Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet Hijacking Virus

Started by Boltskull , Aug 14 2011 02:12 PM

  • This topic is locked This topic is locked

#1
Boltskull
Posted 14 August 2011 - 02:12 PM

Boltskull

    Member

  • Member
  • PipPip
  • 24 posts
I have had an internet hijacking virus for months on my parents Windows VISTA OS PC and the symptoms are crashes, redirecting (when in Google and randomly), service host being high and taking lots of CPU usage.

OTL Log:

OTL logfile created on: 8/14/2011 5:21:36 PM - Run 1
OTL by OldTimer - Version 3.2.26.3 Folder = C:\Users\velcd\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.94 Mb Total Physical Memory | 101.50 Mb Available Physical Memory | 22.71% Memory free
1.41 Gb Paging File | 0.64 Gb Available in Paging File | 45.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 113.20 Gb Total Space | 99.80 Gb Free Space | 88.16% Space Free | Partition Type: NTFS
Drive D: | 112.85 Gb Total Space | 107.19 Gb Free Space | 94.98% Space Free | Partition Type: NTFS

Computer Name: VELCD-PC | User Name: velcd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\velcd\Downloads\OTL.exe
PRC - [2011/06/22 10:59:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/08/14 12:36:26 | 000,607,576 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\pnamain.exe
PRC - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
PRC - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
PRC - [2006/11/25 02:57:52 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
PRC - [2006/11/23 19:24:54 | 000,319,488 | ---- | M] () -- C:\Windows\System32\SysMonitor.exe
PRC - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2006/11/08 22:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe


