 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e1bb52b6 - 1959 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2c6fe7c8 - 2033 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\72aba803 - 1812 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\6f822f30 - 1738 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\6fe873d5 - 1885 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\25f7003f - 2091 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\56dc4c1b - 1569 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\9eb763a2 - 1834 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\ab5e545e - 1451 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\a2b5605a - 2208 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e0cfd2f1 - 2483 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\50d22f54 - 1603 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\4f04a73e - 1919 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2c538be7 - 1819 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\30892796 - 2229 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\6c14247d - 1833 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e7ed9400 - 1614 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\ec593534 - 2297 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\7d577583 - 2110 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\21d543c1 - 2007 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\e73049ec - 2370 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d0a464bd - 2241 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2e11b532 - 2596 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\728783cf - 2024 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\ba3d038b - 1609 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\c3416c25 - 1471 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\bf4b55e6 - 1445 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\9d13e2cc - 1895 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\c040cf62 - 2312 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\aced0ea9 - 3006 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\0c942f05 - 2146 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\50a97002 - 1714 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\d59751a1 - 2095 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\f5de4946 - 2715 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\89016042 - 2545 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\3d7d6eae - 2801 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\2cfe6705 - 6197 virus records
[Virus database] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\a332aaa4 - 28348 virus records
Total virus records: 2465695
[Self-checking] C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\32f5a_xp.exe
Key file: C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\setup.key
License key number: 0013622856
Registered to: An unauthorized User
License key activates on: 2011-03-10
License key expires on: 2012-03-11
Process in memory: System:4 - OK
Process in memory: C:\Program Files\Dell\QuickSet\quickset.exe:272 - OK
Process in memory: C:\Windows\System32\smss.exe:296 - OK
Process in memory: C:\Windows\System32\csrss.exe:428 - OK
Process in memory: C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe:436 - OK
Process in memory: C:\Windows\System32\csrss.exe:480 - OK
Process in memory: C:\Windows\System32\wininit.exe:488 - OK
Process in memory: C:\Windows\System32\services.exe:564 - OK
Process in memory: C:\Windows\System32\winlogon.exe:572 - OK
Process in memory: C:\Windows\System32\lsass.exe:604 - OK
Process in memory: C:\Windows\System32\lsm.exe:616 - OK
Process in memory: C:\Windows\System32\dwm.exe:632 - OK
Process in memory: C:\Windows\System32\AEstSrv.exe:672 - OK
Process in memory: C:\Windows\System32\svchost.exe:720 - OK
Process in memory: C:\Windows\System32\svchost.exe:804 - OK
Process in memory: C:\Program Files\Common Files\Symantec Shared\ccApp.exe:884 - OK
Process in memory: C:\Windows\System32\svchost.exe:912 - OK
Process in memory: C:\Windows\System32\svchost.exe:956 - OK
Process in memory: C:\Windows\System32\svchost.exe:988 - OK
Process in memory: C:\Windows\System32\svchost.exe:1108 - OK
Process in memory: C:\Windows\System32\WLTRAY.EXE:1144 - OK
Process in memory: C:\Windows\System32\svchost.exe:1152 - OK
Process in memory: C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:1276 - OK
Process in memory: C:\Windows\System32\svchost.exe:1352 - OK
Process in memory: C:\Program Files\LogMeIn Hamachi\hamachi-2.exe:1412 - OK
Process in memory: C:\Users\Erik L Hanson\Desktop\drweb-cureit.exe:1432 - OK
Process in memory: C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe:1436 - OK
Process in memory: C:\Windows\explorer.exe:1472 - OK
Process in memory: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe:1492 - OK
Process in memory: C:\Windows\System32\spoolsv.exe:1728 - OK
Process in memory: C:\Windows\System32\svchost.exe:1776 - OK
Process in memory: C:\Program Files\Common Files\Java\Java Update\jusched.exe:1948 - OK
Process in memory: C:\Windows\System32\taskhost.exe:2000 - OK
Process in memory: C:\Windows\System32\stacsv.exe:2112 - OK
Process in memory: C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe:2376 - OK
Process in memory: C:\Windows\System32\audiodg.exe:2400 - OK
Process in memory: C:\Windows\System32\svchost.exe:2424 - OK
Process in memory: C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe:2448 - OK
Process in memory: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe:2496 - OK
Process in memory: C:\Program Files\Viewpoint\Common\ViewpointService.exe:2536 - OK
Process in memory: C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe:2584 - OK
Process in memory: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe:2608 - OK
Process in memory: C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe:2640 - OK
Process in memory: C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE:2740 - OK
Process in memory: C:\Program Files\Digital Line Detect\DLG.exe:2840 - OK
Process in memory: C:\Windows\System32\WLTRYSVC.EXE:2940 - OK
Process in memory: C:\Windows\System32\drivers\XAudio.exe:2980 - OK
Process in memory: C:\Windows\System32\BCMWLTRY.EXE:2992 - OK
Process in memory: C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE:3004 - OK
Process in memory: C:\Windows\PLFSetL.exe:3176 - OK
Process in memory: C:\Program Files\DellSupport\DSAgnt.exe:3332 - OK
Process in memory: C:\Windows\System32\SearchIndexer.exe:3352 - OK
Process in memory: C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\32f5a_xp.exe:3380 - OK
Process in memory: C:\Windows\snuvcdsm.exe:3468 - OK
Process in memory: C:\Program Files\Mozilla Firefox\plugin-container.exe:3488 - OK
Process in memory: C:\Windows\System32\svchost.exe:3532 - OK
Process in memory: C:\Windows\System32\igfxpers.exe:3612 - OK
Process in memory: C:\Windows\System32\hkcmd.exe:3664 - OK
Process in memory: C:\Windows\System32\igfxtray.exe:3668 - OK
Process in memory: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe:3708 - OK
Process in memory: C:\Windows\System32\igfxsrvc.exe:3828 - OK
Process in memory: C:\Program Files\Steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe:3876 - OK
Process in memory: C:\Program Files\Steam\Steam.exe:3944 - OK
Process in memory: C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe:3992 - OK
Process in memory: C:\Program Files\Logitech\SetPoint\SetPoint.exe:4004 - OK
Process in memory: C:\Program Files\Wiley\Webster's New World\HKML_SRV.exe:4120 - OK
Process in memory: C:\Windows\System32\wbem\WmiPrvSE.exe:4340 - OK
Process in memory: C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe:4624 - OK
Process in memory: C:\Program Files\Common Files\Steam\SteamService.exe:4692 - OK
Process in memory: C:\Program Files\Steam\GameOverlayUI.exe:4740 - OK
Process in memory: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe:5144 - OK
Process in memory: C:\Windows\System32\svchost.exe:5188 - OK
Process in memory: C:\Users\Erik L Hanson\AppData\Local\Temp\E9C35808-9CBD2060-2ADE874-4F73DAC4\f305d1.exe:5204 - OK
Process in memory: C:\Windows\System32\wsqmcons.exe:5292 - OK
Process in memory: C:\Program Files\Mozilla Firefox\firefox.exe:5340 - OK
Process in memory: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe:5460 - OK
Process in memory: C:\Program Files\Dell Support Center\imstrayicon.exe:5576 - OK
Process in memory: C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe:6004 - OK
[Memory scanning] No viruses found
Master Boot Record HDD1 - OK
Unknown Boot Sector HDD1 Partition0 - OK
Unknown Boot Sector HDD1 Partition1 - OK
Active Unknown Boot Sector HDD1 Partition2 - OK
Unknown Boot Sector HDD1 Partition3 - OK