========== Modules (SafeList) ==========

MOD - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\velcd\Downloads\OTL.exe
MOD - [2011/08/14 17:08:55 | 000,180,224 | ---- | M] (Softanics) -- C:\Users\velcd\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
MOD - [2011/08/04 18:58:33 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2011/08/04 18:58:32 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2011/06/25 10:46:49 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/06/22 10:59:20 | 011,812,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2011/06/22 10:59:19 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2011/06/22 10:59:18 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2011/06/22 10:59:17 | 000,505,816 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\sqlite3.dll
MOD - [2011/06/22 10:59:17 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2011/06/22 10:59:17 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2011/06/22 10:59:16 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2011/06/22 10:59:16 | 000,018,904 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2011/06/22 10:59:15 | 000,343,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2011/06/22 10:59:15 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2011/06/22 10:59:15 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2011/06/22 10:59:14 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcrt19.dll
MOD - [2011/06/22 10:59:14 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2011/06/22 10:59:14 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2011/06/22 10:59:13 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcpp19.dll
MOD - [2011/06/22 10:59:12 | 001,014,744 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/06/22 10:59:12 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2011/06/22 10:59:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2011/02/24 21:08:40 | 002,195,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffStateMc.dll
MOD - [2011/02/24 21:08:38 | 000,234,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffIpHelper.dll
MOD - [2011/02/24 21:08:38 | 000,200,608 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\affNdis.dll
MOD - [2011/02/24 21:08:36 | 000,022,944 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/02/24 21:08:34 | 000,139,680 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffCrypto.dll
MOD - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
MOD - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
MOD - [2011/02/24 20:39:00 | 000,658,432 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2011/02/19 00:33:29 | 000,053,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
MOD - [2011/02/19 00:33:23 | 003,765,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90.dll
MOD - [2011/02/19 00:33:19 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2011/02/19 00:33:19 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2011/02/15 13:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2011/02/15 13:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2011/02/15 13:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2011/02/15 13:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2011/02/15 12:30:52 | 000,118,784 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Belkin\Router Setup and Monitor\W32N55.dll
MOD - [2011/02/15 12:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
MOD - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
MOD - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
MOD - [2009/08/18 18:27:02 | 000,326,144 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sofficeapp.dll
MOD - [2009/08/18 15:54:22 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/08/14 12:43:42 | 000,437,592 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\resource\en\pnamaiUI.dll
MOD - [2009/08/14 12:41:58 | 000,010,584 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\resource\en\ctxmuiUI.dll
MOD - [2009/08/14 12:36:26 | 000,607,576 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\pnamain.exe
MOD - [2009/08/14 12:34:12 | 000,206,160 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\ctxmui.dll
MOD - [2009/08/05 16:05:20 | 000,949,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\comphelp4MSC.dll
MOD - [2009/08/03 20:27:18 | 000,625,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymNeti.dll
MOD - [2009/08/03 20:27:16 | 000,242,056 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymRedir.dll
MOD - [2009/07/28 04:06:52 | 001,870,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\tkmi.dll
MOD - [2009/07/28 03:43:32 | 003,073,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\vclmi.dll
MOD - [2009/07/17 16:24:38 | 000,280,576 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\oleautobridge.uno.dll
MOD - [2009/07/17 15:14:40 | 000,089,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\oooimprovementmi.dll
MOD - [2009/07/17 11:12:14 | 003,121,664 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sfxmi.dll
MOD - [2009/07/17 10:38:46 | 002,886,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\svtmi.dll
MOD - [2009/07/17 10:06:34 | 000,574,464 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\basegfxmi.dll
MOD - [2009/07/02 15:10:38 | 000,243,712 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucpfile1.dll
MOD - [2009/07/02 15:06:42 | 000,197,632 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucb1.dll
MOD - [2009/06/26 09:34:30 | 000,052,224 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
MOD - [2009/06/10 10:28:34 | 000,089,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
MOD - [2009/04/22 18:03:50 | 000,067,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\i18nutilMSC.dll
MOD - [2009/04/16 16:02:02 | 001,310,720 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sbmi.dll
MOD - [2009/04/16 15:14:36 | 001,880,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwkmi.dll
MOD - [2009/04/16 15:11:32 | 000,106,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwlmi.dll
MOD - [2009/04/16 15:11:14 | 000,849,408 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwemi.dll
MOD - [2009/04/16 15:09:30 | 000,299,008 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwimi.dll
MOD - [2009/04/16 14:43:14 | 000,032,768 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\jmi_g.dll
MOD - [2009/04/16 14:35:34 | 000,730,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\svlmi.dll
MOD - [2009/04/16 14:17:10 | 000,030,208 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\localebe1.uno.dll
MOD - [2009/04/16 14:03:48 | 001,432,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\configmgr2.uno.dll
MOD - [2009/04/16 14:03:20 | 000,257,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sotmi.dll
MOD - [2009/04/16 14:01:22 | 000,037,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sysmgr1.uno.dll
MOD - [2009/04/16 14:01:16 | 000,031,232 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\behelper.uno.dll
MOD - [2009/04/16 13:59:46 | 000,465,920 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\utlmi.dll
MOD - [2009/04/16 13:59:16 | 000,529,920 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\xcrmi.dll
MOD - [2009/04/16 13:56:08 | 000,510,464 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\tlmi.dll
MOD - [2009/04/16 13:45:52 | 000,024,576 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\i18nisolang1MSC.dll
MOD - [2009/04/16 13:44:22 | 000,092,672 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
MOD - [2009/04/16 13:44:16 | 000,453,632 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
MOD - [2009/04/16 13:40:08 | 000,135,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sax.uno.dll
MOD - [2009/04/16 13:39:48 | 000,148,992 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\emsermi.dll
MOD - [2009/04/16 13:39:10 | 000,080,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\saxmi.dll
MOD - [2009/04/16 13:35:02 | 000,356,864 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucbhelper4MSC.dll
MOD - [2009/04/16 13:32:40 | 000,431,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
MOD - [2009/04/16 13:31:24 | 000,024,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\jvmaccess3MSC.dll