[Scan path] C:\Windows\system32
C:\Windows\system32\12520437.cpx - OK
C:\Windows\system32\12520850.cpx - OK
C:\Windows\system32\628E8A - OK
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 - OK
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 - OK
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 - OK
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 - OK
C:\Windows\system32\aaclient.dll - OK
C:\Windows\system32\accessibilitycpl.dll - OK
C:\Windows\system32\ACCTRES.dll - OK
C:\Windows\system32\acledit.dll - OK
C:\Windows\system32\aclui.dll - OK
C:\Windows\system32\acppage.dll - OK
C:\Windows\system32\acproxy.dll - OK
C:\Windows\system32\ActionCenter.dll - OK
C:\Windows\system32\ActionCenterCPL.dll - OK
C:\Windows\system32\ActionQueue.dll - OK
C:\Windows\system32\activeds.dll - OK
C:\Windows\system32\activeds.tlb - OK
C:\Windows\system32\actxprxy.dll - OK
C:\Windows\system32\AdapterTroubleshooter.exe - OK
C:\Windows\system32\admparse.dll - OK
C:\Windows\system32\adprovider.dll - OK
C:\Windows\system32\adsldp.dll - OK
C:\Windows\system32\adsldpc.dll - OK
C:\Windows\system32\adsmsext.dll - OK
C:\Windows\system32\adsnt.dll - OK
C:\Windows\system32\adtschema.dll - OK
C:\Windows\system32\advapi32.dll - OK
C:\Windows\system32\advpack.dll - OK
C:\Windows\system32\aecache.dll - OK
C:\Windows\system32\aeevts.dll - OK
C:\Windows\system32\aeinv.dll - OK
C:\Windows\system32\aelupsvc.dll - OK
C:\Windows\system32\aepdu.dll - OK
C:\Windows\system32\aepic.dll - OK
C:\Windows\system32\aestacap.dll - OK
C:\Windows\system32\aestaren.dll packed by PESTUB
>C:\Windows\system32\aestaren.dll - OK
C:\Windows\system32\aestecap.dll - OK
C:\Windows\system32\AEstSrv.exe - OK
C:\Windows\system32\aitagent.exe - OK
C:\Windows\system32\alg.exe - OK
C:\Windows\system32\AltTab.dll - OK
C:\Windows\system32\amcompat.tlb - OK
C:\Windows\system32\amstream.dll - OK
C:\Windows\system32\amxread.dll - OK
C:\Windows\system32\ANSI.SYS - OK
C:\Windows\system32\apds.dll - OK
C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-security-lsalookup-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-security-lsalookup-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-security-sddl-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-security-sddl-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-service-core-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-service-management-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-service-management-l1-1-0.dll - OK
C:\Windows\system32\api-ms-win-service-management-l2-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-service-management-l2-1-0.dll - OK
C:\Windows\system32\api-ms-win-service-winsvc-l1-1-0.dll packed by FLY-CODE
>C:\Windows\system32\api-ms-win-service-winsvc-l1-1-0.dll - OK
C:\Windows\system32\apilogen.dll - OK
C:\Windows\system32\apircl.dll - OK
C:\Windows\system32\apisetschema.dll - OK
C:\Windows\system32\append.exe - OK
C:\Windows\system32\apphelp.dll - OK
C:\Windows\system32\Apphlpdm.dll - OK
C:\Windows\system32\appidapi.dll - OK
C:\Windows\system32\appidcertstorecheck.exe - OK
C:\Windows\system32\appidpolicyconverter.exe - OK
C:\Windows\system32\appidsvc.dll - OK
C:\Windows\system32\appinfo.dll - OK
C:\Windows\system32\appwiz.cpl - OK
C:\Windows\system32\apss.dll - OK
C:\Windows\system32\ARP.EXE - OK
C:\Windows\system32\asferror.dll - OK
C:\Windows\system32\aspnet_counters.dll - OK
C:\Windows\system32\asycfilt.dll - OK
C:\Windows\system32\at.exe - OK
C:\Windows\system32\AtBroker.exe - OK
C:\Windows\system32\atl.dll - OK
C:\Windows\system32\atl71.dll - OK
C:\Windows\system32\atmfd.dll - OK
C:\Windows\system32\atmlib.dll - OK
C:\Windows\system32\attrib.exe - OK
C:\Windows\system32\audiodev.dll - OK
C:\Windows\system32\audiodg.exe - OK
C:\Windows\system32\AudioEng.dll - OK
C:\Windows\system32\AUDIOKSE.dll - OK
C:\Windows\system32\AudioSes.dll - OK
C:\Windows\system32\audiosrv.dll - OK
C:\Windows\system32\auditcse.dll - OK
C:\Windows\system32\auditpol.exe - OK
C:\Windows\system32\authfwcfg.dll - OK
C:\Windows\system32\AuthFWGP.dll - OK
C:\Windows\system32\AuthFWSnapin.dll - OK
C:\Windows\system32\AuthFWWizFwk.dll - OK
C:\Windows\system32\authui.dll packed by ZLIB
>C:\Windows\system32\authui.dll - archive BINARYRES
>>C:\Windows\system32\authui.dll/data001 - OK
>>C:\Windows\system32\authui.dll/data002 - OK
>>C:\Windows\system32\authui.dll/data003 - OK
>>C:\Windows\system32\authui.dll/data004 - OK
>C:\Windows\system32\authui.dll - OK
C:\Windows\system32\authz.dll - OK
C:\Windows\system32\autochk.exe - OK
C:\Windows\system32\autoconv.exe - OK
C:\Windows\system32\autoexec.nt - OK
C:\Windows\system32\autofmt.exe - OK
C:\Windows\system32\autoplay.dll - OK
C:\Windows\system32\AuxiliaryDisplayApi.dll - OK
C:\Windows\system32\AuxiliaryDisplayClassInstaller.dll - OK
C:\Windows\system32\AuxiliaryDisplayCpl.dll - OK
C:\Windows\system32\AuxiliaryDisplayDriverLib.dll - OK
C:\Windows\system32\AuxiliaryDisplayServices.dll - OK
C:\Windows\system32\avicap.dll - OK
C:\Windows\system32\avicap32.dll - OK
C:\Windows\system32\avifil32.dll - OK
C:\Windows\system32\avifile.dll - OK
C:\Windows\system32\avrt.dll - OK
C:\Windows\system32\AxInstSv.dll - OK
C:\Windows\system32\AxInstUI.exe - OK
C:\Windows\system32\azman.msc - OK
C:\Windows\system32\azroles.dll - OK
C:\Windows\system32\azroleui.dll - OK
C:\Windows\system32\AzSqlExt.dll - OK
C:\Windows\system32\BACSCPL.cpl - OK
C:\Windows\system32\basecsp.dll - OK
C:\Windows\system32\basesrv.dll - OK
C:\Windows\system32\batmeter.dll - OK
C:\Windows\system32\batt.dll - OK
C:\Windows\system32\bcdboot.exe - OK
C:\Windows\system32\bcdedit.exe - OK
C:\Windows\system32\bcdprov.dll - OK
C:\Windows\system32\bcdsrv.dll - OK
C:\Windows\system32\BCMLogon.dll - OK
C:\Windows\system32\bcmttls.dll - OK
C:\Windows\system32\BCMWLCPL.CPL - OK
C:\Windows\system32\bcmwlrmt.dll - OK
C:\Windows\system32\BCMWLTRY.EXE - OK
C:\Windows\system32\bcmwlu00.exe - OK
C:\Windows\system32\bcrypt.dll - OK
C:\Windows\system32\bcryptprimitives.dll - OK
C:\Windows\system32\bdaplgin.ax - OK
C:\Windows\system32\bderepair.dll - OK
C:\Windows\system32\bdesvc.dll - OK
C:\Windows\system32\bdeui.dll - OK
C:\Windows\system32\BdeUISrv.exe - OK
C:\Windows\system32\BdeUnlockWizard.exe - OK
C:\Windows\system32\BFE.DLL - OK
C:\Windows\system32\bidispl.dll - OK
C:\Windows\system32\biocpl.dll - OK
C:\Windows\system32\BioCredProv.dll - OK
C:\Windows\system32\bios1.rom - OK
C:\Windows\system32\bios4.rom - OK
C:\Windows\system32\bitsadmin.exe - OK
C:\Windows\system32\bitsigd.dll - OK
C:\Windows\system32\bitsperf.dll - OK
C:\Windows\system32\bitsprx2.dll - OK
C:\Windows\system32\bitsprx3.dll - OK
C:\Windows\system32\bitsprx4.dll - OK
C:\Windows\system32\bitsprx5.dll - OK
C:\Windows\system32\bitsprx6.dll - OK
C:\Windows\system32\blackbox.dll - OK
C:\Windows\system32\BlbEvents.dll - OK
C:\Windows\system32\blbres.dll - OK
C:\Windows\system32\blb_ps.dll - OK
C:\Windows\system32\boot.sdi - OK
C:\Windows\system32\bootcfg.exe - OK
C:\Windows\system32\bootres.dll - OK
C:\Windows\system32\bootstr.dll - OK
C:\Windows\system32\BOOTVID.DLL - OK
C:\Windows\system32\bopomofo.uce - OK
C:\Windows\system32\brcoinst.dll - OK
C:\Windows\system32\brdgcfg.dll - OK
C:\Windows\system32\bridgeres.dll - OK
C:\Windows\system32\bridgeunattend.exe - OK
C:\Windows\system32\browcli.dll - OK
C:\Windows\system32\browser.dll - OK
C:\Windows\system32\browseui.dll - OK
C:\Windows\system32\BtCoreIf.dll - OK
C:\Windows\system32\bthci.dll - OK
C:\Windows\system32\BthMtpContextHandler.dll - OK
C:\Windows\system32\bthpanapi.dll - OK
C:\Windows\system32\BthpanContextHandler.dll - OK
C:\Windows\system32\bthprops.cpl - OK
C:\Windows\system32\bthserv.dll - OK
C:\Windows\system32\bthudtask.exe - OK
C:\Windows\system32\btpanui.dll - OK
C:\Windows\system32\Bubbles.scr - OK
C:\Windows\system32\BWContextHandler.dll - OK
C:\Windows\system32\BWUnpairElevated.dll - OK
C:\Windows\system32\cabinet.dll - OK
C:\Windows\system32\cabview.dll - OK
C:\Windows\system32\cacls.exe - OK
C:\Windows\system32\calc.exe packed by ZLIB
>C:\Windows\system32\calc.exe - archive BINARYRES
>>C:\Windows\system32\calc.exe/data001 - OK
>>C:\Windows\system32\calc.exe/data002 - OK
>>C:\Windows\system32\calc.exe/data003 - OK
>>C:\Windows\system32\calc.exe/data004 - OK
>>C:\Windows\system32\calc.exe/data005 - OK
>>C:\Windows\system32\calc.exe/data006 - OK
>C:\Windows\system32\calc.exe - OK
C:\Windows\system32\capicom.dll packed by PESTUB
>C:\Windows\system32\capicom.dll - OK
C:\Windows\system32\capiprovider.dll - OK
C:\Windows\system32\capisp.dll - OK
C:\Windows\system32\CardGames.dll - OK
C:\Windows\system32\catsrv.dll - OK
C:\Windows\system32\catsrvps.dll - OK
C:\Windows\system32\catsrvut.dll - OK
C:\Windows\system32\cca.dll - OK
C:\Windows\system32\cdd.dll packed by FLY-CODE
>C:\Windows\system32\cdd.dll - OK
C:\Windows\system32\cdosys.dll - archive BINARYRES
>C:\Windows\system32\cdosys.dll/data001 - OK
>C:\Windows\system32\cdosys.dll/data002 - OK
C:\Windows\system32\cdosys.dll - OK
C:\Windows\system32\cero.rs packed by ZLIB
>C:\Windows\system32\cero.rs - archive BINARYRES
>>C:\Windows\system32\cero.rs/data001 - OK
>C:\Windows\system32\cero.rs - OK
C:\Windows\system32\certcli.dll - OK
C:\Windows\system32\certCredProvider.dll - OK
C:\Windows\system32\certenc.dll - OK
C:\Windows\system32\CertEnroll.dll - OK
C:\Windows\system32\CertEnrollCtrl.exe - OK
C:\Windows\system32\CertEnrollUI.dll - OK
C:\Windows\system32\certmgr.dll - OK
C:\Windows\system32\certmgr.msc - OK
C:\Windows\system32\CertPolEng.dll - OK
C:\Windows\system32\certprop.dll - OK
C:\Windows\system32\certreq.exe - OK
C:\Windows\system32\certutil.exe - OK
C:\Windows\system32\cewmdm.dll - OK
C:\Windows\system32\cfgbkend.dll - OK
C:\Windows\system32\cfgmgr32.dll - OK
C:\Windows\system32\chajei.ime - OK
C:\Windows\system32\charmap.exe - OK
C:\Windows\system32\chcp.com - OK
C:\Windows\system32\chkdsk.exe - OK
C:\Windows\system32\chkntfs.exe - OK
C:\Windows\system32\chkwudrv.dll - OK
C:\Windows\system32\choice.exe - OK
C:\Windows\system32\chsbrkr.dll - OK
C:\Windows\system32\chtbrkr.dll - OK
C:\Windows\system32\CHxReadingStringIME.dll - OK
C:\Windows\system32\ci.dll - OK
C:\Windows\system32\cic.dll - OK
C:\Windows\system32\cintlgnt.ime - OK
C:\Windows\system32\cipher.exe - OK
C:\Windows\system32\CIRCoInst.dll - OK
C:\Windows\system32\clb.dll - OK
C:\Windows\system32\clbcatq.dll - OK
C:\Windows\system32\cleanmgr.exe - OK
C:\Windows\system32\clfs.sys - OK
C:\Windows\system32\clfsw32.dll - OK
C:\Windows\system32\cliconfg.dll - OK
C:\Windows\system32\cliconfg.exe - OK
C:\Windows\system32\cliconfg.rll - OK
C:\Windows\system32\clip.exe - OK
C:\Windows\system32\clusapi.dll - OK
C:\Windows\system32\cmcfg32.dll - OK
C:\Windows\system32\cmd.exe - OK
C:\Windows\system32\cmdial32.dll - OK
C:\Windows\system32\cmdkey.exe - OK
C:\Windows\system32\cmdl32.exe - OK
C:\Windows\system32\cmicryptinstall.dll - OK
C:\Windows\system32\cmifw.dll - OK
C:\Windows\system32\cmipnpinstall.dll - OK
C:\Windows\system32\cmlua.dll - OK
C:\Windows\system32\cmmon32.exe - OK
C:\Windows\system32\cmncliM.dll - OK
C:\Windows\system32\cmpbk32.dll - OK
C:\Windows\system32\cmstp.exe - OK
C:\Windows\system32\cmstplua.dll - OK
C:\Windows\system32\cmutil.dll - OK
C:\Windows\system32\cngaudit.dll - OK
C:\Windows\system32\cngprovider.dll - OK
C:\Windows\system32\cnvfat.dll - OK
C:\Windows\system32\cofire.exe - OK
C:\Windows\system32\cofiredm.dll - OK
C:\Windows\system32\coh.cache - OK
C:\Windows\system32\colbact.dll - OK
C:\Windows\system32\collab.cpl - OK
C:\Windows\system32\COLORCNV.DLL - OK
C:\Windows\system32\colorcpl.exe - OK
C:\Windows\system32\colorui.dll - OK
C:\Windows\system32\comcat.dll - OK
C:\Windows\system32\comct232.ocx - OK
C:\Windows\system32\comct332.ocx - OK
C:\Windows\system32\comctl32.dll - OK
C:\Windows\system32\comctl32.ocx - OK
C:\Windows\system32\comdlg32.dll - OK
C:\Windows\system32\comdlg32.ocx - OK
C:\Windows\system32\comexp.msc - OK
C:\Windows\system32\COMM.drv - OK
C:\Windows\system32\COMMAND.COM - OK
C:\Windows\system32\COMMDLG.DLL - OK
C:\Windows\system32\comp.exe - OK
C:\Windows\system32\compact.exe - OK
C:\Windows\system32\compcln.exe - OK
C:\Windows\system32\compmgmt.msc - OK
C:\Windows\system32\CompMgmtLauncher.exe - OK
C:\Windows\system32\compobj.dll - OK
C:\Windows\system32\compstui.dll - OK
C:\Windows\system32\ComputerDefaults.exe - OK
C:\Windows\system32\comrepl.dll - OK
C:\Windows\system32\comres.dll - OK
C:\Windows\system32\comsnap.dll - OK
C:\Windows\system32\comsvcs.dll - OK
C:\Windows\system32\comuid.dll - OK
C:\Windows\system32\config.nt - OK
C:\Windows\system32\conhost.exe - OK
C:\Windows\system32\connect.dll - OK
C:\Windows\system32\consent.exe - OK
C:\Windows\system32\console.dll - OK
C:\Windows\system32\control.exe - OK
C:\Windows\system32\convert.exe - OK
C:\Windows\system32\correngine.dll - OK
C:\Windows\system32\country.sys - OK
C:\Windows\system32\CPFilters.dll - OK
C:\Windows\system32\credssp.dll - OK
C:\Windows\system32\credui.dll - OK
C:\Windows\system32\credwiz.exe - OK
C:\Windows\system32\crtdll.dll - OK
C:\Windows\system32\crypt32.dll - OK
C:\Windows\system32\cryptbase.dll - OK
C:\Windows\system32\cryptdlg.dll - OK
C:\Windows\system32\cryptdll.dll - OK
C:\Windows\system32\cryptext.dll - OK
C:\Windows\system32\cryptnet.dll - OK
C:\Windows\system32\cryptsp.dll - OK
C:\Windows\system32\cryptsvc.dll - OK
C:\Windows\system32\cryptui.dll - OK
C:\Windows\system32\cryptxml.dll - OK
C:\Windows\system32\cscapi.dll - OK
C:\Windows\system32\cscdll.dll - OK
C:\Windows\system32\cscript.exe - OK
C:\Windows\system32\csrr.rs - OK
C:\Windows\system32\csrsrv.dll - OK
C:\Windows\system32\csrss.exe - OK
C:\Windows\system32\csrstub.exe - OK
C:\Windows\system32\ctapo32.dll - OK
C:\Windows\system32\ctfmon.exe - OK
C:\Windows\system32\ctl3d32.dll - OK
C:\Windows\system32\ctl3dv2.dll - OK
C:\Windows\system32\ctppld.dll - OK
C:\Windows\system32\cttune.exe - OK
C:\Windows\system32\cttunesvr.exe - OK
C:\Windows\system32\C_037.NLS - OK
C:\Windows\system32\C_10000.NLS - OK
C:\Windows\system32\C_10001.NLS - OK
C:\Windows\system32\C_10002.NLS - OK
C:\Windows\system32\C_10003.NLS - OK
C:\Windows\system32\C_10004.NLS - OK
C:\Windows\system32\C_10005.NLS - OK
C:\Windows\system32\C_10006.NLS - OK
C:\Windows\system32\C_10007.NLS - OK
C:\Windows\system32\C_10008.NLS - OK
C:\Windows\system32\C_10010.NLS - OK
C:\Windows\system32\C_10017.NLS - OK
C:\Windows\system32\C_10021.NLS - OK
C:\Windows\system32\C_10029.NLS - OK
C:\Windows\system32\C_10079.NLS - OK
C:\Windows\system32\C_10081.NLS - OK
C:\Windows\system32\C_10082.NLS - OK
C:\Windows\system32\C_1026.NLS - OK
C:\Windows\system32\C_1047.NLS - OK
C:\Windows\system32\C_1140.NLS - OK
C:\Windows\system32\C_1141.NLS - OK
C:\Windows\system32\C_1142.NLS - OK
C:\Windows\system32\C_1143.NLS - OK
C:\Windows\system32\C_1144.NLS - OK
C:\Windows\system32\C_1145.NLS - OK
C:\Windows\system32\C_1146.NLS - OK
C:\Windows\system32\C_1147.NLS - OK
C:\Windows\system32\C_1148.NLS - OK
C:\Windows\system32\C_1149.NLS - OK
C:\Windows\system32\C_1250.NLS - OK
C:\Windows\system32\C_1251.NLS - OK
C:\Windows\system32\C_1252.NLS - OK
C:\Windows\system32\C_1253.NLS - OK
C:\Windows\system32\C_1254.NLS - OK
C:\Windows\system32\C_1255.NLS - OK
C:\Windows\system32\C_1256.NLS - OK
C:\Windows\system32\C_1257.NLS - OK
C:\Windows\system32\C_1258.NLS - OK
C:\Windows\system32\C_1361.NLS - OK
C:\Windows\system32\C_20000.NLS - OK
C:\Windows\system32\C_20001.NLS - OK
C:\Windows\system32\C_20002.NLS - OK
C:\Windows\system32\C_20003.NLS - OK
C:\Windows\system32\C_20004.NLS - OK
C:\Windows\system32\C_20005.NLS - OK
C:\Windows\system32\C_20105.NLS - OK
C:\Windows\system32\C_20106.NLS - OK
C:\Windows\system32\C_20107.NLS - OK
C:\Windows\system32\C_20108.NLS - OK
C:\Windows\system32\C_20127.NLS - OK
C:\Windows\system32\C_20261.NLS - OK
C:\Windows\system32\C_20269.NLS - OK
C:\Windows\system32\C_20273.NLS - OK
C:\Windows\system32\C_20277.NLS - OK
C:\Windows\system32\C_20278.NLS - OK
C:\Windows\system32\C_20280.NLS - OK
C:\Windows\system32\C_20284.NLS - OK
C:\Windows\system32\C_20285.NLS - OK
C:\Windows\system32\C_20290.NLS - OK
C:\Windows\system32\C_20297.NLS - OK
C:\Windows\system32\C_20420.NLS - OK
C:\Windows\system32\C_20423.NLS - OK
C:\Windows\system32\C_20424.NLS - OK
C:\Windows\system32\C_20833.NLS - OK
C:\Windows\system32\C_20838.NLS - OK
C:\Windows\system32\C_20866.NLS - OK
C:\Windows\system32\C_20871.NLS - OK
C:\Windows\system32\C_20880.NLS - OK
C:\Windows\system32\C_20905.NLS - OK
C:\Windows\system32\C_20924.NLS - OK
C:\Windows\system32\C_20932.NLS - OK
C:\Windows\system32\C_20936.NLS - OK
C:\Windows\system32\C_20949.NLS - OK
C:\Windows\system32\C_21025.NLS - OK
C:\Windows\system32\C_21027.NLS - OK
C:\Windows\system32\C_21866.NLS - OK
C:\Windows\system32\C_28591.NLS - OK
C:\Windows\system32\C_28592.NLS - OK
C:\Windows\system32\C_28593.NLS - OK
C:\Windows\system32\C_28594.NLS - OK
C:\Windows\system32\C_28595.NLS - OK
C:\Windows\system32\C_28596.NLS - OK
C:\Windows\system32\C_28597.NLS - OK
C:\Windows\system32\C_28598.NLS - OK
C:\Windows\system32\C_28599.NLS - OK
C:\Windows\system32\c_28603.nls - OK
C:\Windows\system32\C_28605.NLS - OK
C:\Windows\system32\C_437.NLS - OK
C:\Windows\system32\C_500.NLS - OK
C:\Windows\system32\C_708.NLS - OK
C:\Windows\system32\C_720.NLS - OK
C:\Windows\system32\C_737.NLS - OK
C:\Windows\system32\C_775.NLS - OK
C:\Windows\system32\C_850.NLS - OK
C:\Windows\system32\C_852.NLS - OK
C:\Windows\system32\C_855.NLS - OK
C:\Windows\system32\C_857.NLS - OK
C:\Windows\system32\C_858.NLS - OK
C:\Windows\system32\C_860.NLS - OK
C:\Windows\system32\C_861.NLS - OK
C:\Windows\system32\C_862.NLS - OK
C:\Windows\system32\C_863.NLS - OK
C:\Windows\system32\C_864.NLS - OK
C:\Windows\system32\C_865.NLS - OK
C:\Windows\system32\C_866.NLS - OK
C:\Windows\system32\C_869.NLS - OK
C:\Windows\system32\C_870.NLS - OK
C:\Windows\system32\C_874.NLS - OK
C:\Windows\system32\C_875.NLS - OK
C:\Windows\system32\C_932.NLS - OK
C:\Windows\system32\C_936.NLS - OK
C:\Windows\system32\C_949.NLS - OK
C:\Windows\system32\C_950.NLS - OK
C:\Windows\system32\C_G18030.DLL - OK
C:\Windows\system32\C_IS2022.DLL - OK
C:\Windows\system32\C_ISCII.DLL - OK
C:\Windows\system32\d2d1.dll - OK
C:\Windows\system32\d3d10.dll - OK
C:\Windows\system32\d3d10core.dll - OK
C:\Windows\system32\d3d10level9.dll - OK
C:\Windows\system32\d3d10warp.dll - OK
C:\Windows\system32\d3d10_1.dll - OK
C:\Windows\system32\d3d10_1core.dll - OK
C:\Windows\system32\d3d11.dll - OK
C:\Windows\system32\d3d8.dll - OK
C:\Windows\system32\d3d8thk.dll - OK
C:\Windows\system32\d3d9.dll - OK
C:\Windows\system32\D3DCompiler_33.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_33.dll - OK
C:\Windows\system32\D3DCompiler_34.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_34.dll - OK
C:\Windows\system32\D3DCompiler_35.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_35.dll - OK
C:\Windows\system32\D3DCompiler_36.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_36.dll - OK
C:\Windows\system32\D3DCompiler_37.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_37.dll - OK
C:\Windows\system32\D3DCompiler_38.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_38.dll - OK
C:\Windows\system32\D3DCompiler_39.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_39.dll - OK
C:\Windows\system32\D3DCompiler_40.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_40.dll - OK
C:\Windows\system32\D3DCompiler_41.dll packed by PESTUB
>C:\Windows\system32\D3DCompiler_41.dll - OK
C:\Windows\system32\D3DCompiler_42.dll - OK
C:\Windows\system32\D3DCompiler_43.dll - OK
C:\Windows\system32\d3dcsx_42.dll - OK
C:\Windows\system32\d3dcsx_43.dll - OK
C:\Windows\system32\d3dim.dll - OK
C:\Windows\system32\d3dim700.dll - OK
C:\Windows\system32\d3dramp.dll - OK
C:\Windows\system32\d3dx10.dll packed by PESTUB
>C:\Windows\system32\d3dx10.dll - OK
C:\Windows\system32\d3dx10_33.dll packed by PESTUB
>C:\Windows\system32\d3dx10_33.dll - OK
C:\Windows\system32\d3dx10_34.dll packed by PESTUB
>C:\Windows\system32\d3dx10_34.dll - OK
C:\Windows\system32\d3dx10_35.dll packed by PESTUB
>C:\Windows\system32\d3dx10_35.dll - OK
C:\Windows\system32\d3dx10_36.dll packed by PESTUB
>C:\Windows\system32\d3dx10_36.dll - OK
C:\Windows\system32\d3dx10_37.dll packed by PESTUB
>C:\Windows\system32\d3dx10_37.dll - OK
C:\Windows\system32\d3dx10_38.dll packed by PESTUB
>C:\Windows\system32\d3dx10_38.dll - OK
C:\Windows\system32\d3dx10_39.dll packed by PESTUB
>C:\Windows\system32\d3dx10_39.dll - OK
C:\Windows\system32\d3dx10_40.dll packed by PESTUB
>C:\Windows\system32\d3dx10_40.dll - OK
C:\Windows\system32\d3dx10_41.dll packed by PESTUB
>C:\Windows\system32\d3dx10_41.dll - OK
C:\Windows\system32\d3dx10_42.dll - OK
C:\Windows\system32\d3dx10_43.dll - OK
C:\Windows\system32\d3dx11_42.dll - OK
C:\Windows\system32\d3dx11_43.dll - OK
C:\Windows\system32\d3dx9_24.dll - OK
C:\Windows\system32\d3dx9_25.dll - OK
C:\Windows\system32\d3dx9_26.dll - OK
C:\Windows\system32\d3dx9_27.dll - OK
C:\Windows\system32\d3dx9_28.dll - OK
C:\Windows\system32\d3dx9_29.dll - OK
C:\Windows\system32\d3dx9_30.dll - OK
C:\Windows\system32\d3dx9_31.dll - OK
C:\Windows\system32\d3dx9_32.dll packed by PESTUB
>C:\Windows\system32\d3dx9_32.dll - OK
C:\Windows\system32\d3dx9_33.dll packed by PESTUB
>C:\Windows\system32\d3dx9_33.dll - OK
C:\Windows\system32\d3dx9_34.dll packed by PESTUB
>C:\Windows\system32\d3dx9_34.dll - OK
C:\Windows\system32\d3dx9_35.dll - OK
C:\Windows\system32\d3dx9_36.dll - OK
C:\Windows\system32\D3DX9_37.dll - OK
C:\Windows\system32\D3DX9_38.dll - OK
C:\Windows\system32\D3DX9_39.dll - OK
C:\Windows\system32\D3DX9_40.dll - OK
C:\Windows\system32\D3DX9_41.dll - OK
C:\Windows\system32\D3DX9_42.dll - OK
C:\Windows\system32\D3DX9_43.dll - OK
C:\Windows\system32\d3dxof.dll - OK
C:\Windows\system32\dataclen.dll - OK
C:\Windows\system32\davclnt.dll - OK
C:\Windows\system32\davhlpr.dll - OK
C:\Windows\system32\dbgeng.dll - OK
C:\Windows\system32\dbghelp.dll - OK
C:\Windows\system32\dbnetlib.dll - OK
C:\Windows\system32\dbnmpntw.dll - OK
C:\Windows\system32\dccw.exe - OK
C:\Windows\system32\dciman32.dll - OK
C:\Windows\system32\dcomcnfg.exe - OK
C:\Windows\system32\DDACLSys.dll - OK
C:\Windows\system32\DDEML.DLL - OK
C:\Windows\system32\ddodiag.exe - OK
C:\Windows\system32\DDOIProxy.dll - OK
C:\Windows\system32\DDORes.dll - OK
C:\Windows\system32\ddraw.dll - OK
C:\Windows\system32\ddrawex.dll - OK
C:\Windows\system32\debug.exe packed by EXEPACK
>C:\Windows\system32\debug.exe - OK
C:\Windows\system32\defaultlocationcpl.dll - OK
C:\Windows\system32\Defrag.exe - OK
C:\Windows\system32\defragproxy.dll - OK
C:\Windows\system32\defragsvc.dll - OK
C:\Windows\system32\deployJava1.dll - OK
C:\Windows\system32\desk.cpl - OK
C:\Windows\system32\deskadp.dll - OK
C:\Windows\system32\deskmon.dll - OK
C:\Windows\system32\deskperf.dll - OK
C:\Windows\system32\desktop.ini - OK
C:\Windows\system32\devenum.dll - OK
C:\Windows\system32\DeviceCenter.dll - OK
C:\Windows\system32\DeviceDisplayObjectProvider.exe - OK
C:\Windows\system32\DeviceDisplayStatusManager.dll - OK
C:\Windows\system32\DeviceEject.exe - OK
C:\Windows\system32\DeviceMetadataParsers.dll - OK
C:\Windows\system32\DevicePairing.dll - OK
C:\Windows\system32\DevicePairingFolder.dll - OK
C:\Windows\system32\DevicePairingHandler.dll - OK
C:\Windows\system32\DevicePairingProxy.dll - OK
C:\Windows\system32\DevicePairingWizard.exe - OK
C:\Windows\system32\DeviceProperties.exe - OK
C:\Windows\system32\DeviceUxRes.dll - OK
C:\Windows\system32\devmgmt.msc - OK
C:\Windows\system32\devmgr.dll - OK
C:\Windows\system32\devobj.dll - OK
C:\Windows\system32\devrtl.dll - OK
C:\Windows\system32\dfdts.dll - OK
C:\Windows\system32\DFDWiz.exe - OK
C:\Windows\system32\dfrgui.exe packed by ZLIB
>C:\Windows\system32\dfrgui.exe - archive BINARYRES
>>C:\Windows\system32\dfrgui.exe/data001 - OK
>>C:\Windows\system32\dfrgui.exe/data002 - OK
>C:\Windows\system32\dfrgui.exe - OK
C:\Windows\system32\dfscli.dll - OK
C:\Windows\system32\dfshim.dll - OK
C:\Windows\system32\DfsShlEx.dll - OK
C:\Windows\system32\dhcpcmonitor.dll - OK
C:\Windows\system32\dhcpcore.dll - OK
C:\Windows\system32\dhcpcore6.dll - OK
C:\Windows\system32\dhcpcsvc.dll - OK
C:\Windows\system32\dhcpcsvc6.dll - OK
C:\Windows\system32\DHCPQEC.DLL - OK
C:\Windows\system32\dhcpsapi.dll - OK
C:\Windows\system32\DiagCpl.dll - OK
C:\Windows\system32\diagperf.dll - OK
C:\Windows\system32\dialer.exe - OK
C:\Windows\system32\diantz.exe - OK
C:\Windows\system32\difxapi.dll - OK
C:\Windows\system32\dimsjob.dll - OK
C:\Windows\system32\dimsroam.dll - OK
C:\Windows\system32\dinotify.exe packed by FLY-CODE
>C:\Windows\system32\dinotify.exe - OK
C:\Windows\system32\dinput.dll - OK
C:\Windows\system32\dinput8.dll - OK
C:\Windows\system32\diskcomp.com - OK
C:\Windows\system32\diskcopy.com - OK
C:\Windows\system32\diskcopy.dll - OK
C:\Windows\system32\diskmgmt.msc - OK
C:\Windows\system32\diskpart.exe - OK
C:\Windows\system32\diskperf.exe - OK
C:\Windows\system32\diskraid.exe - OK
C:\Windows\system32\Dism.exe - OK
C:\Windows\system32\dispci.dll - OK
C:\Windows\system32\dispdiag.exe - OK
C:\Windows\system32\dispex.dll - OK
C:\Windows\system32\Display.dll - OK
C:\Windows\system32\DisplaySwitch.exe - OK
C:\Windows\system32\djoin.exe - OK
C:\Windows\system32\dllhost.exe - OK
C:\Windows\system32\dllhst3g.exe - OK
C:\Windows\system32\dmband.dll - OK
C:\Windows\system32\dmcompos.dll - OK
C:\Windows\system32\dmdlgs.dll - OK
C:\Windows\system32\DMdm32.cpl - OK
C:\Windows\system32\dmdskmgr.dll - OK
C:\Windows\system32\dmdskres.dll - OK
C:\Windows\system32\dmdskres2.dll - OK
C:\Windows\system32\dmime.dll - OK
C:\Windows\system32\dmintf.dll - OK
C:\Windows\system32\dmloader.dll - OK
C:\Windows\system32\dmocx.dll - OK
C:\Windows\system32\dmrc.dll - OK
C:\Windows\system32\dmscript.dll - OK
C:\Windows\system32\dmstyle.dll - OK
C:\Windows\system32\dmsynth.dll - OK
C:\Windows\system32\dmusic.dll - OK
C:\Windows\system32\dmutil.dll - OK
C:\Windows\system32\dmvdsitf.dll - OK
C:\Windows\system32\dmview.ocx - OK
C:\Windows\system32\dnsapi.dll - OK
C:\Windows\system32\dnscacheugc.exe - OK
C:\Windows\system32\dnscmmc.dll - OK
C:\Windows\system32\dnsext.dll - OK
C:\Windows\system32\dnshc.dll - OK
C:\Windows\system32\dnsrslvr.dll - OK
C:\Windows\system32\docprop.dll - OK
C:\Windows\system32\DocumentPerformanceEvents.dll - OK
C:\Windows\system32\doskey.exe - OK
C:\Windows\system32\dosx.exe - OK
C:\Windows\system32\dot3api.dll - OK
C:\Windows\system32\dot3cfg.dll - OK
C:\Windows\system32\dot3dlg.dll - OK
C:\Windows\system32\dot3gpclnt.dll - OK
C:\Windows\system32\dot3gpui.dll - OK
C:\Windows\system32\dot3hc.dll - OK
C:\Windows\system32\dot3msm.dll - OK
C:\Windows\system32\dot3svc.dll - OK
C:\Windows\system32\dot3ui.dll - OK
C:\Windows\system32\dpapimig.exe - OK
C:\Windows\system32\dpapiprovider.dll - OK
C:\Windows\system32\DpiScaling.exe - OK
C:\Windows\system32\dplaysvr.exe - OK
C:\Windows\system32\dplayx.dll - OK
C:\Windows\system32\dpmodemx.dll - OK
C:\Windows\system32\dpnaddr.dll - OK
C:\Windows\system32\dpnathlp.dll - OK
C:\Windows\system32\dpnet.dll - OK
C:\Windows\system32\dpnhpast.dll - OK
C:\Windows\system32\dpnhupnp.dll - OK
C:\Windows\system32\dpnlobby.dll - OK
C:\Windows\system32\dpnsvr.exe - OK
C:\Windows\system32\dps.dll - OK
C:\Windows\system32\dpwsockx.dll - OK
C:\Windows\system32\dpx.dll - OK
C:\Windows\system32\driverquery.exe - OK
C:\Windows\system32\drmmgrtn.dll - OK
C:\Windows\system32\drmv2clt.dll - archive BINARYRES
>C:\Windows\system32\drmv2clt.dll/data001 - archive HTML
>>C:\Windows\system32\drmv2clt.dll/data001/JavaScript.0 - OK
>C:\Windows\system32\drmv2clt.dll/data001 - OK
C:\Windows\system32\drmv2clt.dll - OK
C:\Windows\system32\drprov.dll - OK
C:\Windows\system32\drt.dll - OK
C:\Windows\system32\drtprov.dll - OK
C:\Windows\system32\drttransport.dll - OK
C:\Windows\system32\drvinst.exe - OK
C:\Windows\system32\drvstore.dll packed by BINARYRES
>C:\Windows\system32\drvstore.dll packed by MS COMPRESS
>>C:\Windows\system32\drvstore.dll - OK
C:\Windows\system32\DRWATSON.EXE - OK
C:\Windows\system32\ds16gt.dLL - OK
C:\Windows\system32\ds32gt.dll - OK
C:\Windows\system32\dsauth.dll - OK
C:\Windows\system32\dsc.1.0.07213.update.log - OK
C:\Windows\system32\dsdmo.dll - OK
C:\Windows\system32\DShowRdpFilter.dll - OK
C:\Windows\system32\dskquota.dll - OK
C:\Windows\system32\dskquoui.dll - OK
C:\Windows\system32\dsound.dll - OK
C:\Windows\system32\dsprop.dll - OK
C:\Windows\system32\dsquery.dll - OK
C:\Windows\system32\dsrole.dll - OK
C:\Windows\system32\dssec.dat - OK
C:\Windows\system32\dssec.dll - OK
C:\Windows\system32\dssenh.dll - OK
C:\Windows\system32\dsuiext.dll - OK
C:\Windows\system32\dswave.dll - OK
C:\Windows\system32\dtsh.dll - OK
C:\Windows\system32\dui70.dll - OK
C:\Windows\system32\dumphive.exe - OK
C:\Windows\system32\duser.dll - OK
C:\Windows\system32\dvdplay.exe - OK
C:\Windows\system32\dvdupgrd.exe - OK
C:\Windows\system32\dwm.exe - OK
C:\Windows\system32\dwmapi.dll - OK
C:\Windows\system32\dwmcore.dll - OK
C:\Windows\system32\dwmredir.dll - OK
C:\Windows\system32\DWrite.dll - OK
C:\Windows\system32\DWWIN.EXE - OK
C:\Windows\system32\dxdiag.exe - OK
C:\Windows\system32\dxdiagn.dll - OK
C:\Windows\system32\dxgi.dll - OK
C:\Windows\system32\dxmasf.dll - OK
C:\Windows\system32\DXP.dll - OK
C:\Windows\system32\dxpps.dll - OK
C:\Windows\system32\Dxpserver.exe - OK
C:\Windows\system32\DXPTaskRingtone.dll - OK
C:\Windows\system32\DxpTaskSync.dll - OK
C:\Windows\system32\dxtmsft.dll - OK
C:\Windows\system32\dxtrans.dll - OK
C:\Windows\system32\dxva2.dll - OK
C:\Windows\system32\ealregsnapshot1.reg - OK
C:\Windows\system32\Eap3Host.exe - OK
C:\Windows\system32\eapp3hst.dll - OK
C:\Windows\system32\eappcfg.dll - OK
C:\Windows\system32\eappgnui.dll - OK
C:\Windows\system32\eapphost.dll - OK
C:\Windows\system32\eappprxy.dll - OK
C:\Windows\system32\EAPQEC.DLL - OK
C:\Windows\system32\eapsvc.dll - OK
C:\Windows\system32\edit.com packed by EXEPACK
>C:\Windows\system32\edit.com - OK
C:\Windows\system32\EDIT.HLP - OK
C:\Windows\system32\edlin.exe packed by EXEPACK
>C:\Windows\system32\edlin.exe - OK
C:\Windows\system32\efsadu.dll - OK
C:\Windows\system32\efscore.dll - OK
C:\Windows\system32\efslsaext.dll - OK
C:\Windows\system32\efssvc.dll - OK
C:\Windows\system32\efsui.exe - OK
C:\Windows\system32\efsutil.dll - OK
C:\Windows\system32\ega.cpi - OK
C:\Windows\system32\EhStorAPI.dll - OK
C:\Windows\system32\EhStorAuthn.dll - OK
C:\Windows\system32\EhStorAuthn.exe - OK
C:\Windows\system32\EhStorPwdMgr.dll - OK
C:\Windows\system32\EhStorShell.dll - OK
C:\Windows\system32\els.dll - OK
C:\Windows\system32\ELSCore.dll - OK
C:\Windows\system32\elslad.dll - OK
C:\Windows\system32\elsTrans.dll - OK
C:\Windows\system32\emptyregdb.dat - OK
C:\Windows\system32\encapi.dll - OK
C:\Windows\system32\EncDec.dll - OK
C:\Windows\system32\EncDump.dll - OK
C:\Windows\system32\energy.dll - OK
C:\Windows\system32\eqossnap.dll - OK
C:\Windows\system32\es.dll - OK
C:\Windows\system32\esent.dll - OK
C:\Windows\system32\esentprf.dll - OK
C:\Windows\system32\esentutl.exe - OK
C:\Windows\system32\esrb.rs packed by ZLIB
>C:\Windows\system32\esrb.rs - archive BINARYRES
>>C:\Windows\system32\esrb.rs/data001 - OK
>C:\Windows\system32\esrb.rs - OK
C:\Windows\system32\eudcedit.exe - OK
C:\Windows\system32\eventcls.dll - OK
C:\Windows\system32\eventcreate.exe - OK
C:\Windows\system32\EventViewer_EventDetails.xsl - archive HTML
>C:\Windows\system32\EventViewer_EventDetails.xsl/Script.0 - OK
C:\Windows\system32\EventViewer_EventDetails.xsl - OK
C:\Windows\system32\eventvwr.exe - OK
C:\Windows\system32\eventvwr.msc - OK
C:\Windows\system32\evr.dll - OK
C:\Windows\system32\exe2bin.exe packed by EXEPACK
>C:\Windows\system32\exe2bin.exe - OK
C:\Windows\system32\expand.exe packed by BINARYRES
>C:\Windows\system32\expand.exe packed by MS COMPRESS
>>C:\Windows\system32\expand.exe - OK
C:\Windows\system32\ExplorerFrame.dll - OK
C:\Windows\system32\expsrv.dll - OK
C:\Windows\system32\extrac32.exe - OK
C:\Windows\system32\f3ahvoas.dll - OK
C:\Windows\system32\fastopen.exe packed by EXEPACK
>C:\Windows\system32\fastopen.exe packed by COM2EXE
>>C:\Windows\system32\fastopen.exe - OK
C:\Windows\system32\Faultrep.dll - OK
C:\Windows\system32\fc.exe - OK
C:\Windows\system32\fdBth.dll - OK
C:\Windows\system32\fdBthProxy.dll - OK
C:\Windows\system32\fde.dll - OK
C:\Windows\system32\fdeploy.dll - OK
C:\Windows\system32\fdPHost.dll - OK
C:\Windows\system32\fdPnp.dll - OK
C:\Windows\system32\fdprint.dll - OK
C:\Windows\system32\fdProxy.dll - OK
C:\Windows\system32\FDResPub.dll - OK
C:\Windows\system32\fdSSDP.dll - OK
C:\Windows\system32\fdWCN.dll - OK
C:\Windows\system32\fdWNet.dll - OK
C:\Windows\system32\fdWSD.dll - OK
C:\Windows\system32\feclient.dll - OK
C:\Windows\system32\filemgmt.dll - OK
C:\Windows\system32\find.exe - OK
C:\Windows\system32\findnetprinters.dll - OK
C:\Windows\system32\findstr.exe - OK
C:\Windows\system32\finger.exe - OK
C:\Windows\system32\Firewall.cpl - OK
C:\Windows\system32\FirewallAPI.dll - OK
C:\Windows\system32\FirewallControlPanel.dll - OK
C:\Windows\system32\fixmapi.exe - OK
C:\Windows\system32\FlashPlayerCPLApp.cpl - OK
C:\Windows\system32\fltLib.dll - OK
C:\Windows\system32\fltMC.exe - OK
C:\Windows\system32\FM20.DLL - OK
C:\Windows\system32\FM20ENU.DLL - OK
C:\Windows\system32\fmifs.dll - OK
C:\Windows\system32\fms.dll - OK
C:\Windows\system32\FNTCACHE.DAT - OK
C:\Windows\system32\FntCache.dll - OK
C:\Windows\system32\fontext.dll packed by BINARYRES
>C:\Windows\system32\fontext.dll packed by MS COMPRESS
>>C:\Windows\system32\fontext.dll - OK
C:\Windows\system32\fontsub.dll - OK
C:\Windows\system32\fontview.exe - OK
C:\Windows\system32\forfiles.exe - OK
C:\Windows\system32\format.com - OK
C:\Windows\system32\fphc.dll - OK
C:\Windows\system32\framebuf.dll - OK
C:\Windows\system32\framedyn.dll - OK
C:\Windows\system32\framedynos.dll - OK
C:\Windows\system32\fsmgmt.msc - OK
C:\Windows\system32\fsutil.exe - OK
C:\Windows\system32\fthsvc.dll - OK
C:\Windows\system32\ftp.exe - OK
C:\Windows\system32\FunctionDiscoveryFolder.dll - OK
C:\Windows\system32\fundisc.dll - OK
C:\Windows\system32\fveapi.dll - OK
C:\Windows\system32\fveapibase.dll - OK
C:\Windows\system32\fvecerts.dll - OK
C:\Windows\system32\fvenotify.exe - OK
C:\Windows\system32\fveprompt.exe - OK
C:\Windows\system32\fveRecover.dll - OK
C:\Windows\system32\fveui.dll - OK
C:\Windows\system32\fwcfg.dll - OK
C:\Windows\system32\FWPUCLNT.DLL - OK
C:\Windows\system32\FwRemoteSvr.dll - OK
C:\Windows\system32\FwsVpn.dll - OK
C:\Windows\system32\FXSAPI.dll - OK
C:\Windows\system32\FXSCOM.dll - OK
C:\Windows\system32\FXSCOMEX.dll - OK
C:\Windows\system32\FXSCOMPOSE.dll - OK
C:\Windows\system32\FXSCOMPOSERES.dll - OK
C:\Windows\system32\FXSCOVER.exe - OK
C:\Windows\system32\FXSEVENT.dll - OK
C:\Windows\system32\FXSEXT32.dll - OK
C:\Windows\system32\FXSMON.dll - OK
C:\Windows\system32\FXSRESM.dll - OK
C:\Windows\system32\FXSROUTE.dll - OK
C:\Windows\system32\FXSST.dll - OK
C:\Windows\system32\FXSSVC.exe - OK
C:\Windows\system32\FXST30.dll - OK
C:\Windows\system32\FXSTIFF.dll - OK
C:\Windows\system32\FXSUNATD.exe - OK
C:\Windows\system32\FXSUTILITY.dll - OK
C:\Windows\system32\FXSXP32.dll - OK
C:\Windows\system32\g711codc.ax - OK
C:\Windows\system32\gacinstall.dll - OK
C:\Windows\system32\gameux.dll - OK
C:\Windows\system32\GameUXLegacyGDFs.dll - OK
C:\Windows\system32\gatherNetworkInfo.vbs - OK
C:\Windows\system32\gb2312.uce - OK
C:\Windows\system32\gcdef.dll - OK
C:\Windows\system32\GDI.EXE - OK
C:\Windows\system32\gdi32.dll - OK
C:\Windows\system32\getmac.exe - OK
C:\Windows\system32\GettingStarted.exe - OK
C:\Windows\system32\getuname.dll - OK
C:\Windows\system32\glmf32.dll - OK
C:\Windows\system32\glu32.dll - OK
C:\Windows\system32\gpapi.dll - OK
C:\Windows\system32\gpedit.dll - OK
C:\Windows\system32\gpprnext.dll - OK
C:\Windows\system32\gpresult.exe - OK
C:\Windows\system32\gpsvc.dll - OK
C:\Windows\system32\gptext.dll - OK
C:\Windows\system32\gpupdate.exe - OK
C:\Windows\system32\graftabl.com - OK
C:\Windows\system32\GRAPHICS.COM - OK
C:\Windows\system32\graphics.pro - OK
C:\Windows\system32\grb.rs packed by ZLIB
>C:\Windows\system32\grb.rs - archive BINARYRES
>>C:\Windows\system32\grb.rs/data001 - OK
>>C:\Windows\system32\grb.rs/data002 - OK
>>C:\Windows\system32\grb.rs/data003 - OK
>>C:\Windows\system32\grb.rs/data004 - OK
>C:\Windows\system32\grb.rs - OK
C:\Windows\system32\Groupinghc.dll - OK
C:\Windows\system32\grpconv.exe - OK
C:\Windows\system32\hal.dll - OK
C:\Windows\system32\halacpi.dll - OK
C:\Windows\system32\halmacpi.dll - OK
C:\Windows\system32\hamachi.sys - OK
C:\Windows\system32\hbaapi.dll - OK
C:\Windows\system32\hccutils.dll - OK
C:\Windows\system32\hcproviders.dll - OK
C:\Windows\system32\hdwwiz.cpl - OK
C:\Windows\system32\hdwwiz.exe - OK
C:\Windows\system32\help.exe - OK
C:\Windows\system32\HelpPaneProxy.dll - OK
C:\Windows\system32\hgcpl.dll - OK
C:\Windows\system32\hgprint.dll - OK
C:\Windows\system32\hhctrl.ocx - OK
C:\Windows\system32\hhsetup.dll - OK
C:\Windows\system32\hid.dll - OK
C:\Windows\system32\hidphone.tsp - OK
C:\Windows\system32\hidserv.dll - OK
C:\Windows\system32\HIMEM.SYS - OK
C:\Windows\system32\hkcmd.exe - OK
C:\Windows\system32\hlink.dll - OK
C:\Windows\system32\hnetcfg.dll - OK
C:\Windows\system32\hnetmon.dll - OK
C:\Windows\system32\HOSTNAME.EXE - OK
C:\Windows\system32\hotplug.dll - OK
C:\Windows\system32\HotStartUserAgent.dll - OK
C:\Windows\system32\html.iec - OK
C:\Windows\system32\httpapi.dll - OK
C:\Windows\system32\htui.dll - OK
C:\Windows\system32\hwrcomp.exe - OK
C:\Windows\system32\hwrreg.exe - OK
C:\Windows\system32\iac25_32.ax - OK
C:\Windows\system32\ias.dll - OK
C:\Windows\system32\iasacct.dll - OK
C:\Windows\system32\iasads.dll - OK
C:\Windows\system32\iasdatastore.dll - OK
C:\Windows\system32\iashlpr.dll - OK
C:\Windows\system32\IasMigPlugin.dll - archive BINARYRES
>C:\Windows\system32\IasMigPlugin.dll/data001 - OK
C:\Windows\system32\IasMigPlugin.dll - OK
C:\Windows\system32\IasMigReader.exe - archive BINARYRES
>C:\Windows\system32\IasMigReader.exe/data001 - OK
C:\Windows\system32\IasMigReader.exe - OK
C:\Windows\system32\iasnap.dll - OK
C:\Windows\system32\iaspolcy.dll - OK
C:\Windows\system32\iasrad.dll - OK
C:\Windows\system32\iasrecst.dll - OK
C:\Windows\system32\iassam.dll - OK
C:\Windows\system32\iassdo.dll - OK
C:\Windows\system32\iassvcs.dll - OK
C:\Windows\system32\icaapi.dll - OK
C:\Windows\system32\icacls.exe - OK
C:\Windows\system32\icardagt.exe - OK
C:\Windows\system32\icardie.dll - OK
C:\Windows\system32\icardres.dll - OK
C:\Windows\system32\iccvid.dll - OK
C:\Windows\system32\icfupgd.dll - OK
C:\Windows\system32\icm32.dll - OK
C:\Windows\system32\icmp.dll - OK
C:\Windows\system32\icmui.dll - OK
C:\Windows\system32\IconCodecService.dll - OK
C:\Windows\system32\icrav03.rat - OK
C:\Windows\system32\icsigd.dll - OK
C:\Windows\system32\icsunattend.exe - OK
C:\Windows\system32\ideograf.uce - OK
C:\Windows\system32\IdListen.dll - OK
C:\Windows\system32\idndl.dll - OK
C:\Windows\system32\IDStore.dll - OK
C:\Windows\system32\ie4uinit.exe - OK
C:\Windows\system32\IEAdvpack.dll - OK
C:\Windows\system32\ieakeng.dll - OK
C:\Windows\system32\ieaksie.dll - OK
C:\Windows\system32\ieakui.dll - OK
C:\Windows\system32\ieapfltr.dat - OK
C:\Windows\system32\ieapfltr.dll - OK
C:\Windows\system32\iedkcs32.dll - OK
C:\Windows\system32\ieframe.dll - OK
C:\Windows\system32\iepeers.dll - OK
C:\Windows\system32\iernonce.dll - OK
C:\Windows\system32\iertutil.dll - OK
C:\Windows\system32\iesetup.dll - OK
C:\Windows\system32\iesysprep.dll - OK
C:\Windows\system32\ieui.dll - OK
C:\Windows\system32\ieuinit.inf - OK
C:\Windows\system32\ieUnatt.exe - OK
C:\Windows\system32\iexpress.exe - OK
C:\Windows\system32\ifmon.dll - OK
C:\Windows\system32\ifsutil.dll - OK
C:\Windows\system32\ifsutilx.dll - OK
C:\Windows\system32\ig4dev32.dll - OK
C:\Windows\system32\ig4icd32.dll - OK
C:\Windows\system32\igd10umd32.dll - OK
C:\Windows\system32\igdDiag.dll - OK
C:\Windows\system32\igdumd32.dll - OK
C:\Windows\system32\igdumdx32.dll - OK
C:\Windows\system32\igfxcfg.exe - OK
C:\Windows\system32\igfxCoIn_v1825.dll - OK
C:\Windows\system32\igfxCoIn_v1930.dll - OK
C:\Windows\system32\igfxcpl.cpl - OK
C:\Windows\system32\igfxdev.dll - OK
C:\Windows\system32\igfxdo.dll - OK
C:\Windows\system32\igfxexps.dll - OK
C:\Windows\system32\igfxext.exe - OK
C:\Windows\system32\igfxpers.exe - OK
C:\Windows\system32\igfxpph.dll - OK
C:\Windows\system32\igfxrara.lrc - OK
C:\Windows\system32\igfxrchs.lrc - OK
C:\Windows\system32\igfxrcht.lrc - OK
C:\Windows\system32\igfxrcsy.lrc - OK
C:\Windows\system32\igfxrdan.lrc - OK
C:\Windows\system32\igfxrdeu.lrc - OK
C:\Windows\system32\igfxrell.lrc - OK
C:\Windows\system32\igfxrenu.lrc - OK
C:\Windows\system32\igfxresp.lrc - OK
C:\Windows\system32\igfxress.dll - OK
C:\Windows\system32\igfxrfin.lrc - OK
C:\Windows\system32\igfxrfra.lrc - OK
C:\Windows\system32\igfxrheb.lrc - OK
C:\Windows\system32\igfxrhun.lrc - OK
C:\Windows\system32\igfxrita.lrc - OK
C:\Windows\system32\igfxrjpn.lrc - OK
C:\Windows\system32\igfxrkor.lrc - OK
C:\Windows\system32\igfxrnld.lrc - OK
C:\Windows\system32\igfxrnor.lrc - OK
C:\Windows\system32\igfxrplk.lrc - OK
C:\Windows\system32\igfxrptb.lrc - OK
C:\Windows\system32\igfxrptg.lrc - OK
C:\Windows\system32\igfxrrus.lrc - OK
C:\Windows\system32\igfxrsky.lrc - OK
C:\Windows\system32\igfxrslv.lrc - OK
C:\Windows\system32\igfxrsve.lrc - OK
C:\Windows\system32\igfxrtha.lrc - OK
C:\Windows\system32\igfxrtrk.lrc - OK
C:\Windows\system32\igfxsrvc.dll - OK
C:\Windows\system32\igfxsrvc.exe - OK
C:\Windows\system32\igfxTMM.dll - OK
C:\Windows\system32\igfxtray.exe - OK
C:\Windows\system32\igfxtvcx.dll - OK
C:\Windows\system32\igkrng400.bin - OK
C:\Windows\system32\iglhxa32.cpa - OK
C:\Windows\system32\iglhxa32.vp - OK
C:\Windows\system32\iglhxc32.vp - OK
C:\Windows\system32\iglhxg32.vp - OK
C:\Windows\system32\iglhxo32.vp - OK
C:\Windows\system32\iglhxs32.vp - OK
C:\Windows\system32\igxpun.exe - OK
C:\Windows\system32\IKEEXT.DLL - OK
C:\Windows\system32\imaadp32.acm - OK
C:\Windows\system32\imagehlp.dll - OK
C:\Windows\system32\imageres.dll - OK
C:\Windows\system32\imagesp1.dll - OK
C:\Windows\system32\imapi.dll - OK
C:\Windows\system32\imapi2.dll - OK
C:\Windows\system32\imapi2fs.dll - OK
C:\Windows\system32\imgutil.dll - OK
C:\Windows\system32\IMJP10.IME - OK
C:\Windows\system32\IMJP10K.DLL - OK
C:\Windows\system32\imkr80.ime - OK
C:\Windows\system32\imm32.dll - OK
C:\Windows\system32\inetcomm.dll - OK
C:\Windows\system32\inetcpl.cpl - OK
C:\Windows\system32\inetmib1.dll - OK
C:\Windows\system32\inetpp.dll - OK
C:\Windows\system32\inetppui.dll - OK
C:\Windows\system32\INETRES.dll - OK
C:\Windows\system32\InfDefaultInstall.exe - OK
C:\Windows\system32\infocardapi.dll - OK
C:\Windows\system32\infocardcpl.cpl - OK
C:\Windows\system32\InkEd.dll - OK
C:\Windows\system32\input.dll - OK
C:\Windows\system32\inseng.dll - OK
C:\Windows\system32\intl.cpl - OK
C:\Windows\system32\iologmsg.dll - OK
C:\Windows\system32\IPBusEnum.dll - OK
C:\Windows\system32\IPBusEnumProxy.dll - OK
C:\Windows\system32\ipconfig.exe - OK
C:\Windows\system32\IPHLPAPI.DLL - OK
C:\Windows\system32\iphlpsvc.dll - OK
C:\Windows\system32\ipnathlp.dll - OK
C:\Windows\system32\iprop.dll - OK
C:\Windows\system32\iprtprio.dll - OK
C:\Windows\system32\iprtrmgr.dll - OK
C:\Windows\system32\ipsecsnp.dll - OK
C:\Windows\system32\IPSECSVC.DLL - OK
C:\Windows\system32\ipsmsnap.dll - OK
C:\Windows\system32\ir32_32.dll - OK
C:\Windows\system32\ir41_32.ax - OK
C:\Windows\system32\ir41_qc.dll - OK
C:\Windows\system32\ir41_qcx.dll - OK
C:\Windows\system32\ir50_32.dll - OK
C:\Windows\system32\ir50_qc.dll - OK
C:\Windows\system32\ir50_qcx.dll - OK
C:\Windows\system32\irclass.dll - OK
C:\Windows\system32\irftp.exe - OK
C:\Windows\system32\irmon.dll - OK
C:\Windows\system32\irprops.cpl - OK
C:\Windows\system32\IScrNB.bmp - OK
C:\Windows\system32\iscsicli.exe - OK
C:\Windows\system32\iscsicpl.dll - OK
C:\Windows\system32\iscsicpl.exe - OK
C:\Windows\system32\iscsidsc.dll - OK
C:\Windows\system32\iscsied.dll - OK
C:\Windows\system32\iscsiexe.dll - OK
C:\Windows\system32\iscsilog.dll - OK
C:\Windows\system32\iscsium.dll - OK
C:\Windows\system32\iscsiwmi.dll - OK
C:\Windows\system32\isoburn.exe - OK
C:\Windows\system32\ISUSPM.cpl - OK
C:\Windows\system32\itircl.dll - OK
C:\Windows\system32\itss.dll - OK
C:\Windows\system32\iTVData.dll - OK
C:\Windows\system32\ivfsrc.ax - OK
C:\Windows\system32\iyuv_32.dll - OK
C:\Windows\system32\java.exe - OK
C:\Windows\system32\javaw.exe - OK
C:\Windows\system32\javaws.exe - OK
C:\Windows\system32\jnwmon.dll - OK
C:\Windows\system32\joy.cpl - OK
C:\Windows\system32\jscript.dll - OK
C:\Windows\system32\jscript9.dll - OK
C:\Windows\system32\jsproxy.dll - OK
C:\Windows\system32\jupdate-1.6.0_03-b05.log - OK
C:\Windows\system32\jupdate-1.6.0_05-b13.log - OK
C:\Windows\system32\jupdate-1.6.0_07-b06.log - OK
C:\Windows\system32\jupdate-1.6.0_11-b03.log - OK
C:\Windows\system32\jupdate-1.6.0_13-b03.log - OK
C:\Windows\system32\jupdate-1.6.0_15-b03.log - OK
C:\Windows\system32\jupdate-1.6.0_16-b01.log - OK
C:\Windows\system32\jupdate-1.6.0_17-b04.log - OK
C:\Windows\system32\jupdate-1.6.0_23-b05.log - OK
C:\Windows\system32\jupdate-1.6.0_26-b03.log - OK
C:\Windows\system32\kanji_1.uce - OK
C:\Windows\system32\kanji_2.uce - OK
C:\Windows\system32\KB16.COM - OK
C:\Windows\system32\kbd101.dll - OK
C:\Windows\system32\kbd101a.dll - OK
C:\Windows\system32\kbd101b.dll - OK
C:\Windows\system32\kbd101c.dll - OK
C:\Windows\system32\kbd103.dll - OK
C:\Windows\system32\kbd106.dll - OK
C:\Windows\system32\kbd106n.dll - OK
C:\Windows\system32\KBDA1.DLL - OK
C:\Windows\system32\KBDA2.DLL - OK
C:\Windows\system32\KBDA3.DLL - OK
C:\Windows\system32\KBDAL.DLL - OK
C:\Windows\system32\KBDARME.DLL - OK
C:\Windows\system32\KBDARMW.DLL - OK
C:\Windows\system32\kbdax2.dll - OK
C:\Windows\system32\KBDAZE.DLL - OK
C:\Windows\system32\KBDAZEL.DLL - OK
C:\Windows\system32\KBDBASH.DLL - OK
C:\Windows\system32\KBDBE.DLL - OK