MOD - [2009/04/16 13:30:48 | 013,912,064 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\Basis\program\icudt40.dll
MOD - [2009/04/16 13:30:42 | 000,949,760 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\Basis\program\icuuc40.dll
MOD - [2009/04/16 13:29:48 | 000,012,800 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\unsafe_uno_uno.dll
MOD - [2009/04/16 13:29:36 | 000,018,432 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\purpenvhelper3MSC.dll
MOD - [2009/04/16 13:29:32 | 000,143,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
MOD - [2009/04/16 13:11:48 | 000,093,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
MOD - [2009/04/16 13:09:30 | 000,078,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
MOD - [2009/04/16 13:08:36 | 000,094,208 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\vos3MSC.dll
MOD - [2009/04/16 13:07:56 | 000,013,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
MOD - [2009/04/16 13:05:20 | 001,732,608 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
MOD - [2009/04/16 13:03:58 | 000,086,016 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll
MOD - [2009/04/16 12:57:36 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
MOD - [2008/09/22 18:09:34 | 000,669,048 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll
MOD - [2008/09/22 18:09:22 | 000,142,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\npcTray.dll
MOD - [2008/07/30 18:42:18 | 000,398,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll
MOD - [2008/07/30 18:42:18 | 000,283,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll
MOD - [2008/07/16 16:42:06 | 000,305,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\ISLAlert.dll
MOD - [2008/07/10 13:37:48 | 000,464,232 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\DefAlert.dll
MOD - [2008/01/29 18:38:25 | 000,398,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
MOD - [2007/09/05 15:58:06 | 000,050,032 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\IMCfg.dll
MOD - [2007/07/06 15:24:32 | 000,128,888 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\UILICPLG.DLL
MOD - [2007/07/06 15:24:28 | 000,493,432 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL
MOD - [2007/07/06 15:24:26 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCHLPR2.DLL
MOD - [2007/07/06 15:24:24 | 000,090,488 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMICL.DLL
MOD - [2007/07/06 15:24:24 | 000,082,808 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMIDT.DLL
MOD - [2007/07/06 14:24:38 | 000,064,376 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\PEPEVNT.DLL
MOD - [2007/07/06 14:24:22 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\DATAPVDR.DLL
MOD - [2007/01/26 14:03:18 | 000,366,200 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ISDataCl.dll
MOD - [2007/01/19 17:36:48 | 000,070,240 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMAIL.DLL
MOD - [2007/01/19 17:36:46 | 000,290,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIFC.DLL
MOD - [2007/01/19 17:36:40 | 000,162,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVEXCLU.DLL
MOD - [2006/12/26 08:54:05 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
MOD - [2006/12/26 08:54:03 | 001,079,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
MOD - [2006/11/25 02:58:30 | 000,339,968 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLTinyDB.dll
MOD - [2006/11/25 02:58:26 | 000,057,407 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLAuMixer.dll
MOD - [2006/11/25 02:58:20 | 003,649,612 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\PCMRRec4.dll
MOD - [2006/11/25 02:58:12 | 000,245,848 | ---- | M] (Cyberlink) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapX.dll
MOD - [2006/11/25 02:58:12 | 000,237,662 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapEngine.dll
MOD - [2006/11/25 02:58:12 | 000,114,776 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSchMgr.dll
MOD - [2006/11/25 02:58:12 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvcps.dll
MOD - [2006/11/25 02:58:10 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\msvcp71.dll
MOD - [2006/11/25 02:58:10 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\msvcr71.dll
MOD - [2006/11/25 02:58:08 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\MFC71.dll
MOD - [2006/11/25 02:57:52 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
MOD - [2006/11/25 02:57:50 | 000,212,992 | ---- | M] (CyberLink corporate) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\DV\PCMDV_dvrecorder.dll
MOD - [2006/11/25 02:57:48 | 000,036,864 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\DV\PCMDV_dvinf.dll
MOD - [2006/11/25 02:57:46 | 000,046,080 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\common\CLRCEngine3.dll
MOD - [2006/11/23 19:24:54 | 000,319,488 | ---- | M] () -- C:\Windows\System32\SysMonitor.exe
MOD - [2006/11/21 00:45:22 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
MOD - [2006/11/21 00:45:14 | 000,278,704 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NCOItf.dll
MOD - [2006/11/21 00:44:36 | 000,013,928 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll
MOD - [2006/11/21 00:44:34 | 000,128,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
MOD - [2006/11/21 00:44:32 | 000,296,552 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvc.dll
MOD - [2006/11/21 00:44:32 | 000,145,000 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSet.dll
MOD - [2006/11/21 00:44:32 | 000,071,272 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
MOD - [2006/11/21 00:44:32 | 000,063,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProSub.dll
MOD - [2006/11/21 00:44:30 | 000,532,584 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccL60U.dll
MOD - [2006/11/21 00:44:30 | 000,206,440 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
MOD - [2006/11/21 00:44:28 | 000,345,704 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll
MOD - [2006/11/21 00:44:28 | 000,263,784 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
MOD - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
MOD - [2006/11/21 00:43:42 | 000,190,608 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll
MOD - [2006/11/21 00:43:42 | 000,059,536 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll
MOD - [2006/11/21 00:43:42 | 000,046,224 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll
MOD - [2006/11/21 00:42:26 | 000,421,008 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll
MOD - [2006/11/21 00:42:18 | 000,078,504 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\SetEvtHp.dll
MOD - [2006/11/21 00:42:16 | 000,097,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NisTray.dll
MOD - [2006/11/21 00:42:16 | 000,009,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NISTrRes.dll
MOD - [2006/11/21 00:42:08 | 000,231,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlert.dll
MOD - [2006/11/21 00:42:08 | 000,198,312 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwEvent.dll
MOD - [2006/11/21 00:42:08 | 000,021,160 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlRes.dll
MOD - [2006/11/21 00:42:02 | 000,074,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\AlertRes.dll
MOD - [2006/11/21 00:41:38 | 000,206,496 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.loc
MOD - [2006/11/21 00:41:36 | 000,226,976 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.dll
MOD - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
MOD - [2006/11/16 23:41:40 | 000,237,568 | ---- | M] (HiTRSUT) -- C:\Windows\System32\keyManager.dll
MOD - [2006/11/16 20:10:14 | 000,286,720 | ---- | M] (HiTRUST) -- C:\Windows\System32\sysenv.dll
MOD - [2006/11/16 14:19:32 | 000,109,568 | ---- | M] (HiTRUST) -- C:\Windows\System32\ADMIN_CLASS_LIB.dll
MOD - [2006/11/16 14:19:10 | 000,037,376 | ---- | M] () -- C:\Windows\System32\MSNChatHook.dll
MOD - [2006/11/16 14:18:54 | 000,120,832 | ---- | M] (HiTRUST) -- C:\Windows\System32\PSDUtil.dll
MOD - [2006/11/16 14:18:50 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2006/11/08 22:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
MOD - [2006/11/02 09:03:37 | 013,148,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\35a9f19f21aac42b979be321f1bb5fd4\System