C:\Windows\system32\KBDBENE.DLL - OK
C:\Windows\system32\KBDBGPH.DLL - OK
C:\Windows\system32\KBDBGPH1.DLL - OK
C:\Windows\system32\KBDBHC.DLL - OK
C:\Windows\system32\KBDBLR.DLL - OK
C:\Windows\system32\KBDBR.DLL - OK
C:\Windows\system32\KBDBU.DLL - OK
C:\Windows\system32\KBDBULG.DLL - OK
C:\Windows\system32\KBDCA.DLL - OK
C:\Windows\system32\KBDCAN.DLL - OK
C:\Windows\system32\KBDCR.DLL - OK
C:\Windows\system32\KBDCZ.DLL - OK
C:\Windows\system32\KBDCZ1.DLL - OK
C:\Windows\system32\KBDCZ2.DLL - OK
C:\Windows\system32\KBDDA.DLL - OK
C:\Windows\system32\KBDDIV1.DLL - OK
C:\Windows\system32\KBDDIV2.DLL - OK
C:\Windows\system32\KBDDV.DLL - OK
C:\Windows\system32\KBDES.DLL - OK
C:\Windows\system32\KBDEST.DLL - OK
C:\Windows\system32\KBDFA.DLL - OK
C:\Windows\system32\KBDFC.DLL - OK
C:\Windows\system32\KBDFI.DLL - OK
C:\Windows\system32\KBDFI1.DLL - OK
C:\Windows\system32\KBDFO.DLL - OK
C:\Windows\system32\KBDFR.DLL - OK
C:\Windows\system32\KBDGAE.DLL - OK
C:\Windows\system32\KBDGEO.DLL - OK
C:\Windows\system32\kbdgeoer.dll - OK
C:\Windows\system32\kbdgeoqw.dll - OK
C:\Windows\system32\KBDGKL.DLL - OK
C:\Windows\system32\KBDGR.DLL - OK
C:\Windows\system32\KBDGR1.DLL - OK
C:\Windows\system32\KBDGRLND.DLL - OK
C:\Windows\system32\KBDHAU.DLL - OK
C:\Windows\system32\KBDHE.DLL - OK
C:\Windows\system32\KBDHE220.DLL - OK
C:\Windows\system32\KBDHE319.DLL - OK
C:\Windows\system32\KBDHEB.DLL - OK
C:\Windows\system32\KBDHELA2.DLL - OK
C:\Windows\system32\KBDHELA3.DLL - OK
C:\Windows\system32\KBDHEPT.DLL - OK
C:\Windows\system32\KBDHU.DLL - OK
C:\Windows\system32\KBDHU1.DLL - OK
C:\Windows\system32\kbdibm02.dll - OK
C:\Windows\system32\KBDIBO.DLL - OK
C:\Windows\system32\KBDIC.DLL - OK
C:\Windows\system32\KBDINASA.DLL - OK
C:\Windows\system32\KBDINBE1.DLL - OK
C:\Windows\system32\KBDINBE2.DLL - OK
C:\Windows\system32\KBDINBEN.DLL - OK
C:\Windows\system32\KBDINDEV.DLL - OK
C:\Windows\system32\KBDINGUJ.DLL - OK
C:\Windows\system32\KBDINHIN.DLL - OK
C:\Windows\system32\KBDINKAN.DLL - OK
C:\Windows\system32\KBDINMAL.DLL - OK
C:\Windows\system32\KBDINMAR.DLL - OK
C:\Windows\system32\KBDINORI.DLL - OK
C:\Windows\system32\KBDINPUN.DLL - OK
C:\Windows\system32\KBDINTAM.DLL - OK
C:\Windows\system32\KBDINTEL.DLL - OK
C:\Windows\system32\KBDINUK2.DLL - OK
C:\Windows\system32\KBDIR.DLL - OK
C:\Windows\system32\KBDIT.DLL - OK
C:\Windows\system32\KBDIT142.DLL - OK
C:\Windows\system32\KBDIULAT.DLL - OK
C:\Windows\system32\KBDJPN.DLL - OK
C:\Windows\system32\KBDKAZ.DLL - OK
C:\Windows\system32\KBDKHMR.DLL - OK
C:\Windows\system32\KBDKOR.DLL - OK
C:\Windows\system32\KBDKYR.DLL - OK
C:\Windows\system32\KBDLA.DLL - OK
C:\Windows\system32\KBDLAO.DLL - OK
C:\Windows\system32\kbdlk41a.dll - OK
C:\Windows\system32\KBDLT.DLL - OK
C:\Windows\system32\KBDLT1.DLL - OK
C:\Windows\system32\KBDLT2.DLL - OK
C:\Windows\system32\KBDLV.DLL - OK
C:\Windows\system32\KBDLV1.DLL - OK
C:\Windows\system32\KBDMAC.DLL - OK
C:\Windows\system32\KBDMACST.DLL - OK
C:\Windows\system32\KBDMAORI.DLL - OK
C:\Windows\system32\KBDMLT47.DLL - OK
C:\Windows\system32\KBDMLT48.DLL - OK
C:\Windows\system32\KBDMON.DLL - OK
C:\Windows\system32\KBDMONMO.DLL - OK
C:\Windows\system32\KBDNE.DLL - OK
C:\Windows\system32\kbdnec.dll - OK
C:\Windows\system32\kbdnec95.dll - OK
C:\Windows\system32\kbdnecat.dll - OK
C:\Windows\system32\kbdnecnt.dll - OK
C:\Windows\system32\KBDNEPR.DLL - OK
C:\Windows\system32\KBDNO.DLL - OK
C:\Windows\system32\KBDNO1.DLL - OK
C:\Windows\system32\KBDNSO.DLL - OK
C:\Windows\system32\KBDPASH.DLL - OK
C:\Windows\system32\KBDPL.DLL - OK
C:\Windows\system32\KBDPL1.DLL - OK
C:\Windows\system32\KBDPO.DLL - OK
C:\Windows\system32\KBDRO.DLL - OK
C:\Windows\system32\KBDROPR.DLL - OK
C:\Windows\system32\KBDROST.DLL - OK
C:\Windows\system32\KBDRU.DLL - OK
C:\Windows\system32\KBDRU1.DLL - OK
C:\Windows\system32\KBDSF.DLL - OK
C:\Windows\system32\KBDSG.DLL - OK
C:\Windows\system32\KBDSL.DLL - OK
C:\Windows\system32\KBDSL1.DLL - OK
C:\Windows\system32\KBDSMSFI.DLL - OK
C:\Windows\system32\KBDSMSNO.DLL - OK
C:\Windows\system32\KBDSN1.DLL - OK
C:\Windows\system32\KBDSOREX.DLL - OK
C:\Windows\system32\KBDSORS1.DLL - OK
C:\Windows\system32\KBDSORST.DLL - OK
C:\Windows\system32\KBDSP.DLL - OK
C:\Windows\system32\KBDSW.DLL - OK
C:\Windows\system32\KBDSW09.DLL - OK
C:\Windows\system32\KBDSYR1.DLL - OK
C:\Windows\system32\KBDSYR2.DLL - OK
C:\Windows\system32\KBDTAJIK.DLL - OK
C:\Windows\system32\KBDTAT.DLL - OK
C:\Windows\system32\KBDTH0.DLL - OK
C:\Windows\system32\KBDTH1.DLL - OK
C:\Windows\system32\KBDTH2.DLL - OK
C:\Windows\system32\KBDTH3.DLL - OK
C:\Windows\system32\KBDTIPRC.DLL - OK
C:\Windows\system32\KBDTUF.DLL - OK
C:\Windows\system32\KBDTUQ.DLL - OK
C:\Windows\system32\KBDTURME.DLL - OK
C:\Windows\system32\KBDUGHR.DLL - OK
C:\Windows\system32\KBDUGHR1.DLL - OK
C:\Windows\system32\KBDUK.DLL - OK
C:\Windows\system32\KBDUKX.DLL - OK
C:\Windows\system32\KBDUR.DLL - OK
C:\Windows\system32\KBDUR1.DLL - OK
C:\Windows\system32\KBDURDU.DLL - OK
C:\Windows\system32\KBDUS.DLL - OK
C:\Windows\system32\KBDUSA.DLL - OK
C:\Windows\system32\KBDUSL.DLL - OK
C:\Windows\system32\KBDUSR.DLL - OK
C:\Windows\system32\KBDUSX.DLL - OK
C:\Windows\system32\KBDUZB.DLL - OK
C:\Windows\system32\KBDVNTC.DLL - OK
C:\Windows\system32\KBDWOL.DLL - OK
C:\Windows\system32\KBDYAK.DLL - OK
C:\Windows\system32\KBDYBA.DLL - OK
C:\Windows\system32\KBDYCC.DLL - OK
C:\Windows\system32\KBDYCL.DLL - OK
C:\Windows\system32\kd1394.dll - OK
C:\Windows\system32\kdcom.dll - OK
C:\Windows\system32\kdusb.dll - OK
C:\Windows\system32\kemutb.dll - OK
C:\Windows\system32\KemUtil.dll - OK
C:\Windows\system32\KemWnd.dll - OK
C:\Windows\system32\KemXML.dll - OK
C:\Windows\system32\kerberos.dll - OK
C:\Windows\system32\kernel32.dll - OK
C:\Windows\system32\KernelBase.dll - OK
C:\Windows\system32\kernelceip.dll - OK
C:\Windows\system32\KEY01.SYS - OK
C:\Windows\system32\keyboard.drv - OK
C:\Windows\system32\KEYBOARD.SYS - OK
C:\Windows\system32\keyiso.dll - OK
C:\Windows\system32\keymgr.dll - OK
C:\Windows\system32\klist.exe - OK
C:\Windows\system32\kmddsp.tsp - OK
C:\Windows\system32\KMSVC.DLL - OK
C:\Windows\system32\korean.uce - OK
C:\Windows\system32\korwbrkr.dll - OK
C:\Windows\system32\korwbrkr.lex - OK
C:\Windows\system32\krnl386.exe - OK
C:\Windows\system32\ksetup.exe - OK
C:\Windows\system32\ksproxy.ax - OK
C:\Windows\system32\kstvtune.ax - OK
C:\Windows\system32\ksuser.dll - OK
C:\Windows\system32\Kswdmcap.ax - OK
C:\Windows\system32\ksxbar.ax - OK
C:\Windows\system32\ktmutil.exe - OK
C:\Windows\system32\ktmw32.dll - OK
C:\Windows\system32\l2gpstore.dll - OK
C:\Windows\system32\l2nacp.dll - OK
C:\Windows\system32\L2SecHC.dll - OK
C:\Windows\system32\l3codeca.acm - OK
C:\Windows\system32\l3codecp.acm - OK
C:\Windows\system32\label.exe - OK
C:\Windows\system32\LangCleanupSysprepAction.dll - OK
C:\Windows\system32\lanman.drv - OK
C:\Windows\system32\LAPRXY.DLL - OK
C:\Windows\system32\lcphrase.tbl - OK
C:\Windows\system32\lcptr.tbl - OK
C:\Windows\system32\LegitCheckControl.DLL - OK
C:\Windows\system32\license.rtf - OK
C:\Windows\system32\licmgr10.dll - OK
C:\Windows\system32\linkinfo.dll - OK
C:\Windows\system32\ListSvc.dll - OK
C:\Windows\system32\LIVESSP.DLL - OK
C:\Windows\system32\lltdapi.dll - OK
C:\Windows\system32\lltdres.dll - OK
C:\Windows\system32\lltdsvc.dll - OK
C:\Windows\system32\lmhsvc.dll - OK
C:\Windows\system32\LOADFIX.COM - OK
C:\Windows\system32\loadperf.dll - OK
C:\Windows\system32\locale.nls - OK
C:\Windows\system32\localsec.dll - OK
C:\Windows\system32\localspl.dll - OK
C:\Windows\system32\localui.dll - OK
C:\Windows\system32\LocationApi.dll - OK
C:\Windows\system32\LocationNotifications.exe - OK
C:\Windows\system32\locationnotificationsview.xml - OK
C:\Windows\system32\Locator.exe - OK
C:\Windows\system32\lodctr.exe - OK
C:\Windows\system32\logagent.exe - OK
C:\Windows\system32\loghours.dll - OK
C:\Windows\system32\LogiLDA.DLL - archive BINARYRES
>C:\Windows\system32\LogiLDA.DLL/data001 - archive HTML
>>C:\Windows\system32\LogiLDA.DLL/data001/Script.0 - OK
>>C:\Windows\system32\LogiLDA.DLL/data001/Script.1 - OK
>>C:\Windows\system32\LogiLDA.DLL/data001/Script.2 - OK
>C:\Windows\system32\LogiLDA.DLL/data001 - OK
>C:\Windows\system32\LogiLDA.DLL/data002 - archive HTML
>>C:\Windows\system32\LogiLDA.DLL/data002/Script.0 - OK
>>C:\Windows\system32\LogiLDA.DLL/data002/Script.1 - OK
>C:\Windows\system32\LogiLDA.DLL/data002 - OK
C:\Windows\system32\LogiLDA.DLL - OK
C:\Windows\system32\logman.exe - OK
C:\Windows\system32\logoncli.dll - OK
C:\Windows\system32\LogonUI.exe - OK
C:\Windows\system32\lpk.dll - OK
C:\Windows\system32\lpksetup.exe - OK
C:\Windows\system32\lpksetupproxyserv.dll - OK
C:\Windows\system32\lpremove.exe - OK
C:\Windows\system32\lsasrv.dll - OK
C:\Windows\system32\lsass.exe - OK
C:\Windows\system32\lsm.exe - OK
C:\Windows\system32\lsmproxy.dll - OK
C:\Windows\system32\luainstall.dll - OK
C:\Windows\system32\lusrmgr.msc - OK
C:\Windows\system32\lz32.dll - OK
C:\Windows\system32\lzexpand.dll - OK
C:\Windows\system32\l_intl.nls - OK
C:\Windows\system32\Magnification.dll - OK
C:\Windows\system32\Magnify.exe packed by ZLIB
>C:\Windows\system32\Magnify.exe - archive BINARYRES
>>C:\Windows\system32\Magnify.exe/data001 - OK
>>C:\Windows\system32\Magnify.exe/data002 - OK
>>C:\Windows\system32\Magnify.exe/data003 - OK
>>C:\Windows\system32\Magnify.exe/data004 - OK
>>C:\Windows\system32\Magnify.exe/data005 - OK
>C:\Windows\system32\Magnify.exe - OK
C:\Windows\system32\main.cpl - OK
C:\Windows\system32\makecab.exe - OK
C:\Windows\system32\manage-bde.exe - OK
C:\Windows\system32\manage-bde.wsf - archive HTML
>C:\Windows\system32\manage-bde.wsf/VBScript.0 - OK
C:\Windows\system32\manage-bde.wsf - OK
C:\Windows\system32\mapi32.dll - OK
C:\Windows\system32\mapistub.dll - OK
C:\Windows\system32\mapisvc.inf - OK
C:\Windows\system32\mblctr.exe - OK
C:\Windows\system32\mcbuilder.exe - OK
C:\Windows\system32\MCEWMDRMNDBootstrap.dll - OK
C:\Windows\system32\mciavi.drv - OK
C:\Windows\system32\mciavi32.dll - OK
C:\Windows\system32\mcicda.dll - OK
C:\Windows\system32\mciqtz32.dll - OK
C:\Windows\system32\mciseq.dll - OK
C:\Windows\system32\mciseq.drv - OK
C:\Windows\system32\mciwave.dll - OK
C:\Windows\system32\mciwave.drv - OK
C:\Windows\system32\mcmde.dll - OK
C:\Windows\system32\mcs.rma - OK
C:\Windows\system32\mcsrchPH.dll - OK
C:\Windows\system32\mctadmin.exe - OK
C:\Windows\system32\mctres.dll - OK
C:\Windows\system32\mcupdate_AuthenticAMD.dll - OK
C:\Windows\system32\mcupdate_GenuineIntel.dll - OK
C:\Windows\system32\Mcx2Svc.dll - OK
C:\Windows\system32\McxDriv.dll - OK
C:\Windows\system32\mdminst.dll - OK
C:\Windows\system32\mdmxsdk.dll - OK
C:\Windows\system32\MdRes.exe - OK
C:\Windows\system32\MdSched.exe - OK
C:\Windows\system32\MediaMetadataHandler.dll - OK
C:\Windows\system32\mem.exe packed by EXEPACK
>C:\Windows\system32\mem.exe - OK
C:\Windows\system32\memdiag.dll - OK
C:\Windows\system32\mf.dll - OK
C:\Windows\system32\mf3216.dll - OK
C:\Windows\system32\mfAACEnc.dll - OK
C:\Windows\system32\mfc40.dll - OK
C:\Windows\system32\mfc40u.dll - OK
C:\Windows\system32\mfc42.dll - OK
C:\Windows\system32\mfc42u.dll - OK
C:\Windows\system32\MFC71.DLL - OK
C:\Windows\system32\mfc71u.dll - OK
C:\Windows\system32\mfcsubs.dll - OK
C:\Windows\system32\mfds.dll - OK
C:\Windows\system32\mfdvdec.dll - OK
C:\Windows\system32\mferror.dll - OK
C:\Windows\system32\mfh264enc.dll - OK
C:\Windows\system32\mfmjpegdec.dll - OK
C:\Windows\system32\mfplat.dll packed by FLY-CODE
>C:\Windows\system32\mfplat.dll - OK
C:\Windows\system32\MFPlay.dll - OK
C:\Windows\system32\mfpmp.exe - OK
C:\Windows\system32\mfps.dll - OK
C:\Windows\system32\mfreadwrite.dll - OK
C:\Windows\system32\mfvdsp.dll - OK
C:\Windows\system32\MFWMAAEC.DLL - OK
C:\Windows\system32\mgmtapi.dll - OK
C:\Windows\system32\microsoft-windows-hal-events.dll - OK
C:\Windows\system32\microsoft-windows-kernel-power-events.dll - OK
C:\Windows\system32\microsoft-windows-kernel-processor-power-events.dll - OK
C:\Windows\system32\midimap.dll - OK
C:\Windows\system32\MigAutoPlay.exe - OK
C:\Windows\system32\migisol.dll - OK
C:\Windows\system32\miguiresource.dll - OK
C:\Windows\system32\migwiz.lnk - OK
C:\Windows\system32\mimefilt.dll - OK
C:\Windows\system32\mlang.dat - OK
C:\Windows\system32\mlang.dll - OK
C:\Windows\system32\mmc.exe - OK
C:\Windows\system32\mmcbase.dll - OK
C:\Windows\system32\mmci.dll - OK
C:\Windows\system32\mmcico.dll - OK
C:\Windows\system32\mmcndmgr.dll - OK
C:\Windows\system32\mmcshext.dll - OK
C:\Windows\system32\mmcss.dll - OK
C:\Windows\system32\MMDevAPI.dll - OK
C:\Windows\system32\mmres.dll - OK
C:\Windows\system32\mmsys.cpl - OK
C:\Windows\system32\MMSYSTEM.DLL - OK
C:\Windows\system32\mmtask.tsk - OK
C:\Windows\system32\mobsync.exe - OK
C:\Windows\system32\mode.com - OK
C:\Windows\system32\modemui.dll - OK
C:\Windows\system32\montr_ci.dll - OK
C:\Windows\system32\more.com - OK
C:\Windows\system32\moricons.dll - OK
C:\Windows\system32\mountvol.exe - OK
C:\Windows\system32\mouse.drv - OK
C:\Windows\system32\MP3DMOD.DLL - OK
C:\Windows\system32\MP43DECD.DLL - OK
C:\Windows\system32\MP4SDECD.DLL - OK
C:\Windows\system32\Mpeg2Data.ax - OK
C:\Windows\system32\mpg2splt.ax - OK
C:\Windows\system32\MPG4DECD.DLL - OK
C:\Windows\system32\mpnotify.exe - OK
C:\Windows\system32\mpr.dll - OK
C:\Windows\system32\mprapi.dll - OK
C:\Windows\system32\mprddm.dll - OK
C:\Windows\system32\mprdim.dll - OK
C:\Windows\system32\mprmsg.dll - OK
C:\Windows\system32\MpSigStub.exe - OK
C:\Windows\system32\MPSSVC.dll - OK
C:\Windows\system32\MRINFO.EXE - OK
C:\Windows\system32\MRT.exe - archive BINARYRES
>C:\Windows\system32\MRT.exe/data001 - archive BINARYRES
>>C:\Windows\system32\MRT.exe/data001/data001 - OK
>>C:\Windows\system32\MRT.exe/data001/data002 - OK
>>C:\Windows\system32\MRT.exe/data001/data003 - OK
>C:\Windows\system32\MRT.exe/data001 - OK
>C:\Windows\system32\MRT.exe/data002 - OK
C:\Windows\system32\MRT.exe - OK
C:\Windows\system32\msaatext.dll - OK
C:\Windows\system32\MSAC3ENC.DLL - OK
C:\Windows\system32\msacm.dll - OK
C:\Windows\system32\msacm32.dll - OK
C:\Windows\system32\msacm32.drv - OK
C:\Windows\system32\msadp32.acm - OK
C:\Windows\system32\msafd.dll - OK
C:\Windows\system32\msasn1.dll - OK
C:\Windows\system32\msaudite.dll - OK
C:\Windows\system32\mscandui.dll - OK
C:\Windows\system32\mscat32.dll - OK
C:\Windows\system32\mscdexnt.exe - OK
C:\Windows\system32\msclmd.dll - OK
C:\Windows\system32\mscms.dll - OK
C:\Windows\system32\mscomct2.ocx - OK
C:\Windows\system32\MSCOMCTL.OCX - OK
C:\Windows\system32\msconfig.exe - OK
C:\Windows\system32\mscoree.dll - OK
C:\Windows\system32\mscorier.dll - OK
C:\Windows\system32\mscories.dll - OK
C:\Windows\system32\mscpx32r.dLL - OK
C:\Windows\system32\mscpxl32.dLL - OK
C:\Windows\system32\msctf.dll - OK
C:\Windows\system32\msctfime.ime - OK
C:\Windows\system32\MsCtfMonitor.dll - OK
C:\Windows\system32\msctfp.dll - OK
C:\Windows\system32\msctfui.dll - OK
C:\Windows\system32\msdadiag.dll - OK
C:\Windows\system32\msdart.dll - OK
C:\Windows\system32\msdatsrc.tlb - OK
C:\Windows\system32\msdelta.dll - OK
C:\Windows\system32\msdmo.dll - OK
C:\Windows\system32\msdri.dll - OK
C:\Windows\system32\msdrm.dll - OK
C:\Windows\system32\msdt.exe - OK
C:\Windows\system32\msdtc.exe - OK
C:\Windows\system32\msdtckrm.dll - OK
C:\Windows\system32\msdtclog.dll - OK
C:\Windows\system32\msdtcprx.dll - OK
C:\Windows\system32\msdtctm.dll - OK
C:\Windows\system32\msdtcuiu.dll - OK
C:\Windows\system32\msdtcVSp1res.dll - OK
C:\Windows\system32\MSDvbNP.ax - OK
C:\Windows\system32\msdxm.ocx - OK
C:\Windows\system32\msdxm.tlb - OK
C:\Windows\system32\msexch40.dll - OK
C:\Windows\system32\msexcl40.dll - OK
C:\Windows\system32\msfeeds.dll - OK
C:\Windows\system32\msfeedsbs.dll - OK
C:\Windows\system32\msfeedssync.exe - OK
C:\Windows\system32\msftedit.dll - OK
C:\Windows\system32\msg711.acm - OK
C:\Windows\system32\msgsm32.acm - OK
C:\Windows\system32\mshta.exe - OK
C:\Windows\system32\mshtml.dll - OK
C:\Windows\system32\mshtml.tlb - OK
C:\Windows\system32\mshtmled.dll - OK
C:\Windows\system32\mshtmler.dll - OK
C:\Windows\system32\msi.dll - OK
C:\Windows\system32\MsiCofire.dll - OK
C:\Windows\system32\msidcrl30.dll - OK
C:\Windows\system32\msident.dll - OK
C:\Windows\system32\msidle.dll - OK
C:\Windows\system32\msidntld.dll - OK
C:\Windows\system32\msieftp.dll - OK
C:\Windows\system32\msiexec.exe - OK
C:\Windows\system32\msihnd.dll - OK
C:\Windows\system32\msiltcfg.dll - OK
C:\Windows\system32\msimg32.dll packed by FLY-CODE
>C:\Windows\system32\msimg32.dll - OK
C:\Windows\system32\msimsg.dll - OK
C:\Windows\system32\msimtf.dll - OK
C:\Windows\system32\msinfo32.exe - OK
C:\Windows\system32\msisip.dll - OK
C:\Windows\system32\msjet40.dll - OK
C:\Windows\system32\msjetoledb40.dll - OK
C:\Windows\system32\msjint40.dll - OK
C:\Windows\system32\msjter40.dll - OK
C:\Windows\system32\msjtes40.dll - OK
C:\Windows\system32\msls31.dll - OK
C:\Windows\system32\msltus40.dll - OK
C:\Windows\system32\msmmsp.dll - OK
C:\Windows\system32\msmpeg2adec.dll - OK
C:\Windows\system32\MSMPEG2ENC.DLL - OK
C:\Windows\system32\msmpeg2vdec.dll - OK
C:\Windows\system32\msnetobj.dll - OK
C:\Windows\system32\MSNP.ax - OK
C:\Windows\system32\msobjs.dll - OK
C:\Windows\system32\msoeacct.dll - OK
C:\Windows\system32\msoert2.dll - OK
C:\Windows\system32\msonpmon.dll - OK
C:\Windows\system32\msorc32r.dll - OK
C:\Windows\system32\msorcl32.dll - OK
C:\Windows\system32\mspaint.exe - OK
C:\Windows\system32\mspatcha.dll - OK
C:\Windows\system32\mspbda.dll - OK
C:\Windows\system32\MsPbdaCoInst.dll - OK
C:\Windows\system32\mspbde40.dll - OK
C:\Windows\system32\msports.dll - OK
C:\Windows\system32\msprivs.dll - OK
C:\Windows\system32\msra.exe - OK
C:\Windows\system32\msrahc.dll - OK
C:\Windows\system32\MsraLegacy.tlb - OK
C:\Windows\system32\msrating.dll - OK
C:\Windows\system32\msrd2x40.dll - OK
C:\Windows\system32\msrd3x40.dll - OK
C:\Windows\system32\msrdc.dll - OK
C:\Windows\system32\MsRdpWebAccess.dll - OK
C:\Windows\system32\msrepl40.dll - OK
C:\Windows\system32\msrle32.dll - OK
C:\Windows\system32\msscntrs.dll - OK
C:\Windows\system32\msscp.dll - OK
C:\Windows\system32\msscript.ocx - OK
C:\Windows\system32\mssha.dll - OK
C:\Windows\system32\msshavmsg.dll - OK
C:\Windows\system32\msshooks.dll - OK
C:\Windows\system32\mssign32.dll - OK
C:\Windows\system32\mssip32.dll - OK
C:\Windows\system32\mssitlb.dll - OK
C:\Windows\system32\mssph.dll - OK
C:\Windows\system32\mssphtb.dll - OK
C:\Windows\system32\mssprxy.dll - OK
C:\Windows\system32\mssrch.dll - OK
C:\Windows\system32\MSSTDFMT.DLL - OK
C:\Windows\system32\mssvp.dll - OK
C:\Windows\system32\msswch.dll - OK
C:\Windows\system32\mstask.dll - OK
C:\Windows\system32\mstext40.dll - OK
C:\Windows\system32\mstsc.exe - OK
C:\Windows\system32\mstscax.dll - OK
C:\Windows\system32\msutb.dll - OK
C:\Windows\system32\msv1_0.dll - OK
C:\Windows\system32\msvbvm60.dll - OK
C:\Windows\system32\msvcirt.dll - OK
C:\Windows\system32\msvcp100.dll - OK
C:\Windows\system32\msvcp60.dll - OK
C:\Windows\system32\MSVCP71.DLL - OK
C:\Windows\system32\msvcr100.dll - OK
C:\Windows\system32\msvcr100_clr0400.dll - OK
C:\Windows\system32\MSVCR71.DLL - OK
C:\Windows\system32\msvcrt.dll - OK
C:\Windows\system32\msvcrt20.dll - OK
C:\Windows\system32\msvcrt40.dll - OK
C:\Windows\system32\msvfw32.dll - OK
C:\Windows\system32\msvidc32.dll - OK
C:\Windows\system32\MSVidCtl.dll - OK
C:\Windows\system32\msvideo.dll - OK
C:\Windows\system32\mswdat10.dll - OK
C:\Windows\system32\mswinsck.ocx - OK
C:\Windows\system32\mswmdm.dll - OK
C:\Windows\system32\mswsock.dll - OK
C:\Windows\system32\mswstr10.dll - OK
C:\Windows\system32\msxbde40.dll - OK
C:\Windows\system32\msxml3.dll - OK
C:\Windows\system32\msxml3r.dll - OK
C:\Windows\system32\msxml4.dll - OK
C:\Windows\system32\msxml4a.dll - OK
C:\Windows\system32\msxml4r.dll - OK
C:\Windows\system32\msxml6.dll - OK
C:\Windows\system32\msxml6r.dll - OK
C:\Windows\system32\msyuv.dll - OK
C:\Windows\system32\mtstocom.exe - OK
C:\Windows\system32\mtxclu.dll - OK
C:\Windows\system32\mtxdm.dll - OK
C:\Windows\system32\mtxex.dll - OK
C:\Windows\system32\mtxlegih.dll - OK
C:\Windows\system32\mtxoci.dll - OK
C:\Windows\system32\muifontsetup.dll - OK
C:\Windows\system32\MUILanguageCleanup.dll - OK
C:\Windows\system32\MuiUnattend.exe - OK
C:\Windows\system32\MultiDigiMon.exe - OK
C:\Windows\system32\mycomput.dll - OK
C:\Windows\system32\mydocs.dll - OK
C:\Windows\system32\Mystify.scr - OK
C:\Windows\system32\NAPCLCFG.MSC - OK
C:\Windows\system32\NAPCRYPT.DLL - OK
C:\Windows\system32\napdsnap.dll - OK
C:\Windows\system32\NAPHLPR.DLL - OK
C:\Windows\system32\NapiNSP.dll - OK
C:\Windows\system32\napipsec.dll - OK
C:\Windows\system32\NAPMONTR.DLL - OK
C:\Windows\system32\NAPSTAT.EXE - OK
C:\Windows\system32\Narrator.exe - OK
C:\Windows\system32\NativeHooks.dll - OK
C:\Windows\system32\NaturalLanguage6.dll - OK
C:\Windows\system32\nbtstat.exe - OK
C:\Windows\system32\NcdProp.dll - OK
C:\Windows\system32\nci.dll - OK
C:\Windows\system32\ncobjapi.dll - OK
C:\Windows\system32\ncpa.cpl - OK
C:\Windows\system32\ncrypt.dll - OK
C:\Windows\system32\ncryptui.dll - OK
C:\Windows\system32\ncsi.dll - OK
C:\Windows\system32\ndadmin.exe - OK
C:\Windows\system32\nddeapi.dll - OK
C:\Windows\system32\ndfapi.dll - OK
C:\Windows\system32\ndfetw.dll - OK
C:\Windows\system32\NdfEventView.xml - OK
C:\Windows\system32\ndfhcdiscovery.dll - OK
C:\Windows\system32\ndiscapCfg.dll - OK
C:\Windows\system32\ndishc.dll - OK
C:\Windows\system32\ndproxystub.dll - OK
C:\Windows\system32\ndptsp.tsp - OK
C:\Windows\system32\negoexts.dll - OK
C:\Windows\system32\net.exe - OK
C:\Windows\system32\net1.exe - OK
C:\Windows\system32\netapi.dll - OK
C:\Windows\system32\netapi32.dll - OK
C:\Windows\system32\netbios.dll - OK
C:\Windows\system32\netbtugc.exe - OK
C:\Windows\system32\netcenter.dll - OK
C:\Windows\system32\netcfg.exe - OK
C:\Windows\system32\netcfgx.dll - OK
C:\Windows\system32\netcorehc.dll - OK
C:\Windows\system32\netdiagfx.dll - OK
C:\Windows\system32\netevent.dll - OK
C:\Windows\system32\netfxperf.dll - OK
C:\Windows\system32\neth.dll - OK
C:\Windows\system32\netid.dll - OK
C:\Windows\system32\netiohlp.dll - OK
C:\Windows\system32\netiougc.exe - OK
C:\Windows\system32\netjoin.dll - OK
C:\Windows\system32\netlogon.dll - OK
C:\Windows\system32\netman.dll - OK
C:\Windows\system32\netmsg.dll - OK
C:\Windows\system32\netplwiz.dll - OK
C:\Windows\system32\Netplwiz.exe - OK
C:\Windows\system32\netprof.dll - OK
C:\Windows\system32\netprofm.dll - OK
C:\Windows\system32\netsh.exe - OK
C:\Windows\system32\netshell.dll - OK
C:\Windows\system32\NETSTAT.EXE - OK
C:\Windows\system32\nettrace.dll - OK
C:\Windows\system32\NetTrace.PLA.Diagnostics.xml - OK
C:\Windows\system32\netutils.dll - OK
C:\Windows\system32\networkexplorer.dll - OK
C:\Windows\system32\networkitemfactory.dll - OK
C:\Windows\system32\networkmap.dll - OK
C:\Windows\system32\newdev.dll - OK
C:\Windows\system32\newdev.exe - OK
C:\Windows\system32\nlaapi.dll - OK
C:\Windows\system32\nlahc.dll - OK
C:\Windows\system32\nlasvc.dll - OK
C:\Windows\system32\nlhtml.dll - OK
C:\Windows\system32\nlmgp.dll - OK
C:\Windows\system32\nlmsprep.dll - OK
C:\Windows\system32\nlsbres.dll - OK
C:\Windows\system32\NlsData0000.dll - OK
C:\Windows\system32\NlsData0001.dll - OK
C:\Windows\system32\NlsData0002.dll - OK
C:\Windows\system32\NlsData0003.dll - OK
C:\Windows\system32\NlsData0007.dll - OK
C:\Windows\system32\NlsData0009.dll - OK
C:\Windows\system32\NlsData000a.dll - OK
C:\Windows\system32\NlsData000c.dll - OK
C:\Windows\system32\NlsData000d.dll - OK
C:\Windows\system32\NlsData000f.dll - OK
C:\Windows\system32\NlsData0010.dll - OK
C:\Windows\system32\NlsData0011.dll - OK
C:\Windows\system32\NlsData0013.dll - OK
C:\Windows\system32\NlsData0018.dll - OK
C:\Windows\system32\NlsData0019.dll - OK
C:\Windows\system32\NlsData001a.dll - OK
C:\Windows\system32\NlsData001b.dll - OK
C:\Windows\system32\NlsData001d.dll - OK
C:\Windows\system32\NlsData0020.dll - OK
C:\Windows\system32\NlsData0021.dll - OK
C:\Windows\system32\NlsData0022.dll - OK
C:\Windows\system32\NlsData0024.dll - OK
C:\Windows\system32\NlsData0026.dll - OK
C:\Windows\system32\NlsData0027.dll - OK
C:\Windows\system32\NlsData002a.dll - OK
C:\Windows\system32\NlsData0039.dll - OK
C:\Windows\system32\NlsData003e.dll - OK
C:\Windows\system32\NlsData0045.dll - OK
C:\Windows\system32\NlsData0046.dll - OK
C:\Windows\system32\NlsData0047.dll - OK
C:\Windows\system32\NlsData0049.dll - OK
C:\Windows\system32\NlsData004a.dll - OK
C:\Windows\system32\NlsData004b.dll - OK
C:\Windows\system32\NlsData004c.dll - OK
C:\Windows\system32\NlsData004e.dll - OK
C:\Windows\system32\NlsData0414.dll - OK
C:\Windows\system32\NlsData0416.dll - OK
C:\Windows\system32\NlsData0816.dll - OK
C:\Windows\system32\NlsData081a.dll - OK
C:\Windows\system32\NlsData0c1a.dll - OK
C:\Windows\system32\Nlsdl.dll - OK
C:\Windows\system32\nlsfunc.exe packed by EXEPACK
>C:\Windows\system32\nlsfunc.exe - OK
C:\Windows\system32\NlsLexicons0001.dll - OK
C:\Windows\system32\NlsLexicons0002.dll - OK
C:\Windows\system32\NlsLexicons0003.dll - OK
C:\Windows\system32\NlsLexicons0007.dll - OK
C:\Windows\system32\NlsLexicons0009.dll - OK
C:\Windows\system32\NlsLexicons000a.dll - OK
C:\Windows\system32\NlsLexicons000c.dll - OK
C:\Windows\system32\NlsLexicons000d.dll - OK
C:\Windows\system32\NlsLexicons000f.dll - OK
C:\Windows\system32\NlsLexicons0010.dll - OK
C:\Windows\system32\NlsLexicons0011.dll - OK
C:\Windows\system32\NlsLexicons0013.dll - OK
C:\Windows\system32\NlsLexicons0018.dll - OK
C:\Windows\system32\NlsLexicons0019.dll - OK
C:\Windows\system32\NlsLexicons001a.dll - OK
C:\Windows\system32\NlsLexicons001b.dll - OK
C:\Windows\system32\NlsLexicons001d.dll - OK
C:\Windows\system32\NlsLexicons0020.dll - OK
C:\Windows\system32\NlsLexicons0021.dll - OK
C:\Windows\system32\NlsLexicons0022.dll - OK
C:\Windows\system32\NlsLexicons0024.dll - OK
C:\Windows\system32\NlsLexicons0026.dll - OK
C:\Windows\system32\NlsLexicons0027.dll - OK
C:\Windows\system32\NlsLexicons002a.dll - OK
C:\Windows\system32\NlsLexicons0039.dll - OK
C:\Windows\system32\NlsLexicons003e.dll - OK
C:\Windows\system32\NlsLexicons0045.dll - OK
C:\Windows\system32\NlsLexicons0046.dll - OK
C:\Windows\system32\NlsLexicons0047.dll - OK
C:\Windows\system32\NlsLexicons0049.dll - OK
C:\Windows\system32\NlsLexicons004a.dll - OK
C:\Windows\system32\NlsLexicons004b.dll - OK
C:\Windows\system32\NlsLexicons004c.dll - OK
C:\Windows\system32\NlsLexicons004e.dll - OK
C:\Windows\system32\NlsLexicons0414.dll - OK
C:\Windows\system32\NlsLexicons0416.dll - OK
C:\Windows\system32\NlsLexicons0816.dll - OK
C:\Windows\system32\NlsLexicons081a.dll - OK
C:\Windows\system32\NlsLexicons0c1a.dll - OK
C:\Windows\system32\NlsModels0011.dll - OK
C:\Windows\system32\nltest.exe - OK
C:\Windows\system32\NOISE.CHS - OK
C:\Windows\system32\NOISE.CHT - OK
C:\Windows\system32\NOISE.DAT - OK
C:\Windows\system32\noise.jpn - OK
C:\Windows\system32\noise.kor - OK
C:\Windows\system32\NOISE.THA - OK
C:\Windows\system32\normaliz.dll - OK
C:\Windows\system32\normidna.nls - OK
C:\Windows\system32\normnfc.nls - OK
C:\Windows\system32\normnfd.nls - OK
C:\Windows\system32\normnfkc.nls - OK
C:\Windows\system32\normnfkd.nls - OK
C:\Windows\system32\notepad.exe - OK
C:\Windows\system32\npmproxy.dll - OK
C:\Windows\system32\nrpsrv.dll - OK
C:\Windows\system32\nshhttp.dll - OK
C:\Windows\system32\nshipsec.dll - OK
C:\Windows\system32\nshwfp.dll - OK
C:\Windows\system32\nsi.dll packed by FLY-CODE
>C:\Windows\system32\nsi.dll - OK
C:\Windows\system32\nsisvc.dll - OK
C:\Windows\system32\nslookup.exe - OK
C:\Windows\system32\ntdll.dll - OK
C:\Windows\system32\NTDOS.SYS - OK
C:\Windows\system32\NTDOS404.SYS - OK
C:\Windows\system32\NTDOS411.SYS - OK
C:\Windows\system32\NTDOS412.SYS - OK
C:\Windows\system32\NTDOS804.SYS - OK
C:\Windows\system32\ntdsapi.dll - OK
C:\Windows\system32\NTIO.SYS - OK
C:\Windows\system32\NTIO404.SYS - OK
C:\Windows\system32\NTIO411.SYS - OK
C:\Windows\system32\NTIO412.SYS - OK
C:\Windows\system32\NTIO804.SYS - OK
C:\Windows\system32\ntkrnlpa.exe - OK
C:\Windows\system32\ntlanman.dll - OK
C:\Windows\system32\ntlanui2.dll - OK
C:\Windows\system32\ntmarta.dll - OK
C:\Windows\system32\ntoskrnl.exe - OK
C:\Windows\system32\ntprint.dll - OK
C:\Windows\system32\ntprint.exe - OK
C:\Windows\system32\ntshrui.dll - OK
C:\Windows\system32\ntvdm.exe - OK
C:\Windows\system32\ntvdmd.dll - OK
C:\Windows\system32\objsel.dll - OK
C:\Windows\system32\occache.dll - OK
C:\Windows\system32\ocsetapi.dll - OK
C:\Windows\system32\ocsetup.exe - OK
C:\Windows\system32\odbc16gt.dll - OK
C:\Windows\system32\odbc32.dll - OK
C:\Windows\system32\odbc32gt.dll - OK
C:\Windows\system32\odbcad32.exe - OK
C:\Windows\system32\odbcbcp.dll - OK
C:\Windows\system32\odbcconf.dll - OK
C:\Windows\system32\odbcconf.exe - OK
C:\Windows\system32\odbcconf.rsp - OK
C:\Windows\system32\odbccp32.dll - OK
C:\Windows\system32\odbccr32.dll - OK
C:\Windows\system32\odbccu32.dll - OK
C:\Windows\system32\odbcint.dll - OK
C:\Windows\system32\odbcji32.dll - OK
C:\Windows\system32\odbcjt32.dll - OK
C:\Windows\system32\odbctrac.dll - OK
C:\Windows\system32\oddbse32.dll - OK
C:\Windows\system32\odexl32.dll - OK
C:\Windows\system32\odfox32.dll - OK
C:\Windows\system32\odpdx32.dll - OK
C:\Windows\system32\odtext32.dll - OK
C:\Windows\system32\oemdspif.dll - OK
C:\Windows\system32\offfilt.dll - OK
C:\Windows\system32\oflc.rs packed by ZLIB
>C:\Windows\system32\oflc.rs - archive BINARYRES
>>C:\Windows\system32\oflc.rs/data001 - OK
>C:\Windows\system32\oflc.rs - OK
C:\Windows\system32\OGAAddin.dll - OK
C:\Windows\system32\OGACheckControl.dll - OK
C:\Windows\system32\OGAEXEC.exe - OK
C:\Windows\system32\ogldrv.dll - OK
C:\Windows\system32\ole2.dll - OK
C:\Windows\system32\ole2disp.dll - OK
C:\Windows\system32\ole2nls.dll - OK
C:\Windows\system32\ole32.dll - archive BINARYRES
>C:\Windows\system32\ole32.dll/data001 - OK
C:\Windows\system32\ole32.dll - OK
C:\Windows\system32\oleacc.dll - OK
C:\Windows\system32\oleacchooks.dll - OK
C:\Windows\system32\oleaccrc.dll - OK
C:\Windows\system32\oleaut32.dll - OK
C:\Windows\system32\olecli.dll - OK
C:\Windows\system32\olecli32.dll - OK
C:\Windows\system32\oledlg.dll - OK
C:\Windows\system32\oleprn.dll - OK
C:\Windows\system32\olepro32.dll - OK
C:\Windows\system32\oleres.dll - OK
C:\Windows\system32\OLESVR.DLL - OK
C:\Windows\system32\olesvr32.dll - OK
C:\Windows\system32\olethk32.dll - OK
C:\Windows\system32\onex.dll - OK
C:\Windows\system32\onexui.dll - OK
C:\Windows\system32\OnLineIDCpl.dll - OK
C:\Windows\system32\onlinesetup.cmd - OK
C:\Windows\system32\OobeFldr.dll - OK
C:\Windows\system32\OpcServices.dll - OK
C:\Windows\system32\openfiles.exe - OK
C:\Windows\system32\opengl32.dll - OK
C:\Windows\system32\OptionalFeatures.exe - OK
C:\Windows\system32\osbaseln.dll - OK
C:\Windows\system32\osk.exe - OK
C:\Windows\system32\osuninst.dll - OK
C:\Windows\system32\P2P.dll - OK
C:\Windows\system32\p2pcollab.dll - OK
C:\Windows\system32\P2PGraph.dll - OK
C:\Windows\system32\p2phost.exe - OK
C:\Windows\system32\p2pnetsh.dll - OK
C:\Windows\system32\p2psvc.dll - OK
C:\Windows\system32\packager.dll - OK
C:\Windows\system32\panmap.dll - OK
C:\Windows\system32\PATHPING.EXE - OK
C:\Windows\system32\pautoenr.dll - OK
C:\Windows\system32\pcadm.dll - OK
C:\Windows\system32\pcaevts.dll - OK
C:\Windows\system32\pcalua.exe - OK
C:\Windows\system32\pcasvc.dll - OK
C:\Windows\system32\pcaui.dll - OK
C:\Windows\system32\pcaui.exe - OK
C:\Windows\system32\pcawrk.exe - OK
C:\Windows\system32\pcl.sep - OK
C:\Windows\system32\pcwrun.exe - OK
C:\Windows\system32\pcwum.dll - OK
C:\Windows\system32\pcwutl.dll - OK
C:\Windows\system32\pdh.dll - OK
C:\Windows\system32\pdhui.dll - OK
C:\Windows\system32\PDMSetup.exe - OK
C:\Windows\system32\pegi-fi.rs packed by ZLIB
>C:\Windows\system32\pegi-fi.rs - archive BINARYRES
>>C:\Windows\system32\pegi-fi.rs/data001 - OK
>>C:\Windows\system32\pegi-fi.rs/data002 - OK
>>C:\Windows\system32\pegi-fi.rs/data003 - OK
>>C:\Windows\system32\pegi-fi.rs/data004 - OK
>>C:\Windows\system32\pegi-fi.rs/data005 - OK
>>C:\Windows\system32\pegi-fi.rs/data006 - OK
>C:\Windows\system32\pegi-fi.rs - OK
C:\Windows\system32\pegi-pt.rs packed by ZLIB
>C:\Windows\system32\pegi-pt.rs - archive BINARYRES
>>C:\Windows\system32\pegi-pt.rs/data001 - OK
>>C:\Windows\system32\pegi-pt.rs/data002 - OK
>>C:\Windows\system32\pegi-pt.rs/data003 - OK
>>C:\Windows\system32\pegi-pt.rs/data004 - OK
>>C:\Windows\system32\pegi-pt.rs/data005 - OK
>>C:\Windows\system32\pegi-pt.rs/data006 - OK
>C:\Windows\system32\pegi-pt.rs - OK
C:\Windows\system32\pegi.rs packed by ZLIB
>C:\Windows\system32\pegi.rs - archive BINARYRES
>>C:\Windows\system32\pegi.rs/data001 - OK
>C:\Windows\system32\pegi.rs - OK
C:\Windows\system32\pegibbfc.rs packed by ZLIB
>C:\Windows\system32\pegibbfc.rs - archive BINARYRES
>>C:\Windows\system32\pegibbfc.rs/data001 - OK
>>C:\Windows\system32\pegibbfc.rs/data002 - OK
>>C:\Windows\system32\pegibbfc.rs/data003 - OK
>>C:\Windows\system32\pegibbfc.rs/data004 - OK
>>C:\Windows\system32\pegibbfc.rs/data005 - OK
>>C:\Windows\system32\pegibbfc.rs/data006 - OK
>>C:\Windows\system32\pegibbfc.rs/data007 - OK
>C:\Windows\system32\pegibbfc.rs - OK
C:\Windows\system32\perfc009.dat - OK
C:\Windows\system32\PerfCenterCPL.dll - OK
C:\Windows\system32\PerfCenterCpl.ico - OK
C:\Windows\system32\perfctrs.dll - OK
C:\Windows\system32\perfd009.dat - OK
C:\Windows\system32\perfdisk.dll - OK
C:\Windows\system32\perfh009.dat - OK
C:\Windows\system32\perfi009.dat - OK
C:\Windows\system32\perfmon.exe - OK
C:\Windows\system32\perfmon.msc - OK
C:\Windows\system32\perfnet.dll - OK
C:\Windows\system32\perfos.dll - OK
C:\Windows\system32\perfproc.dll - OK
C:\Windows\system32\PerfStringBackup.INI - OK
C:\Windows\system32\perftrack.dll - OK
C:\Windows\system32\perfts.dll - OK
C:\Windows\system32\phon.ime - OK
C:\Windows\system32\PhotoMetadataHandler.dll - OK
C:\Windows\system32\PhotoScreensaver.scr packed by ZLIB
>C:\Windows\system32\PhotoScreensaver.scr - archive BINARYRES
>>C:\Windows\system32\PhotoScreensaver.scr/data001 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data002 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data003 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data004 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data005 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data006 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data007 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data008 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data009 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data010 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data011 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data012 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data013 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data014 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data015 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data016 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data017 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data018 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data019 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data020 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data021 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data022 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data023 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data024 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data025 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data026 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data027 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data028 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data029 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data030 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data031 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data032 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data033 - OK
>>C:\Windows\system32\PhotoScreensaver.scr/data034 - OK
>C:\Windows\system32\PhotoScreensaver.scr - OK
C:\Windows\system32\photowiz.dll - OK
C:\Windows\system32\pid.dll - OK
C:\Windows\system32\pidgenx.dll - OK
C:\Windows\system32\pifmgr.dll - OK
C:\Windows\system32\PING.EXE - OK
C:\Windows\system32\pintlgnt.ime - OK
C:\Windows\system32\PkgMgr.exe - OK
C:\Windows\system32\pku2u.dll - OK
C:\Windows\system32\pla.dll - OK
C:\Windows\system32\plasrv.exe - OK
C:\Windows\system32\PlaySndSrv.dll - OK
C:\Windows\system32\pmspl.dll - OK
C:\Windows\system32\pngfilt.dll - OK
C:\Windows\system32\pnidui.dll - OK
C:\Windows\system32\pnpsetup.dll - OK
C:\Windows\system32\pnpts.dll - OK
C:\Windows\system32\pnpui.dll - OK
C:\Windows\system32\PnPUnattend.exe - OK
C:\Windows\system32\PnPutil.exe - OK
C:\Windows\system32\PNPXAssoc.dll - OK
C:\Windows\system32\PNPXAssocPrx.dll - OK
C:\Windows\system32\pnrpauto.dll - OK
C:\Windows\system32\Pnrphc.dll - OK
C:\Windows\system32\pnrpnsp.dll - OK
C:\Windows\system32\pnrpsvc.dll - OK
C:\Windows\system32\polstore.dll - OK
C:\Windows\system32\poqexec.exe - OK
C:\Windows\system32\PortableDeviceApi.dll - OK
C:\Windows\system32\PortableDeviceClassExtension.dll - OK
C:\Windows\system32\PortableDeviceConnectApi.dll - OK
C:\Windows\system32\PortableDeviceStatus.dll - OK
C:\Windows\system32\PortableDeviceSyncProvider.dll - OK
C:\Windows\system32\PortableDeviceTypes.dll - OK
C:\Windows\system32\PortableDeviceWiaCompat.dll - OK
C:\Windows\system32\PortableDeviceWMDRM.dll - OK
C:\Windows\system32\pots.dll - OK
C:\Windows\system32\powercfg.cpl - OK
C:\Windows\system32\powercfg.exe - OK
C:\Windows\system32\powercpl.dll - OK
C:\Windows\system32\powrprof.dll - OK
C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll - OK
C:\Windows\system32\PresentationHost.exe - OK
C:\Windows\system32\PresentationHostProxy.dll - OK
C:\Windows\system32\PresentationNative_v0300.dll - OK
C:\Windows\system32\prevhost.exe - OK
C:\Windows\system32\prflbmsg.dll - OK
C:\Windows\system32\print.exe - OK
C:\Windows\system32\printfilterpipelineprxy.dll - OK
C:\Windows\system32\printfilterpipelinesvc.exe - OK
C:\Windows\system32\PrintIsolationHost.exe - OK
C:\Windows\system32\PrintIsolationProxy.dll - OK
C:\Windows\system32\printui.dll - OK
C:\Windows\system32\printui.exe - OK
C:\Windows\system32\prncache.dll - OK
C:\Windows\system32\prnfldr.dll - OK
C:\Windows\system32\prnntfy.dll - OK
C:\Windows\system32\prntvpt.dll - OK
C:\Windows\system32\procinst.dll - OK
C:\Windows\system32\profapi.dll - OK
C:\Windows\system32\profprov.dll - OK
C:\Windows\system32\profsvc.dll - OK
C:\Windows\system32\propsys.dll - OK
C:\Windows\system32\proquota.exe - OK
C:\Windows\system32\provsvc.dll - OK
C:\Windows\system32\provthrd.dll - OK
C:\Windows\system32\psapi.dll - OK
C:\Windows\system32\psbase.dll - OK
C:\Windows\system32\pscript.sep - OK
C:\Windows\system32\PSHED.DLL - OK
C:\Windows\system32\psisdecd.dll - OK
C:\Windows\system32\psisrndr.ax - OK
C:\Windows\system32\psr.exe - OK
C:\Windows\system32\pstorec.dll - OK
C:\Windows\system32\pstorsvc.dll - OK
C:\Windows\system32\puiapi.dll - OK
C:\Windows\system32\puiobj.dll - OK
C:\Windows\system32\pwrshplugin.dll - OK
C:\Windows\system32\QAGENT.DLL - OK
C:\Windows\system32\QAGENTRT.DLL - OK
C:\Windows\system32\qasf.dll - OK
C:\Windows\system32\qcap.dll - OK
C:\Windows\system32\QCLIPROV.DLL - OK
C:\Windows\system32\qdv.dll - OK
C:\Windows\system32\qdvd.dll - OK
C:\Windows\system32\qedit.dll - OK
C:\Windows\system32\qedwipes.dll - OK
C:\Windows\system32\qintlgnt.ime - OK
C:\Windows\system32\qmgr.dll - OK
C:\Windows\system32\qmgrprxy.dll - OK
C:\Windows\system32\QSHVHOST.DLL - OK
C:\Windows\system32\QSVRMGMT.DLL - OK
C:\Windows\system32\quartz.dll - OK
C:\Windows\system32\Query.dll - OK
C:\Windows\system32\quick.ime - OK
C:\Windows\system32\QUTIL.DLL - OK
C:\Windows\system32\qwave.dll - OK
C:\Windows\system32\RacEngn.dll - OK
C:\Windows\system32\racpldlg.dll packed by ZLIB
>C:\Windows\system32\racpldlg.dll - archive BINARYRES
>>C:\Windows\system32\racpldlg.dll/data001 - OK
>>C:\Windows\system32\racpldlg.dll/data002 - OK
>>C:\Windows\system32\racpldlg.dll/data003 - OK
>>C:\Windows\system32\racpldlg.dll/data004 - OK
>C:\Windows\system32\racpldlg.dll - OK
C:\Windows\system32\RacRules.xml - OK
C:\Windows\system32\radardt.dll - OK
C:\Windows\system32\radarrs.dll - OK
C:\Windows\system32\rasadhlp.dll - OK
C:\Windows\system32\rasapi32.dll - OK
C:\Windows\system32\rasauto.dll - OK
C:\Windows\system32\rasautou.exe - OK
C:\Windows\system32\rascfg.dll - OK
C:\Windows\system32\raschap.dll - OK
C:\Windows\system32\rasctrnm.h - OK
C:\Windows\system32\rasctrs.dll - OK
C:\Windows\system32\rasdiag.dll - OK
C:\Windows\system32\rasdial.exe - OK
C:\Windows\system32\rasdlg.dll - OK
C:\Windows\system32\raserver.exe - OK
C:\Windows\system32\rasgcw.dll - OK
C:\Windows\system32\rasman.dll - OK
C:\Windows\system32\rasmans.dll - OK
C:\Windows\system32\rasmbmgr.dll - OK
C:\Windows\system32\RASMM.dll - OK
C:\Windows\system32\rasmontr.dll - OK
C:\Windows\system32\rasmxs.dll - OK
C:\Windows\system32\rasphone.exe - OK
C:\Windows\system32\rasplap.dll - OK
C:\Windows\system32\rasppp.dll - OK
C:\Windows\system32\rasser.dll - OK
C:\Windows\system32\rastapi.dll - OK
C:\Windows\system32\rastls.dll - OK
C:\Windows\system32\rdpcfgex.dll - OK
C:\Windows\system32\rdpcore.dll - OK
C:\Windows\system32\rdpcorekmts.dll - OK
C:\Windows\system32\rdpd3d.dll - OK
C:\Windows\system32\rdpdd.dll - OK
C:\Windows\system32\RDPENCDD.dll packed by FLY-CODE
>C:\Windows\system32\RDPENCDD.dll - OK
C:\Windows\system32\rdpencom.dll - OK
C:\Windows\system32\RDPREFDD.dll packed by FLY-CODE
>C:\Windows\system32\RDPREFDD.dll - OK
C:\Windows\system32\rdprefdrvapi.dll - OK
C:\Windows\system32\rdpwsx.dll - OK
C:\Windows\system32\rdrleakdiag.exe - OK
C:\Windows\system32\ReAgent.dll - OK
C:\Windows\system32\ReAgentc.exe - OK
C:\Windows\system32\recdisc.exe - OK
C:\Windows\system32\recover.exe - OK
C:\Windows\system32\recovery.dll - OK
C:\Windows\system32\redir.exe - OK
C:\Windows\system32\reg.exe - OK
C:\Windows\system32\regapi.dll - OK
C:\Windows\system32\RegCtrl.dll - OK
C:\Windows\system32\regedt32.exe - OK
C:\Windows\system32\regidle.dll - OK
C:\Windows\system32\regini.exe - OK
C:\Windows\system32\RegisterIEPKEYs.exe - OK
C:\Windows\system32\regsvc.dll - OK
C:\Windows\system32\regsvr32.exe - OK
C:\Windows\system32\rekeywiz.exe - OK
C:\Windows\system32\relog.exe - OK
C:\Windows\system32\RelPost.exe - OK
C:\Windows\system32\remotepg.dll - OK
C:\Windows\system32\remotesp.tsp - OK
C:\Windows\system32\rendezvousSession.tlb - OK
C:\Windows\system32\repair-bde.exe - OK
C:\Windows\system32\replace.exe - OK
C:\Windows\system32\RESAMPLEDMO.DLL - OK
C:\Windows\system32\resmon.exe - OK
C:\Windows\system32\RestartManager.mof - OK
C:\Windows\system32\RestartManagerUninstall.mof - OK
C:\Windows\system32\resutils.dll - OK
C:\Windows\system32\rgb9rast.dll - OK
C:\Windows\system32\Ribbons.scr - OK
C:\Windows\system32\riched20.dll - OK
C:\Windows\system32\riched32.dll - OK
C:\Windows\system32\rixdicon.dll - OK
C:\Windows\system32\RMActivate.exe packed by FLY-CODE
>C:\Windows\system32\RMActivate.exe - OK
C:\Windows\system32\RMActivate_isv.exe packed by FLY-CODE
>C:\Windows\system32\RMActivate_isv.exe - OK
C:\Windows\system32\RMActivate_ssp.exe packed by FLY-CODE
>C:\Windows\system32\RMActivate_ssp.exe - OK
C:\Windows\system32\RMActivate_ssp_isv.exe packed by FLY-CODE
>C:\Windows\system32\RMActivate_ssp_isv.exe - OK
C:\Windows\system32\RmClient.exe - OK
C:\Windows\system32\rnr20.dll - OK
C:\Windows\system32\Robocopy.exe - OK
C:\Windows\system32\ROUTE.EXE - OK
C:\Windows\system32\ROXECDC6Inst.log - OK
C:\Windows\system32\RpcDiag.dll - OK
C:\Windows\system32\RpcEpMap.dll - OK
C:\Windows\system32\rpchttp.dll - OK
C:\Windows\system32\RPCNDFP.dll - OK
C:\Windows\system32\RpcNs4.dll - OK
C:\Windows\system32\rpcnsh.dll - OK
C:\Windows\system32\RpcPing.exe - OK
C:\Windows\system32\rpcrt4.dll - OK
C:\Windows\system32\RpcRtRemote.dll - OK
C:\Windows\system32\rpcss.dll - OK
C:\Windows\system32\rp_rules.dat - OK
C:\Windows\system32\rp_stats.dat - OK
C:\Windows\system32\rrinstaller.exe - OK
C:\Windows\system32\rsaenh.dll - OK
C:\Windows\system32\rshx32.dll - OK
C:\Windows\system32\RstrtMgr.dll - OK
C:\Windows\system32\rstrui.exe - OK
C:\Windows\system32\rtffilt.dll - OK
C:\Windows\system32\rtm.dll - OK
C:\Windows\system32\rtutils.dll - OK
C:\Windows\system32\runas.exe - OK
C:\Windows\system32\rundll32.exe - OK
C:\Windows\system32\RunLegacyCPLElevated.exe - OK
C:\Windows\system32\runonce.exe - OK
C:\Windows\system32\samcli.dll - OK
C:\Windows\system32\samlib.dll - OK
C:\Windows\system32\SampleRes.dll - OK
C:\Windows\system32\samsrv.dll - OK
C:\Windows\system32\sas.dll - OK
C:\Windows\system32\sbe.dll - OK
C:\Windows\system32\sbeio.dll - OK
C:\Windows\system32\sberes.dll - OK
C:\Windows\system32\sbunattend.exe - OK
C:\Windows\system32\sc.exe - OK
C:\Windows\system32\scansetting.dll - OK
C:\Windows\system32\SCardDlg.dll - OK
C:\Windows\system32\SCardSvr.dll - OK
C:\Windows\system32\scavenge.dll - OK
C:\Windows\system32\sccls.dll - OK
C:\Windows\system32\scecli.dll - OK
C:\Windows\system32\scesrv.dll - OK
C:\Windows\system32\scext.dll - OK
C:\Windows\system32\schannel.dll - OK
C:\Windows\system32\schedcli.dll - OK
C:\Windows\system32\schedsvc.dll - OK
C:\Windows\system32\schtasks.exe - OK
C:\Windows\system32\scksp.dll - OK
C:\Windows\system32\SCP32.DLL packed by FLY-CODE
>C:\Windows\system32\SCP32.DLL - OK
C:\Windows\system32\scripto.dll - archive BINARYRES
>C:\Windows\system32\scripto.dll/data001 - OK
C:\Windows\system32\scripto.dll - OK
C:\Windows\system32\scrnsave.scr - OK
C:\Windows\system32\scrobj.dll - OK
C:\Windows\system32\scrrun.dll - OK
C:\Windows\system32\sdautoplay.dll - OK
C:\Windows\system32\sdbinst.exe - OK
C:\Windows\system32\sdchange.exe - OK
C:\Windows\system32\sdclt.exe - OK
C:\Windows\system32\sdcpl.dll - OK
C:\Windows\system32\sdengin2.dll - OK
C:\Windows\system32\sdhcinst.dll - OK
C:\Windows\system32\sdiageng.dll - OK
C:\Windows\system32\sdiagnhost.exe - OK
C:\Windows\system32\sdiagprv.dll - OK
C:\Windows\system32\sdiagschd.dll - OK
C:\Windows\system32\sdohlp.dll - OK
C:\Windows\system32\sdrsvc.dll - OK
C:\Windows\system32\sdshext.dll - OK
C:\Windows\system32\SearchFilterHost.exe - OK
C:\Windows\system32\SearchFolder.dll - OK
C:\Windows\system32\SearchIndexer.exe - OK
C:\Windows\system32\SearchProtocolHost.exe - OK
C:\Windows\system32\SecEdit.exe - OK
C:\Windows\system32\sechost.dll - OK
C:\Windows\system32\secinit.exe - OK
C:\Windows\system32\seclogon.dll - OK
C:\Windows\system32\secproc.dll - OK
C:\Windows\system32\secproc_isv.dll - OK
C:\Windows\system32\secproc_ssp.dll - OK
C:\Windows\system32\secproc_ssp_isv.dll - OK
C:\Windows\system32\secur32.dll - OK
C:\Windows\system32\security.dll - OK
C:\Windows\system32\sendmail.dll - OK
C:\Windows\system32\Sens.dll - OK
C:\Windows\system32\SensApi.dll - OK
C:\Windows\system32\SensorsApi.dll - OK
C:\Windows\system32\SensorsClassExtension.dll - OK
C:\Windows\system32\SensorsCpl.dll - OK
C:\Windows\system32\sensrsvc.dll - OK
C:\Windows\system32\serialui.dll - OK
C:\Windows\system32\services.exe - OK
C:\Windows\system32\services.msc - OK
C:\Windows\system32\serwvdrv.dll - OK
C:\Windows\system32\SessEnv.dll - OK
C:\Windows\system32\setbcdlocale.dll - OK
C:\Windows\system32\SetDepNx.exe - OK
C:\Windows\system32\sethc.exe - OK
C:\Windows\system32\SetIEInstalledDate.exe - OK
C:\Windows\system32\setspn.exe - OK
C:\Windows\system32\setupapi.dll - OK
C:\Windows\system32\setupcl.exe - OK
C:\Windows\system32\setupcln.dll - OK
C:\Windows\system32\setupetw.dll - OK
C:\Windows\system32\setupSNK.exe - OK
C:\Windows\system32\setupugc.exe - OK
C:\Windows\system32\setver.exe - OK
C:\Windows\system32\setx.exe - OK
C:\Windows\system32\sfc.dll - OK
C:\Windows\system32\sfc.exe - OK
C:\Windows\system32\sfc_os.dll - OK
C:\Windows\system32\shacct.dll - OK
C:\Windows\system32\share.exe packed by EXEPACK
>C:\Windows\system32\share.exe packed by COM2EXE
>>C:\Windows\system32\share.exe - OK
C:\Windows\system32\sharemediacpl.dll - OK
C:\Windows\system32\shdocvw.dll - OK
C:\Windows\system32\SHELL.DLL - OK
C:\Windows\system32\shell32.dll - OK
C:\Windows\system32\shellstyle.dll - OK
C:\Windows\system32\shfolder.dll - OK
C:\Windows\system32\shgina.dll - OK
C:\Windows\system32\ShiftJIS.uce - OK
C:\Windows\system32\shimeng.dll - OK
C:\Windows\system32\shimgvw.dll - OK
C:\Windows\system32\shlwapi.dll - OK
C:\Windows\system32\shpafact.dll - OK
C:\Windows\system32\shrpubw.exe - OK
C:\Windows\system32\shsetup.dll - OK
C:\Windows\system32\shsvcs.dll - OK
C:\Windows\system32\shunimpl.dll - OK
C:\Windows\system32\shutdown.exe - OK
C:\Windows\system32\shwebsvc.dll - OK
C:\Windows\system32\signdrv.dll - OK
C:\Windows\system32\sigverif.exe - OK
C:\Windows\system32\simpdata.tlb - OK
C:\Windows\system32\sirenacm.dll - OK
C:\Windows\system32\sisbkup.dll - OK
C:\Windows\system32\slc.dll - OK
C:\Windows\system32\slcext.dll - OK
C:\Windows\system32\slmgr.vbs - OK
C:\Windows\system32\slui.exe - OK
C:\Windows\system32\slwga.dll - OK
C:\Windows\system32\SmartcardCredentialProvider.dll - OK
C:\Windows\system32\SMBHelperClass.dll - OK
C:\Windows\system32\SmiEngine.dll - OK
C:\Windows\system32\smss.exe - OK
C:\Windows\system32\SndVol.exe - OK
C:\Windows\system32\SndVolSSO.dll - OK
C:\Windows\system32\SnippingTool.exe - OK
C:\Windows\system32\snmpapi.dll - OK
C:\Windows\system32\snmptrap.exe - OK
C:\Windows\system32\SNTSearch.dll - OK
C:\Windows\system32\snymsico.dll - OK
C:\Windows\system32\softkbd.dll - OK
C:\Windows\system32\softpub.dll - OK
C:\Windows\system32\sort.exe - OK
C:\Windows\system32\SortServer2003Compat.dll - OK
C:\Windows\system32\SortWindows6Compat.dll - OK
C:\Windows\system32\sound.drv - OK
C:\Windows\system32\SoundRecorder.exe - OK
C:\Windows\system32\spbcd.dll - OK
C:\Windows\system32\spcinstrumentation.man - OK
C:\Windows\system32\spcmsg.dll - OK
C:\Windows\system32\sperror.dll - OK
C:\Windows\system32\spfileq.dll packed by BINARYRES
>C:\Windows\system32\spfileq.dll packed by MS COMPRESS
>>C:\Windows\system32\spfileq.dll - OK
C:\Windows\system32\SPInf.dll - OK
C:\Windows\system32\spinstall.exe - OK
C:\Windows\system32\spnet.dll - OK
C:\Windows\system32\spoolss.dll - OK
C:\Windows\system32\spoolsv.exe - OK
C:\Windows\system32\spopk.dll - OK
C:\Windows\system32\spp.dll - OK
C:\Windows\system32\sppc.dll - OK
C:\Windows\system32\sppcc.dll - OK
C:\Windows\system32\sppcext.dll - OK
C:\Windows\system32\sppcomapi.dll - OK
C:\Windows\system32\sppcommdlg.dll - OK
C:\Windows\system32\sppinst.dll - OK
C:\Windows\system32\sppnp.dll - OK
C:\Windows\system32\sppobjs.dll packed by FLY-CODE
>C:\Windows\system32\sppobjs.dll - OK
C:\Windows\system32\sppsvc.exe packed by FLY-CODE
>C:\Windows\system32\sppsvc.exe - OK
C:\Windows\system32\sppuinotify.dll - OK
C:\Windows\system32\sppwinob.dll packed by FLY-CODE
>C:\Windows\system32\sppwinob.dll - OK
C:\Windows\system32\sppwmi.dll - OK
C:\Windows\system32\spreview.exe - OK
C:\Windows\system32\spwinsat.dll - OK
C:\Windows\system32\spwizeng.dll - OK
C:\Windows\system32\spwizimg.dll - OK
C:\Windows\system32\spwizres.dll - OK
C:\Windows\system32\spwizui.dll - OK
C:\Windows\system32\spwmp.dll - OK
C:\Windows\system32\sqlceoledb30.dll - OK
C:\Windows\system32\sqlceqp30.dll - OK
C:\Windows\system32\sqlcese30.dll - OK
C:\Windows\system32\sqlsrv32.dll - OK
C:\Windows\system32\sqlsrv32.rll - OK
C:\Windows\system32\sqlunirl.dll - OK
C:\Windows\system32\sqlwid.dll - OK
C:\Windows\system32\sqlwoa.dll - OK
C:\Windows\system32\sqmapi.dll - OK
C:\Windows\system32\srchadmin.dll - OK
C:\Windows\system32\SrchSTS.exe packed by UPX
>C:\Windows\system32\SrchSTS.exe - OK
C:\Windows\system32\srclient.dll - OK
C:\Windows\system32\srcore.dll - OK
C:\Windows\system32\srdelayed.exe - OK
C:\Windows\system32\srhelper.dll - OK
C:\Windows\system32\srrstr.dll - OK
C:\Windows\system32\srvcli.dll - OK
C:\Windows\system32\srvsvc.dll - OK
C:\Windows\system32\srwmi.dll - OK
C:\Windows\system32\sscore.dll - OK
C:\Windows\system32\ssdpapi.dll - OK
C:\Windows\system32\ssdpsrv.dll - OK
C:\Windows\system32\sspicli.dll - OK
C:\Windows\system32\sspisrv.dll - OK
C:\Windows\system32\SSShim.dll - OK
C:\Windows\system32\ssText3d.scr - OK
C:\Windows\system32\sstpsvc.dll - OK
C:\Windows\system32\stacgui.cpl - OK
C:\Windows\system32\staco.dll - OK
C:\Windows\system32\stacsv.exe - OK
C:\Windows\system32\stapi32.dll - OK
C:\Windows\system32\stapo.dll - OK
C:\Windows\system32\stclient.dll - OK
C:\Windows\system32\stcplx.dll - OK
C:\Windows\system32\stdole2.tlb - OK
C:\Windows\system32\stdole32.tlb - OK
C:\Windows\system32\sti.dll - OK
C:\Windows\system32\StikyNot.exe - OK
C:\Windows\system32\sti_ci.dll - OK
C:\Windows\system32\stlang.dll - OK
C:\Windows\system32\stobject.dll - OK
C:\Windows\system32\storage.dll - OK
C:\Windows\system32\StorageContextHandler.dll - OK
C:\Windows\system32\Storprop.dll - OK
C:\Windows\system32\streamci.dll - OK
C:\Windows\system32\StructuredQuery.dll - OK
C:\Windows\system32\SubRange.uce - OK
C:\Windows\system32\subst.exe - OK
C:\Windows\system32\sud.dll - OK
C:\Windows\system32\svchost.exe - OK
C:\Windows\system32\swprv.dll - OK
C:\Windows\system32\swreg.exe packed by UPX
>C:\Windows\system32\swreg.exe - OK
C:\Windows\system32\swsc.exe packed by UPX
>C:\Windows\system32\swsc.exe - OK
C:\Windows\system32\swxcacls.exe packed by UPX
>C:\Windows\system32\swxcacls.exe - OK
C:\Windows\system32\sxproxy.dll - OK
C:\Windows\system32\sxs.dll - OK
C:\Windows\system32\sxshared.dll - OK
C:\Windows\system32\sxssrv.dll - OK
C:\Windows\system32\sxsstore.dll - OK
C:\Windows\system32\sxstrace.exe - OK
C:\Windows\system32\SymVPN.dll - OK
C:\Windows\system32\SyncCenter.dll - OK
C:\Windows\system32\synceng.dll - OK
C:\Windows\system32\SyncHost.exe - OK
C:\Windows\system32\SyncHostps.dll - OK
C:\Windows\system32\SyncInfrastructure.dll - OK
C:\Windows\system32\SyncInfrastructureps.dll - OK
C:\Windows\system32\SynCOM.dll - OK
C:\Windows\system32\Syncreg.dll - OK
C:\Windows\system32\SynCtrl.dll - OK
C:\Windows\system32\syncui.dll - OK
C:\Windows\system32\SynTPAPI.dll - OK
C:\Windows\system32\SynTPCo4.dll - OK
C:\Windows\system32\sysclass.dll - OK
C:\Windows\system32\sysdm.cpl - OK
C:\Windows\system32\sysedit.exe - OK
C:\Windows\system32\SysFxUI.dll - OK
C:\Windows\system32\syskey.exe - OK
C:\Windows\system32\sysmain.dll - OK
C:\Windows\system32\sysmon.ocx - OK
C:\Windows\system32\sysntfy.dll - OK
C:\Windows\system32\sysprepMCE.dll - OK
C:\Windows\system32\sysprint.sep - OK
C:\Windows\system32\sysprtj.sep - OK
C:\Windows\system32\syssetup.dll - OK
C:\Windows\system32\system.drv - OK
C:\Windows\system32\systemcpl.dll - OK
C:\Windows\system32\systeminfo.exe - OK
C:\Windows\system32\SystemPropertiesAdvanced.exe - OK
C:\Windows\system32\SystemPropertiesComputerName.exe - OK
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe - OK
C:\Windows\system32\SystemPropertiesHardware.exe - OK
C:\Windows\system32\SystemPropertiesPerformance.exe - OK
C:\Windows\system32\SystemPropertiesProtection.exe - OK
C:\Windows\system32\SystemPropertiesRemote.exe - OK
C:\Windows\system32\systemsf.ebd - OK
C:\Windows\system32\systray.exe - OK
C:\Windows\system32\t2embed.dll - OK
C:\Windows\system32\Tabbtn.dll - OK
C:\Windows\system32\TabbtnEx.dll - OK
C:\Windows\system32\tabcal.exe - OK
C:\Windows\system32\TabletPC.cpl - OK
C:\Windows\system32\TabSvc.dll - OK
C:\Windows\system32\takeown.exe - OK
C:\Windows\system32\tapi.dll - OK
C:\Windows\system32\tapi3.dll - OK
C:\Windows\system32\tapi32.dll - OK
C:\Windows\system32\tapilua.dll - OK
C:\Windows\system32\TapiMigPlugin.dll - OK
C:\Windows\system32\tapiperf.dll - OK
C:\Windows\system32\tapisrv.dll - OK
C:\Windows\system32\TapiSysprep.dll - OK
C:\Windows\system32\tapiui.dll - OK
C:\Windows\system32\TapiUnattend.exe - OK
C:\Windows\system32\taskbarcpl.dll - OK
C:\Windows\system32\taskcomp.dll - OK
C:\Windows\system32\taskeng.exe - OK
C:\Windows\system32\taskhost.exe - OK
C:\Windows\system32\taskkill.exe - OK
C:\Windows\system32\tasklist.exe - OK
C:\Windows\system32\taskmgr.exe - OK
C:\Windows\system32\taskschd.dll - OK
C:\Windows\system32\taskschd.msc - OK
C:\Windows\system32\TaskSchdPS.dll - OK
C:\Windows\system32\tbs.dll - OK
C:\Windows\system32\tbssvc.dll - OK
C:\Windows\system32\tcmsetup.exe - OK
C:\Windows\system32\tcpbidi.xml - OK
C:\Windows\system32\tcpipcfg.dll - OK
C:\Windows\system32\tcpmib.dll - OK
C:\Windows\system32\tcpmon.dll - OK
C:\Windows\system32\tcpmon.ini - OK
C:\Windows\system32\tcpmonui.dll - OK
C:\Windows\system32\TCPSVCS.EXE - OK
C:\Windows\system32\tdc.ocx - OK
C:\Windows\system32\tdh.dll - OK
C:\Windows\system32\telephon.cpl - OK
C:\Windows\system32\termmgr.dll - OK
C:\Windows\system32\termsrv.dll - OK
C:\Windows\system32\thawbrkr.dll - OK
C:\Windows\system32\themecpl.dll - OK
C:\Windows\system32\themeservice.dll - OK
C:\Windows\system32\themeui.dll - OK
C:\Windows\system32\thumbcache.dll - OK
C:\Windows\system32\ticrf.rat - OK
C:\Windows\system32\timedate.cpl packed by ZLIB
>C:\Windows\system32\timedate.cpl - archive BINARYRES
>>C:\Windows\system32\timedate.cpl/data001 - OK
>>C:\Windows\system32\timedate.cpl/data002 - OK
>>C:\Windows\system32\timedate.cpl/data003 - OK
>>C:\Windows\system32\timedate.cpl/data004 - OK
>>C:\Windows\system32\timedate.cpl/data005 - OK
>>C:\Windows\system32\timedate.cpl/data006 - OK
>C:\Windows\system32\timedate.cpl - OK
C:\Windows\system32\TimeDateMUICallback.dll - OK
C:\Windows\system32\timeout.exe - OK
C:\Windows\system32\TIMER.DRV - OK
C:\Windows\system32\tintlgnt.ime - OK
C:\Windows\system32\tlscsp.dll - OK
C:\Windows\system32\tmp.reg - OK
C:\Windows\system32\tmp.txt - OK
C:\Windows\system32\TOOLHELP.DLL - OK
C:\Windows\system32\tpm.msc - OK
C:\Windows\system32\tpmcompc.dll - OK
C:\Windows\system32\TpmInit.exe - OK
C:\Windows\system32\tquery.dll - OK
C:\Windows\system32\tracerpt.exe - OK
C:\Windows\system32\TRACERT.EXE packed by FLY-CODE
>C:\Windows\system32\TRACERT.EXE - OK
C:\Windows\system32\traffic.dll - OK
C:\Windows\system32\TRAPI.dll - OK
C:\Windows\system32\tree.com - OK
C:\Windows\system32\trkwks.dll - OK
C:\Windows\system32\tsbyuv.dll - OK
C:\Windows\system32\TSChannel.dll - OK
C:\Windows\system32\tsddd.dll - OK
C:\Windows\system32\tsgqec.dll - OK
C:\Windows\system32\tsmf.dll - OK
C:\Windows\system32\TSpkg.dll - OK
C:\Windows\system32\TSTheme.exe - OK
C:\Windows\system32\TSWbPrxy.exe - OK
C:\Windows\system32\TSWorkspace.dll - OK
C:\Windows\system32\TsWpfWrp.exe - OK
C:\Windows\system32\tvratings.dll - OK
C:\Windows\system32\TVWizudlg.exe - OK
C:\Windows\system32\TVWSetup.exe - archive CAB
C:\Windows\system32\twext.dll - OK
C:\Windows\system32\txflog.dll - OK
C:\Windows\system32\txfw32.dll - OK
C:\Windows\system32\typelib.dll - OK
C:\Windows\system32\typeperf.exe - OK
C:\Windows\system32\tzres.dll - OK
C:\Windows\system32\tzutil.exe - OK
C:\Windows\system32\ubpm.dll - OK
C:\Windows\system32\Uci32114.dll - OK
C:\Windows\system32\ucmhc.dll - OK
C:\Windows\system32\ucsvc.exe - OK
C:\Windows\system32\udhisapi.dll - OK
C:\Windows\system32\uDWM.dll - OK
C:\Windows\system32\uexfat.dll - OK
C:\Windows\system32\ufat.dll - OK
C:\Windows\system32\UI0Detect.exe - OK
C:\Windows\system32\UIAnimation.dll - OK
C:\Windows\system32\UIAutomationCore.dll - OK
C:\Windows\system32\uicom.dll - OK
C:\Windows\system32\UIHub.dll - OK
C:\Windows\system32\UIRibbon.dll - OK
C:\Windows\system32\UIRibbonRes.dll - OK
C:\Windows\system32\ulib.dll - OK
C:\Windows\system32\umb.dll - OK
C:\Windows\system32\umdmxfrm.dll - OK
C:\Windows\system32\umpnpmgr.dll - OK
C:\Windows\system32\umpo.dll - OK
C:\Windows\system32\umstartup.etl - OK
C:\Windows\system32\umstartup000.etl - OK
C:\Windows\system32\unattend.dll - OK
C:\Windows\system32\unimdm.tsp - OK
C:\Windows\system32\unimdmat.dll - OK
C:\Windows\system32\uniplat.dll - OK
C:\Windows\system32\unlodctr.exe - OK
C:\Windows\system32\unregmp2.exe - OK
C:\Windows\system32\untfs.dll - OK
C:\Windows\system32\upnp.dll - OK
C:\Windows\system32\upnpcont.exe - OK
C:\Windows\system32\upnphost.dll - OK
C:\Windows\system32\ureg.dll - OK
C:\Windows\system32\url.dll - OK
C:\Windows\system32\urlmon.dll - OK
C:\Windows\system32\usbceip.dll - OK
C:\Windows\system32\usbmon.dll - OK
C:\Windows\system32\usbperf.dll - OK
C:\Windows\system32\usbui.dll - OK
C:\Windows\system32\USER.EXE - OK
C:\Windows\system32\user32.dll - OK
C:\Windows\system32\UserAccountControlSettings.dll - OK
C:\Windows\system32\UserAccountControlSettings.exe - OK
C:\Windows\system32\usercpl.dll - OK
C:\Windows\system32\userenv.dll - OK
C:\Windows\system32\userinit.exe - OK
C:\Windows\system32\usk.rs packed by ZLIB
>C:\Windows\system32\usk.rs - archive BINARYRES
>>C:\Windows\system32\usk.rs/data001 - OK
>C:\Windows\system32\usk.rs - OK
C:\Windows\system32\usp10.dll - OK
C:\Windows\system32\utildll.dll - OK
C:\Windows\system32\Utilman.exe - OK
C:\Windows\system32\uudf.dll - OK
C:\Windows\system32\UXInit.dll - OK
C:\Windows\system32\uxlib.dll - OK
C:\Windows\system32\uxlibres.dll - OK
C:\Windows\system32\uxsms.dll - OK
C:\Windows\system32\uxtheme.dll - OK
C:\Windows\system32\v7vga.rom - OK
C:\Windows\system32\VAN.dll - OK
C:\Windows\system32\Vault.dll - OK
C:\Windows\system32\vaultcli.dll - OK
C:\Windows\system32\VaultCmd.exe - OK
C:\Windows\system32\VaultCredProvider.dll - OK
C:\Windows\system32\vaultsvc.dll - OK
C:\Windows\system32\VaultSysUi.exe - OK
C:\Windows\system32\VBAEN32.OLB - OK
C:\Windows\system32\VBAEND32.OLB - OK
C:\Windows\system32\vbajet32.dll - OK
C:\Windows\system32\VBAME.DLL - OK
C:\Windows\system32\VBICodec.ax - OK
C:\Windows\system32\vbisurf.ax - OK
C:\Windows\system32\vbscript.dll - OK
C:\Windows\system32\VCCLSID.exe packed by UPX
>C:\Windows\system32\VCCLSID.exe - OK
C:\Windows\system32\vcredist_x86.bat - OK
C:\Windows\system32\vcredist_x86.exe - archive CAB
C:\Windows\system32\vdmdbg.dll - OK
C:\Windows\system32\vdmredir.dll - OK
C:\Windows\system32\vds.exe - OK
C:\Windows\system32\vdsbas.dll - OK
C:\Windows\system32\vdsdyn.dll - OK
C:\Windows\system32\vdsldr.exe - OK
C:\Windows\system32\vdsutil.dll - OK
C:\Windows\system32\vdsvd.dll - OK
C:\Windows\system32\vds_ps.dll - OK
C:\Windows\system32\VEN2232.OLB - OK
C:\Windows\system32\ver.dll - OK
C:\Windows\system32\verclsid.exe - OK
C:\Windows\system32\verifier.dll - OK
C:\Windows\system32\verifier.exe - OK
C:\Windows\system32\version.dll - OK
C:\Windows\system32\vfpodbc.dll - OK
C:\Windows\system32\vfwwdm32.dll - OK
C:\Windows\system32\vga.dll packed by FLY-CODE
>C:\Windows\system32\vga.dll - OK
C:\Windows\system32\vga.drv - OK
C:\Windows\system32\vga256.dll - OK
C:\Windows\system32\vga64k.dll - OK
C:\Windows\system32\vidcap.ax - OK
C:\Windows\system32\VIDRESZR.DLL - OK
C:\Windows\system32\virtdisk.dll - OK
C:\Windows\system32\vpnike.dll - OK
C:\Windows\system32\vpnikeapi.dll - OK
C:\Windows\system32\vssadmin.exe - OK
C:\Windows\system32\vssapi.dll - OK
C:\Windows\system32\vsstrace.dll - OK
C:\Windows\system32\VSSVC.exe - OK
C:\Windows\system32\vss_ps.dll - OK
C:\Windows\system32\w32time.dll - OK
C:\Windows\system32\w32tm.exe - OK
C:\Windows\system32\w32topl.dll - OK
C:\Windows\system32\WABSyncProvider.dll - OK
C:\Windows\system32\waitfor.exe - OK
C:\Windows\system32\WavDest.dll - OK
C:\Windows\system32\wavemsp.dll - OK
C:\Windows\system32\wbadmin.exe - OK
C:\Windows\system32\wbemcomn.dll - OK
C:\Windows\system32\wbengine.exe - OK
C:\Windows\system32\wbiosrvc.dll - OK
C:\Windows\system32\WcnApi.dll - OK
C:\Windows\system32\wcncsvc.dll - OK
C:\Windows\system32\WcnEapAuthProxy.dll - OK
C:\Windows\system32\WcnEapPeerProxy.dll - OK
C:\Windows\system32\WcnNetsh.dll - OK
C:\Windows\system32\wcnwiz.dll - OK
C:\Windows\system32\wcnwiz2.dll - OK
C:\Windows\system32\WcsPlugInService.dll - OK
C:\Windows\system32\wdc.dll - OK
C:\Windows\system32\WdfCoInstaller01000.dll - archive CAB
C:\Windows\system32\WdfCoInstaller01005.dll packed by PESTUB
>C:\Windows\system32\WdfCoInstaller01005.dll - archive CAB
C:\Windows\system32\wdi.dll - OK
C:\Windows\system32\wdiasqmmodule.dll - OK
C:\Windows\system32\wdigest.dll - OK
C:\Windows\system32\wdmaud.drv - OK
C:\Windows\system32\wdscore.dll - OK
C:\Windows\system32\WdsUnattendTemplate.xml - OK
C:\Windows\system32\WEB.rs - OK
C:\Windows\system32\webcheck.dll - OK
C:\Windows\system32\WebClnt.dll - OK
C:\Windows\system32\webio.dll - OK
C:\Windows\system32\webservices.dll - OK
C:\Windows\system32\wecapi.dll - OK
C:\Windows\system32\wecsvc.dll - OK
C:\Windows\system32\wecutil.exe - OK
C:\Windows\system32\wer.dll - OK
C:\Windows\system32\werconcpl.dll - OK
C:\Windows\system32\wercplsupport.dll - OK
C:\Windows\system32\werdiagcontroller.dll - OK
C:\Windows\system32\WerFault.exe - OK
C:\Windows\system32\WerFaultSecure.exe - OK
C:\Windows\system32\wermgr.exe - OK
C:\Windows\system32\wersvc.dll - OK
C:\Windows\system32\werui.dll - OK
C:\Windows\system32\wevtapi.dll - OK
C:\Windows\system32\wevtfwd.dll - OK
C:\Windows\system32\wevtsvc.dll - OK
C:\Windows\system32\wevtutil.exe - OK
C:\Windows\system32\wextract.exe packed by FLY-CODE
>C:\Windows\system32\wextract.exe - OK
C:\Windows\system32\WF.msc - OK
C:\Windows\system32\wfapigp.dll - OK
C:\Windows\system32\WfHC.dll - OK
C:\Windows\system32\WFS.exe - OK
C:\Windows\system32\WFSR.dll - OK
C:\Windows\system32\WFWNET.DRV - OK
C:\Windows\system32\whealogr.dll - OK
C:\Windows\system32\where.exe - OK
C:\Windows\system32\whhelper.dll - OK
C:\Windows\system32\whoami.exe - OK
C:\Windows\system32\wiaacmgr.exe - OK
C:\Windows\system32\wiaaut.dll - OK
C:\Windows\system32\wiadefui.dll - OK
C:\Windows\system32\wiadss.dll - OK
C:\Windows\system32\wiarpc.dll - OK
C:\Windows\system32\wiascanprofiles.dll - OK
C:\Windows\system32\wiaservc.dll - OK
C:\Windows\system32\wiashext.dll - OK
C:\Windows\system32\wiatrace.dll - OK
C:\Windows\system32\wiavideo.dll - OK
C:\Windows\system32\WIFEMAN.DLL - OK
C:\Windows\system32\wimgapi.dll - OK
C:\Windows\system32\wimserv.exe - OK
C:\Windows\system32\win.com - OK
C:\Windows\system32\win32k.sys - OK
C:\Windows\system32\win32spl.dll - OK
C:\Windows\system32\win87em.dll - OK
C:\Windows\system32\winbio.dll - OK
C:\Windows\system32\winbrand.dll - OK
C:\Windows\system32\wincredprovider.dll - OK
C:\Windows\system32\WindowsAnytimeUpgrade.exe - OK
C:\Windows\system32\WindowsAnytimeUpgradeResults.exe - OK
C:\Windows\system32\WindowsAnytimeUpgradeui.exe - OK
C:\Windows\system32\WindowsCodecs.dll - OK
C:\Windows\system32\WindowsCodecsExt.dll - OK
C:\Windows\system32\winethc.dll - OK
C:\Windows\system32\WinFax.dll - OK
C:\Windows\system32\winhttp.dll - OK
C:\Windows\system32\wininet.dll - OK
C:\Windows\system32\wininit.exe - OK
C:\Windows\system32\winipsec.dll - OK
C:\Windows\system32\winload.exe packed by FLY-CODE
>C:\Windows\system32\winload.exe - OK
C:\Windows\system32\winlogon.exe - OK
C:\Windows\system32\winmm.dll - OK
C:\Windows\system32\WINNLS.DLL - OK
C:\Windows\system32\winnsi.dll - OK
C:\Windows\system32\WINOLDAP.MOD - OK
C:\Windows\system32\winresume.exe packed by FLY-CODE
>C:\Windows\system32\winresume.exe - OK
C:\Windows\system32\winrm.cmd - OK
C:\Windows\system32\winrm.vbs - OK
C:\Windows\system32\winrnr.dll - OK
C:\Windows\system32\winrs.exe - OK
C:\Windows\system32\winrscmd.dll - OK
C:\Windows\system32\winrshost.exe - OK
C:\Windows\system32\winrsmgr.dll - OK
C:\Windows\system32\winrssrv.dll - OK
C:\Windows\system32\WinSAT.exe - OK
C:\Windows\system32\WinSATAPI.dll packed by ZLIB
>C:\Windows\system32\WinSATAPI.dll - archive BINARYRES
>>C:\Windows\system32\WinSATAPI.dll/data001 - OK
>>C:\Windows\system32\WinSATAPI.dll/data002 - OK
>C:\Windows\system32\WinSATAPI.dll - OK
C:\Windows\system32\WinSCard.dll - OK
C:\Windows\system32\winshfhc.dll - OK
C:\Windows\system32\WINSOCK.DLL - OK
C:\Windows\system32\winsockhc.dll - OK
C:\Windows\system32\winspool.drv - OK
C:\Windows\system32\WINSPOOL.EXE - OK
C:\Windows\system32\WINSRPC.DLL - OK
C:\Windows\system32\winsrv.dll - OK
C:\Windows\system32\winsta.dll - OK
C:\Windows\system32\WinSync.dll - OK
C:\Windows\system32\WinSyncMetastore.dll - OK
C:\Windows\system32\WinSyncProviders.dll - OK
C:\Windows\system32\wintrust.dll - OK
C:\Windows\system32\winusb.dll - OK
C:\Windows\system32\winver.exe - OK
C:\Windows\system32\wisptis.exe - OK
C:\Windows\system32\wkscli.dll - OK
C:\Windows\system32\wksprt.exe - OK
C:\Windows\system32\wksprtPS.dll - OK
C:\Windows\system32\wkssvc.dll - OK
C:\Windows\system32\wlanapi.dll - OK
C:\Windows\system32\wlancfg.dll - OK
C:\Windows\system32\WLanConn.dll - OK
C:\Windows\system32\wlandlg.dll - OK
C:\Windows\system32\wlanext.exe - OK
C:\Windows\system32\wlangpui.dll - OK
C:\Windows\system32\WLanHC.dll - OK
C:\Windows\system32\wlanhlp.dll - OK
C:\Windows\system32\wlaninst.dll - OK
C:\Windows\system32\WlanMM.dll - OK
C:\Windows\system32\wlanmsm.dll - OK
C:\Windows\system32\wlanpref.dll - OK
C:\Windows\system32\wlansec.dll - OK
C:\Windows\system32\wlansvc.dll - OK
C:\Windows\system32\wlanui.dll - OK
C:\Windows\system32\wlanutil.dll - OK
C:\Windows\system32\Wldap32.dll - OK
C:\Windows\system32\wlgpclnt.dll - OK
C:\Windows\system32\wlrmdr.exe - OK
C:\Windows\system32\WlS0WndH.dll - OK
C:\Windows\system32\WLTRAY.EXE - OK
C:\Windows\system32\wltrynt.dll - OK
C:\Windows\system32\WLTRYSVC.EXE - OK
C:\Windows\system32\WMADMOD.DLL - OK
C:\Windows\system32\WMADMOE.DLL - OK
C:\Windows\system32\WMALFXGFXDSP.dll - OK
C:\Windows\system32\WMASF.DLL - OK
C:\Windows\system32\wmcodecdspps.dll - OK
C:\Windows\system32\wmdmlog.dll - OK
C:\Windows\system32\wmdmps.dll - OK
C:\Windows\system32\wmdrmdev.dll - OK
C:\Windows\system32\wmdrmnet.dll - OK
C:\Windows\system32\wmdrmsdk.dll - OK
C:\Windows\system32\wmerror.dll - OK
C:\Windows\system32\wmi.dll - OK
C:\Windows\system32\wmicmiplugin.dll - OK
C:\Windows\system32\wmidx.dll - OK
C:\Windows\system32\WmiMgmt.msc - OK
C:\Windows\system32\wmiprop.dll - OK
C:\Windows\system32\WMNetMgr.dll - OK
C:\Windows\system32\wmp.dll - OK
C:\Windows\system32\wmpcm.dll - OK
C:\Windows\system32\WmpDui.dll - OK
C:\Windows\system32\wmpdxm.dll - OK
C:\Windows\system32\wmpeffects.dll - OK
C:\Windows\system32\WMPEncEn.dll - OK
C:\Windows\system32\WMPhoto.dll - OK
C:\Windows\system32\wmploc.DLL - OK
C:\Windows\system32\wmpmde.dll - OK
C:\Windows\system32\wmpps.dll - OK
C:\Windows\system32\wmpshell.dll - OK
C:\Windows\system32\wmpsrcwp.dll - OK
C:\Windows\system32\wmsgapi.dll - OK
C:\Windows\system32\WMSPDMOD.DLL - OK
C:\Windows\system32\WMSPDMOE.DLL - OK
C:\Windows\system32\WMVCORE.DLL - OK
C:\Windows\system32\WMVDECOD.DLL - OK
C:\Windows\system32\wmvdspa.dll - OK
C:\Windows\system32\WMVENCOD.DLL - OK
C:\Windows\system32\WMVSDECD.DLL - OK
C:\Windows\system32\WMVSENCD.DLL - OK
C:\Windows\system32\WMVXENCD.DLL - OK
C:\Windows\system32\wow32.dll - OK
C:\Windows\system32\WOWDEB.EXE - OK
C:\Windows\system32\WOWEXEC.EXE - OK
C:\Windows\system32\Wpc.dll - OK
C:\Windows\system32\wpcao.dll - OK
C:\Windows\system32\wpccpl.dll - OK
C:\Windows\system32\wpcmig.dll - OK
C:\Windows\system32\wpcsvc.dll - OK
C:\Windows\system32\wpcumi.dll - OK
C:\Windows\system32\wpdbusenum.dll - OK
C:\Windows\system32\WpdMtp.dll - OK
C:\Windows\system32\WpdMtpUS.dll - OK
C:\Windows\system32\wpdshext.dll - OK
C:\Windows\system32\WPDShextAutoplay.exe - OK
C:\Windows\system32\WPDShServiceObj.dll - OK
C:\Windows\system32\WPDSp.dll - OK
C:\Windows\system32\wpdwcn.dll - OK
C:\Windows\system32\wpd_ci.dll - OK
C:\Windows\system32\wpnpinst.exe - OK
C:\Windows\system32\write.exe - OK
C:\Windows\system32\WS2Fix.exe packed by UPX
>C:\Windows\system32\WS2Fix.exe - OK
C:\Windows\system32\ws2help.dll - OK
C:\Windows\system32\ws2_32.dll - OK
C:\Windows\system32\wscapi.dll - OK
C:\Windows\system32\WscEapPr.dll - OK
C:\Windows\system32\wscinterop.dll - OK
C:\Windows\system32\wscisvif.dll - OK
C:\Windows\system32\wscmisetup.dll - OK
C:\Windows\system32\wscproxystub.dll - OK
C:\Windows\system32\wscript.exe - OK
C:\Windows\system32\wscsvc.dll - OK
C:\Windows\system32\wscui.cpl packed by ZLIB
>C:\Windows\system32\wscui.cpl - archive BINARYRES
>>C:\Windows\system32\wscui.cpl/data001 - OK
>>C:\Windows\system32\wscui.cpl/data002 - OK
>>C:\Windows\system32\wscui.cpl/data003 - OK
>>C:\Windows\system32\wscui.cpl/data004 - OK
>>C:\Windows\system32\wscui.cpl/data005 - OK
>>C:\Windows\system32\wscui.cpl/data006 - OK
>>C:\Windows\system32\wscui.cpl/data007 - OK
>>C:\Windows\system32\wscui.cpl/data008 - OK
>>C:\Windows\system32\wscui.cpl/data009 - OK
>>C:\Windows\system32\wscui.cpl/data010 - OK
>>C:\Windows\system32\wscui.cpl/data011 - OK
>>C:\Windows\system32\wscui.cpl/data012 - OK
>>C:\Windows\system32\wscui.cpl/data013 - OK
>>C:\Windows\system32\wscui.cpl/data014 - OK
>>C:\Windows\system32\wscui.cpl/data015 - OK
>C:\Windows\system32\wscui.cpl - OK
C:\Windows\system32\WSDApi.dll - OK
C:\Windows\system32\wsdchngr.dll - OK
C:\Windows\system32\WSDMon.dll - OK
C:\Windows\system32\WSDPrintProxy.DLL - OK
C:\Windows\system32\WSDScanProxy.dll - OK
C:\Windows\system32\wsecedit.dll - OK
C:\Windows\system32\wsepno.dll - OK
C:\Windows\system32\wshbth.dll - OK
C:\Windows\system32\wshcon.dll - OK
C:\Windows\system32\wshelper.dll - OK
C:\Windows\system32\wshext.dll - OK
C:\Windows\system32\wship6.dll - OK
C:\Windows\system32\wshirda.dll - OK
C:\Windows\system32\wshnetbs.dll - OK
C:\Windows\system32\wshom.ocx - OK
C:\Windows\system32\wshqos.dll - OK
C:\Windows\system32\wshrm.dll - OK
C:\Windows\system32\WSHTCPIP.DLL - OK
C:\Windows\system32\wsmanconfig_schema.xml - OK
C:\Windows\system32\WSManHTTPConfig.exe - OK
C:\Windows\system32\WSManMigrationPlugin.dll - OK
C:\Windows\system32\WsmAuto.dll - OK
C:\Windows\system32\wsmplpxy.dll - OK
C:\Windows\system32\wsmprovhost.exe - OK
C:\Windows\system32\WsmPty.xsl - OK
C:\Windows\system32\WsmRes.dll - OK
C:\Windows\system32\WsmSvc.dll - OK
C:\Windows\system32\WsmTxt.xsl - OK
C:\Windows\system32\WsmWmiPl.dll - OK
C:\Windows\system32\wsnmp32.dll - OK
C:\Windows\system32\wsock32.dll - OK
C:\Windows\system32\wsqmcons.exe - OK
C:\Windows\system32\WSTPager.ax - OK
C:\Windows\system32\wtsapi32.dll - OK
C:\Windows\system32\wuapi.dll - OK
C:\Windows\system32\wuapp.exe - OK
C:\Windows\system32\wuauclt.exe - OK
C:\Windows\system32\wuaueng.dll - OK
C:\Windows\system32\wucltux.dll - OK
C:\Windows\system32\WUDFCoinstaller.dll - OK
C:\Windows\system32\WUDFHost.exe - OK
C:\Windows\system32\WUDFPlatform.dll - OK
C:\Windows\system32\WUDFSvc.dll - OK
C:\Windows\system32\WUDFx.dll - OK
C:\Windows\system32\wudriver.dll - OK
C:\Windows\system32\wups.dll - OK
C:\Windows\system32\wups2.dll - OK
C:\Windows\system32\wusa.exe - OK
C:\Windows\system32\wuwebv.dll - OK
C:\Windows\system32\wvc.dll - OK
C:\Windows\system32\Wwanadvui.dll - OK
C:\Windows\system32\WWanAPI.dll - OK
C:\Windows\system32\wwancfg.dll - OK
C:\Windows\system32\wwanconn.dll - OK
C:\Windows\system32\WWanHC.dll - OK
C:\Windows\system32\wwaninst.dll - OK
C:\Windows\system32\wwanmm.dll - OK
C:\Windows\system32\Wwanpref.dll - OK
C:\Windows\system32\wwanprotdim.dll - OK
C:\Windows\system32\wwansvc.dll - OK
C:\Windows\system32\wwapi.dll - OK
C:\Windows\system32\wzcdlg.dll - OK
C:\Windows\system32\x3daudio1_0.dll - OK
C:\Windows\system32\x3daudio1_1.dll - OK
C:\Windows\system32\X3DAudio1_2.dll - OK
C:\Windows\system32\X3DAudio1_3.dll - OK
C:\Windows\system32\X3DAudio1_4.dll - OK
C:\Windows\system32\X3DAudio1_5.dll - OK
C:\Windows\system32\X3DAudio1_6.dll - OK
C:\Windows\system32\X3DAudio1_7.dll - OK
C:\Windows\system32\xactengine2_0.dll - OK
C:\Windows\system32\xactengine2_1.dll - OK
C:\Windows\system32\xactengine2_10.dll - OK
C:\Windows\system32\xactengine2_2.dll - OK
C:\Windows\system32\xactengine2_3.dll - OK
C:\Windows\system32\xactengine2_4.dll - OK
C:\Windows\system32\xactengine2_5.dll - OK
C:\Windows\system32\xactengine2_6.dll - OK
C:\Windows\system32\xactengine2_7.dll - OK
C:\Windows\system32\xactengine2_8.dll - OK
C:\Windows\system32\xactengine2_9.dll - OK
C:\Windows\system32\xactengine3_0.dll - OK
C:\Windows\system32\xactengine3_1.dll - OK
C:\Windows\system32\xactengine3_2.dll - OK
C:\Windows\system32\xactengine3_3.dll - OK
C:\Windows\system32\xactengine3_4.dll - OK
C:\Windows\system32\xactengine3_5.dll - OK
C:\Windows\system32\xactengine3_6.dll - OK
C:\Windows\system32\xactengine3_7.dll - OK
C:\Windows\system32\XAPOFX1_0.dll - OK
C:\Windows\system32\XAPOFX1_1.dll - OK
C:\Windows\system32\XAPOFX1_2.dll - OK
C:\Windows\system32\XAPOFX1_3.dll - OK
C:\Windows\system32\XAPOFX1_4.dll - OK
C:\Windows\system32\XAPOFX1_5.dll - OK
C:\Windows\system32\XAudio2_0.dll - OK
C:\Windows\system32\XAudio2_1.dll - OK
C:\Windows\system32\XAudio2_2.dll - OK
C:\Windows\system32\XAudio2_3.dll - OK
C:\Windows\system32\XAudio2_4.dll - OK
C:\Windows\system32\XAudio2_5.dll - OK
C:\Windows\system32\XAudio2_6.dll - OK
C:\Windows\system32\XAudio2_7.dll - OK
C:\Windows\system32\xcopy.exe - OK
C:\Windows\system32\xinput1_1.dll - OK
C:\Windows\system32\xinput1_2.dll - OK
C:\Windows\system32\xinput1_3.dll - OK
C:\Windows\system32\XInput9_1_0.dll - OK
C:\Windows\system32\xmlfilter.dll - OK
C:\Windows\system32\xmllite.dll - OK
C:\Windows\system32\xmlprovi.dll - OK
C:\Windows\system32\xolehlp.dll - OK
C:\Windows\system32\XpsFilt.dll - OK
C:\Windows\system32\XpsGdiConverter.dll - OK
C:\Windows\system32\XpsPrint.dll - OK
C:\Windows\system32\XpsRasterService.dll - OK
C:\Windows\system32\xpsrchvw.exe packed by FLY-CODE
>C:\Windows\system32\xpsrchvw.exe - archive BINARYRES
>>C:\Windows\system32\xpsrchvw.exe/data001 - OK
>C:\Windows\system32\xpsrchvw.exe - OK
C:\Windows\system32\xpsrchvw.xml - OK
C:\Windows\system32\xpsservices.dll - OK
C:\Windows\system32\XPSSHHDR.dll - OK
C:\Windows\system32\xpssvcs.dll - OK
C:\Windows\system32\xwizard.dtd - OK
C:\Windows\system32\xwizard.exe - OK
C:\Windows\system32\xwizards.dll - OK
C:\Windows\system32\xwreg.dll - OK
C:\Windows\system32\xwtpdui.dll - OK
C:\Windows\system32\xwtpw32.dll - OK
C:\Windows\system32\zgmprxy.dll - OK
C:\Windows\system32\zipfldr.dll - OK
C:\Windows\system32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat - OK
C:\Windows\system32\AdvancedInstallers\cmiadapter.dll - OK
C:\Windows\system32\AdvancedInstallers\cmitrust.dll - OK
C:\Windows\system32\AdvancedInstallers\cmiv2.dll - OK
C:\Windows\system32\AdvancedInstallers\CntrtextInstaller.DLL - OK
C:\Windows\system32\AdvancedInstallers\locdrv.dll - OK
C:\Windows\system32\AdvancedInstallers\OEMHelpIns.dll - OK
C:\Windows\system32\ar-SA\cdosys.dll.mui - OK
C:\Windows\system32\ar-SA\comctl32.dll.mui - OK
C:\Windows\system32\ar-SA\comdlg32.dll.mui - OK
C:\Windows\system32\ar-SA\fms.dll.mui - OK
C:\Windows\system32\ar-SA\mlang.dll.mui - OK
C:\Windows\system32\ar-SA\msimsg.dll.mui - OK
C:\Windows\system32\ar-SA\msprivs.dll.mui - OK
C:\Windows\system32\ar-SA\OGAAddin.dll.mui - OK
C:\Windows\system32\bg-BG\comctl32.dll.mui - OK
C:\Windows\system32\bg-BG\comdlg32.dll.mui - OK
C:\Windows\system32\bg-BG\fms.dll.mui - OK
C:\Windows\system32\bg-BG\mlang.dll.mui - OK
C:\Windows\system32\bg-BG\msimsg.dll.mui - OK
C:\Windows\system32\Boot\winload.exe packed by FLY-CODE
>C:\Windows\system32\Boot\winload.exe - OK
C:\Windows\system32\Boot\winresume.exe packed by FLY-CODE
>C:\Windows\system32\Boot\winresume.exe - OK
C:\Windows\system32\Boot\en-US\winload.exe.mui - OK
C:\Windows\system32\Boot\en-US\winresume.exe.mui - OK
C:\Windows\system32\catroot\TMP2349.tmp - OK
C:\Windows\system32\catroot\TMP29F0.tmp - OK
C:\Windows\system32\catroot\TMP2EEF.tmp - OK
C:\Windows\system32\catroot\TMP409D.tmp - OK
C:\Windows\system32\catroot\TMP6181.tmp - OK
C:\Windows\system32\catroot\TMP6E2E.tmp - OK
C:\Windows\system32\catroot\TMP7EA2.tmp - OK
C:\Windows\system32\catroot\TMP86B.tmp - OK
C:\Windows\system32\catroot\TMP8A65.tmp - OK
C:\Windows\system32\catroot\TMP8FB2.tmp - OK
C:\Windows\system32\catroot\TMP9FD9.tmp - OK
C:\Windows\system32\catroot\TMPC611.tmp - OK
C:\Windows\system32\catroot\TMPCCF0.tmp - OK
C:\Windows\system32\catroot\TMPD8AD.tmp - OK
C:\Windows\system32\catroot\TMPFA28.tmp - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Lbd.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Hyper-V-Common-Drivers-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Hyper-V-Guest-Integration-Drivers-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Media-Foundation-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Media-Foundation-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Anytime-Upgrade-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Anytime-Upgrade-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Anytime-Upgrade-Results-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Anytime-Upgrade-Results-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Backup-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Backup-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-BLB-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-BLB-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-Professional-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-Professional-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-Ultimate-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-Ultimate-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-BusinessScanning-Feature-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-BusinessScanning-Feature-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Drivers-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Drivers-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-LanguagePack-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Wired-Network-Drivers-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Wired-Network-Drivers-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ClipsInTheLibrary-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ClipsInTheLibrary-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CodecPack-Basic-Encoder-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CodecPack-Basic-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CodecPack-Basic-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Common-Drivers-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Common-Drivers-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Common-Modem-Drivers-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Common-Modem-Drivers-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-DesktopWindowManager-uDWM-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Disk-Diagnosis-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Disk-Diagnosis-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Editions-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Gadget-Platform-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Gadget-Platform-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GPUPipeline-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GPUPipeline-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientExtensions-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientExtensions-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAHP-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAHP-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAPS-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAPS-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAUE-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAUE-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-Customization-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-Customization-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ICM-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ICM-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IE-Troubleshooters-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IE-Troubleshooters-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-AddOn-2-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-AddOn-2-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-AddOn-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-AddOn-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Indexing-Service-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Indexing-Service-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~en-US~8.0.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~en-US~9.4.8112.16421.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~9.4.8112.16421.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Package-MiniLP~31bf3856ad364e35~x86~en-US~9.4.8112.16421.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Package-TopLevel~31bf3856ad364e35~x86~~9.4.8112.16421.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Package~31bf3856ad364e35~x86~en-US~8.0.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Package~31bf3856ad364e35~x86~en-US~9.4.8112.16421.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Package~31bf3856ad364e35~x86~~8.0.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Package~31bf3856ad364e35~x86~~9.4.8112.16421.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-VistaPlus-Update~31bf3856ad364e35~x86~~9.4.8112.16421.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Killbits-Package~31bf3856ad364e35~x86~~8.0.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Links-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Links-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-LocalPack-AU-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-LocalPack-CA-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-LocalPack-GB-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-LocalPack-US-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-LocalPack-ZA-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaCenter-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaCenter-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayback-OC-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayback-OC-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-DVDRegistration-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Basic-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Basic-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Sensors-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Sensors-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-SideShow-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-SideShow-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MSMQ-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MSMQ-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetFx3-OC-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetFx3-OC-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetworkDiagnostics-DirectAccessEntry-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NFS-ClientSKU-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NFS-ClientSKU-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OfflineFiles-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OfflineFiles-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpticalMediaDisc-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpticalMediaDisc-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ParentalControls-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ParentalControls-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerDist-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerDist-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-Full-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-Full-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Personalization-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoBasicPackage~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoBasicPackage~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printer-Drivers-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printer-Drivers-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-Foundation-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-Foundation-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-LocalPrinting-Home-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-XPSServices-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-XPSServices-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ProfessionalEdition~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RasCMAK-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RasCMAK-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RasRip-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RasRip-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RDC-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RDC-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RecDisc-SDP-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RecDisc-SDP-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemoteAssistance-Package-Client~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemoteAssistance-Package-Client~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SampleContent-Music-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SampleContent-Ringtones-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Basic-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Basic-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Security-SPP-Component-SKU-HomePremium-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Security-SPP-Component-SKU-Professional-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Security-SPP-Component-SKU-Ultimate-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Security-WindowsActivationTechnologies-Package~31bf3856ad364e35~x86~~7.1.7600.16395.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ServicingBaseline-Ultimate-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ShareMedia-ControlPanel-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ShareMedia-ControlPanel-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-HomeGroup-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-HomeGroup-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-SoundThemes-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Sidebar-Killbits-SDP-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SimpleTCP-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SimpleTCP-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SnippingTool-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SnippingTool-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SNMP-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SNMP-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-StickyNotes-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-StickyNotes-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-StorageService-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-StorageService-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SUA-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SUA-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TabletPC-OC-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TabletPC-OC-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Server-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Server-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-CommandLineTools-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-CommandLineTools-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-MiscRedirection-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-MiscRedirection-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-Publishing-WMIProvider-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-Publishing-WMIProvider-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-RemoteApplications-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-RemoteApplications-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-UsbRedirector-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-UsbRedirector-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-WMIProvider-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TerminalServices-WMIProvider-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TFTP-Client-Package~31bf3856ad364e35~x86~en-US~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TFTP-Client-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\system32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Tuner-Drivers-Package~31bf3856ad364e35~x86~~6.1.7600.16385.cat - OK
C:\Windows\sys
  • 0

#9
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi FictiveRepose,

OK. You did good job and Dr.Web removed few infections. Please do last Step 4 and post logs for me.
  • 0

#10
FictiveRepose

FictiveRepose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
OTL Logs

OTL logfile created on: 8/19/2011 11:31:08 AM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Erik L Hanson\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 49.60% Memory free
3.98 Gb Paging File | 2.93 Gb Available in Paging File | 73.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.44 Gb Total Space | 50.15 Gb Free Space | 36.75% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 0.01 Gb Free Space | 0.07% Space Free | Partition Type: NTFS

Computer Name: ERIKLHANSON-PC | User Name: Erik L Hanson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Users\Erik L Hanson\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Windows\snuvcdsm.exe ()
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Windows\System32\wsqmcons.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\PLFSetL.exe (sonix)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Wiley\Webster's New World\HKML_SRV.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Erik L Hanson\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (WMPNetworkSvc) -- File not found
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- File not found
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (nosGetPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WDSmartWareBackgroundService) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
SRV - (getPlus® Helper) getPlus® -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)


========== Driver Services (SafeList) ==========

DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110818.021\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110818.021\NAVENG.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.)
DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (MCSTRM) -- C:\Windows\System32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - (dsunidrv) -- C:\Windows\System32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=6070720
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4053133703-350432278-807978436-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-4053133703-350432278-807978436-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=6070720
IE - HKU\S-1-5-21-4053133703-350432278-807978436-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4053133703-350432278-807978436-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...us&ibd=6070720"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.148
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.5.2
FF - prefs.js..keyword.URL: "http://slirsredirect...b-en-us&query="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Users\Erik L Hanson\AppData\Roaming\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/16 19:59:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/24 22:09:12 | 000,000,000 | ---D | M]

[2009/10/23 16:34:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Extensions
[2011/08/16 19:59:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions
[2011/02/05 01:11:48 | 000,000,000 | ---D | M] () -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2010/07/24 11:47:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/01 18:08:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/16 19:59:38 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2009/10/23 16:34:18 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2011/04/10 00:34:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\[email protected]
[2009/11/05 08:21:57 | 000,004,554 | ---- | M] () -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\searchplugins\aim-search.xml
[2011/08/14 14:59:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/26 19:57:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/02/09 09:45:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/07/24 12:42:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/16 19:59:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/09 18:21:44 | 000,000,808 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] File not found
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [Turbine Download Manager Tray Icon] File not found
O4 - HKU\S-1-5-21-4053133703-350432278-807978436-1000..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC)
O4 - HKU\S-1-5-21-4053133703-350432278-807978436-1000..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-4053133703-350432278-807978436-1000..\Run: [DellSupportCenter] File not found
O4 - HKU\S-1-5-21-4053133703-350432278-807978436-1000..\Run: [EA Core] File not found
O4 - HKU\S-1-5-21-4053133703-350432278-807978436-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Erik L Hanson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe (GameStop Corporation)
O4 - Startup: C:\Users\Erik L Hanson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4053133703-350432278-807978436-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Risk/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Risk/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.123.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Erik L Hanson\Pictures\[bleep] raptors.jpg
O24 - Desktop BackupWallPaper: C:\Users\Erik L Hanson\Pictures\[bleep] raptors.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b59bd568-4031-11df-9b5f-0019b9860f32}\Shell - "" = AutoRun
O33 - MountPoints2\{b59bd568-4031-11df-9b5f-0019b9860f32}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/19 11:22:18 | 000,000,000 | -HSD | C] -- C:\found.008
[2011/08/10 23:14:10 | 000,000,000 | ---D | C] -- C:\1eb154a616df2a1d6e3fe4866a364f
[2011/08/10 21:51:25 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/10 21:51:24 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/08/10 21:51:11 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011/08/10 21:51:11 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/10 21:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/10 21:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/08/10 21:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/08/10 21:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/08/10 21:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/10 21:51:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/08/10 21:51:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/08/10 21:51:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/10 21:51:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/10 21:51:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/08/10 21:51:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/10 21:51:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/08/10 21:51:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/08/10 21:51:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/08/10 21:51:06 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011/08/10 21:51:06 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011/08/10 21:51:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011/08/10 21:51:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011/08/10 21:51:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011/08/09 17:20:39 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\DoctorWeb
[2011/08/09 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\AppData\Roaming\Malwarebytes
[2011/08/09 16:57:17 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/09 16:57:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/09 16:57:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/09 16:57:12 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/09 16:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/09 16:48:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011/08/09 16:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/08/09 16:47:45 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/08/03 21:21:09 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Erik L Hanson\Desktop\OTL.exe
[2011/08/02 19:21:49 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2011/08/02 17:41:33 | 000,000,000 | -HSD | C] -- C:\found.007
[2011/07/24 12:42:14 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/07/24 12:42:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/07/24 12:42:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/07/20 17:39:41 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\AppData\Local\{14DB717C-6078-4ECA-BE06-A12AD7A928FD}
[2008/09/21 02:04:03 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Erik L Hanson\AppData\Roaming\DataSafeDotNet.exe

========== Files - Modified Within 30 Days ==========

[2011/08/19 11:27:14 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/08/19 11:25:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/19 11:25:02 | 1602,895,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/17 21:17:56 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/17 21:17:56 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/16 20:13:11 | 000,001,996 | ---- | M] () -- C:\Users\Erik L Hanson\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/08/13 09:40:21 | 285,782,032 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/12 17:09:02 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/08/11 18:52:50 | 000,683,404 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/11 18:52:50 | 000,130,688 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/09 18:21:44 | 000,000,808 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/08/09 17:17:29 | 073,931,024 | ---- | M] () -- C:\Users\Erik L Hanson\Desktop\drweb-cureit.exe
[2011/08/09 16:57:18 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/09 16:38:13 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/08/09 16:38:13 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/08/09 16:31:34 | 000,007,605 | ---- | M] () -- C:\Users\Erik L Hanson\AppData\Local\Resmon.ResmonCfg
[2011/08/03 21:21:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Erik L Hanson\Desktop\OTL.exe
[2011/07/28 17:30:21 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

========== Files Created - No Company Name ==========

[2011/08/09 17:13:26 | 073,931,024 | ---- | C] () -- C:\Users\Erik L Hanson\Desktop\drweb-cureit.exe
[2011/08/09 16:57:18 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/09 16:31:34 | 000,007,605 | ---- | C] () -- C:\Users\Erik L Hanson\AppData\Local\Resmon.ResmonCfg
[2011/06/17 20:10:37 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2010/08/13 20:50:18 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/07/31 22:22:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/20 15:02:46 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2009/12/20 15:02:46 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2009/10/29 13:04:09 | 000,000,024 | ---- | C] () -- C:\ProgramData\CinemaNowSvc.ini
[2009/10/23 17:05:32 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/10/23 16:47:31 | 000,021,924 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009/09/23 19:16:08 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/09/16 16:44:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/10 10:29:50 | 001,761,280 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/08/10 08:14:26 | 000,027,184 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,327,600 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,683,404 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,130,688 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/11 09:39:16 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2009/01/23 16:36:43 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008/12/29 09:13:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/11/17 21:55:51 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2007/12/16 03:00:40 | 000,672,813 | ---- | C] () -- C:\Users\Erik L Hanson\AppData\Roaming\datasafeupdate.msi
[2007/10/30 17:29:42 | 000,025,600 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2007/10/30 17:29:41 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2007/10/30 17:29:41 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2007/09/02 10:36:22 | 000,001,803 | ---- | C] () -- C:\Windows\cdplayer.ini
[2007/09/02 10:10:46 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/07/29 19:55:57 | 000,000,775 | ---- | C] () -- C:\Windows\EReg072.dat
[2007/07/25 09:46:21 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2007/07/20 18:35:50 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/07/20 18:35:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/07/20 10:53:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/07/20 10:53:30 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE

< End of report >
  • 0

Advertisements


#11
FictiveRepose

FictiveRepose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Extra logs

OTL Extras logfile created on: 8/19/2011 11:31:08 AM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Erik L Hanson\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 49.60% Memory free
3.98 Gb Paging File | 2.93 Gb Available in Paging File | 73.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.44 Gb Total Space | 50.15 Gb Free Space | 36.75% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 0.01 Gb Free Space | 0.07% Space Free | Partition Type: NTFS

Computer Name: ERIKLHANSON-PC | User Name: Erik L Hanson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4053133703-350432278-807978436-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{04010300-6D72-4D54-8686-91D884A27B5C}" = Cisco Clean Access Agent
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1D0BD79C-F8DA-4803-9C23-55480D769704}" = datasafeupdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 26
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}" = Character Builder
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2007
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{E1C33B03-3FE9-45BF-91E4-0266F38618C6}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2007
"{90120000-0017-0409-0000-0000000FF1CE}_SharePointDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAE221D5-C3DD-4FE2-A063-C1368FE730A5}" = Symantec Endpoint Protection
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Creepy & Cute Parts Pack
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}" = EA Download Manager UI
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDCA3C32-FCE7-40E8-8CB5-7B0E87ADDFC9}_is1" = Majesty 2: The Fantasy Kingdom Sim
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM Toolbar" = AIM Toolbar
"AIM_7" = AIM 7
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"conduitEngine" = Conduit Engine
"Dell Support Center" = Dell Support Center
"EA Download Manager" = EA Download Manager
"GalCiv II - Ultimate Edition" = GalCiv II - Ultimate Edition
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Impulse" = Impulse
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 6.0 (x86 en-US)" = Mozilla Firefox 6.0 (x86 en-US)
"Rhapsody" = Rhapsody
"SharePointDesigner" = Microsoft Office SharePoint Designer 2007
"SimCity 3000" = SimCity 3000
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 105600" = Terraria
"Steam App 55040" = Atom Zombie Smasher
"Steam App 63000" = HOARD
"Steam App 91600" = Sanctum
"Steam App 99900" = Spiral Knights
"SynTPDeinstKey" = Dell Touchpad
"TVWiz" = Intel® TV Wizard
"UnityWebPlayer" = Unity Web Player
"unWNW1.0" = Webster's New World Dictionary
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4053133703-350432278-807978436-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"RPTools MapTool" = RPTools MapTool
"SOE-Magic The Gathering Tactics" = Magic The Gathering Tactics

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
  • 0

#12
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi FictiveRepose,

Back to work :)

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [resethosts]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles
Step 2

This step usually fix some errors related to BSOD.

  • Go to Start -> My Computer
  • Right click on C: disk and clik on Properties
  • Click on tab Tools and click on Check now... button
  • Check Automatically fix system errors and Scan for and attempt recovery of bad sectors
  • Click Start button
  • Confirm schedule disk check next time computer starts with Yes button
  • Restart your system and wait while system checks your disk for errors

Step 3

Download and run Puran Disc Defragmenter
Click on Boot Time Defrag button and choose Restart-Defrag-Restart

Posted Image

Step 4

Please test your system and let me know how is it after these steps.
  • 0

#13
FictiveRepose

FictiveRepose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Fix Log

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Erik L Hanson
->Temp folder emptied: 1819895337 bytes
->Temporary Internet Files folder emptied: 19307506 bytes
->Java cache emptied: 140970462 bytes
->FireFox cache emptied: 279728989 bytes
->Flash cache emptied: 1348874 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40709040 bytes
RecycleBin emptied: 115875 bytes

Total Files Cleaned = 2,196.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Erik L Hanson
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.26.1 log created on 08202011_133418

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
  • 0

#14
FictiveRepose

FictiveRepose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Finished up and ran OTL again, logs below.

OTL logfile created on: 8/20/2011 6:49:14 PM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Erik L Hanson\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.25% Memory free
3.98 Gb Paging File | 2.91 Gb Available in Paging File | 72.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.44 Gb Total Space | 47.77 Gb Free Space | 35.01% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 0.01 Gb Free Space | 0.07% Space Free | Partition Type: NTFS

Computer Name: ERIKLHANSON-PC | User Name: Erik L Hanson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Users\Erik L Hanson\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Windows\snuvcdsm.exe ()
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\PLFSetL.exe (sonix)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Wiley\Webster's New World\HKML_SRV.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Erik L Hanson\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (WMPNetworkSvc) -- File not found
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- File not found
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (nosGetPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WDSmartWareBackgroundService) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
SRV - (getPlus® Helper) getPlus® -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)


========== Driver Services (SafeList) ==========

DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110819.052\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110819.052\NAVENG.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.)
DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (MCSTRM) -- C:\Windows\System32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - (dsunidrv) -- C:\Windows\System32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=6070720
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=6070720
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...us&ibd=6070720"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.148
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.5.2
FF - prefs.js..keyword.URL: "http://slirsredirect...b-en-us&query="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Users\Erik L Hanson\AppData\Roaming\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/16 19:59:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/24 22:09:12 | 000,000,000 | ---D | M]

[2009/10/23 16:34:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Extensions
[2011/08/16 19:59:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions
[2011/02/05 01:11:48 | 000,000,000 | ---D | M] () -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2010/07/24 11:47:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/01 18:08:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/16 19:59:38 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2009/10/23 16:34:18 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2011/04/10 00:34:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\extensions\[email protected]
[2009/11/05 08:21:57 | 000,004,554 | ---- | M] () -- C:\Users\Erik L Hanson\AppData\Roaming\Mozilla\Firefox\Profiles\rbh9337i.default\searchplugins\aim-search.xml
[2011/08/14 14:59:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/26 19:57:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/02/09 09:45:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/07/24 12:42:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/16 19:59:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/20 13:37:59 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] File not found
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [Turbine Download Manager Tray Icon] File not found
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DellSupportCenter] File not found
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Erik L Hanson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe (GameStop Corporation)
O4 - Startup: C:\Users\Erik L Hanson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Risk/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Risk/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.123.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Erik L Hanson\Pictures\[bleep] raptors.jpg
O24 - Desktop BackupWallPaper: C:\Users\Erik L Hanson\Pictures\[bleep] raptors.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b59bd568-4031-11df-9b5f-0019b9860f32}\Shell - "" = AutoRun
O33 - MountPoints2\{b59bd568-4031-11df-9b5f-0019b9860f32}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/20 18:48:00 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\AppData\Local\{A6A0E573-89DB-4E5D-AAD0-42E120EBF97A}
[2011/08/20 17:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
[2011/08/20 17:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag
[2011/08/20 17:29:11 | 003,417,571 | ---- | C] (Puran Software ) -- C:\Users\Erik L Hanson\Desktop\PuranDefragFreeSetup.exe
[2011/08/20 17:23:02 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\AppData\Local\{86BF2F9A-97C2-47C6-9FA4-744E6944966B}
[2011/08/20 17:22:25 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\AppData\Local\{675672C0-E90F-4ECC-8E93-677FD1622CE6}
[2011/08/20 13:34:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/19 11:22:18 | 000,000,000 | -HSD | C] -- C:\found.008
[2011/08/10 23:14:10 | 000,000,000 | ---D | C] -- C:\1eb154a616df2a1d6e3fe4866a364f
[2011/08/10 21:51:25 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/10 21:51:24 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/08/10 21:51:11 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011/08/10 21:51:11 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/10 21:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/10 21:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/08/10 21:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/08/10 21:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/08/10 21:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/10 21:51:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/08/10 21:51:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/08/10 21:51:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/10 21:51:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/10 21:51:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/08/10 21:51:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/08/10 21:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/10 21:51:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/08/10 21:51:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/08/10 21:51:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/08/10 21:51:06 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011/08/10 21:51:06 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011/08/10 21:51:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011/08/10 21:51:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011/08/10 21:51:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011/08/09 17:20:39 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\DoctorWeb
[2011/08/09 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\Erik L Hanson\AppData\Roaming\Malwarebytes
[2011/08/09 16:57:17 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/09 16:57:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/09 16:57:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/09 16:57:12 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/09 16:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/09 16:48:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011/08/09 16:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/08/09 16:47:45 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/08/03 21:21:09 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Erik L Hanson\Desktop\OTL.exe
[2011/08/02 19:21:49 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2011/08/02 17:41:33 | 000,000,000 | -HSD | C] -- C:\found.007
[2011/07/24 12:42:14 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/07/24 12:42:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/07/24 12:42:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2008/09/21 02:04:03 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Erik L Hanson\AppData\Roaming\DataSafeDotNet.exe

========== Files - Modified Within 30 Days ==========

[2011/08/20 18:44:36 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/08/20 18:44:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/20 18:43:12 | 1602,895,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/20 17:29:15 | 003,417,571 | ---- | M] (Puran Software ) -- C:\Users\Erik L Hanson\Desktop\PuranDefragFreeSetup.exe
[2011/08/20 15:51:23 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 15:51:23 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 13:37:59 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/08/19 21:40:48 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/08/16 20:13:11 | 000,001,996 | ---- | M] () -- C:\Users\Erik L Hanson\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/08/13 09:40:21 | 285,782,032 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/12 17:09:02 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/08/11 18:52:50 | 000,683,404 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/11 18:52:50 | 000,130,688 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/09 17:17:29 | 073,931,024 | ---- | M] () -- C:\Users\Erik L Hanson\Desktop\drweb-cureit.exe
[2011/08/09 16:57:18 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/09 16:38:13 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/08/09 16:38:13 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/08/09 16:31:34 | 000,007,605 | ---- | M] () -- C:\Users\Erik L Hanson\AppData\Local\Resmon.ResmonCfg
[2011/08/03 21:21:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Erik L Hanson\Desktop\OTL.exe

========== Files Created - No Company Name ==========

[2011/08/09 17:13:26 | 073,931,024 | ---- | C] () -- C:\Users\Erik L Hanson\Desktop\drweb-cureit.exe
[2011/08/09 16:57:18 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/09 16:31:34 | 000,007,605 | ---- | C] () -- C:\Users\Erik L Hanson\AppData\Local\Resmon.ResmonCfg
[2011/06/17 20:10:37 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2010/08/13 20:50:18 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/07/31 22:22:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/20 15:02:46 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2009/12/20 15:02:46 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2009/10/29 13:04:09 | 000,000,024 | ---- | C] () -- C:\ProgramData\CinemaNowSvc.ini
[2009/10/23 17:05:32 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/10/23 16:47:31 | 000,021,924 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009/09/23 19:16:08 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/09/16 16:44:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/10 10:29:50 | 001,761,280 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/08/10 08:14:26 | 000,027,184 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,327,600 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,683,404 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,130,688 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/11 09:39:16 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2009/01/23 16:36:43 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008/12/29 09:13:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/11/17 21:55:51 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2007/12/16 03:00:40 | 000,672,813 | ---- | C] () -- C:\Users\Erik L Hanson\AppData\Roaming\datasafeupdate.msi
[2007/10/30 17:29:42 | 000,025,600 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2007/10/30 17:29:41 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2007/10/30 17:29:41 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2007/09/02 10:36:22 | 000,001,803 | ---- | C] () -- C:\Windows\cdplayer.ini
[2007/09/02 10:10:46 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/07/29 19:55:57 | 000,000,775 | ---- | C] () -- C:\Windows\EReg072.dat
[2007/07/25 09:46:21 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2007/07/20 18:35:50 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/07/20 18:35:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/07/20 10:53:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/07/20 10:53:30 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE

< End of report >
  • 0

#15
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi FictiveRepose,

How is your system now? What problems you have?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP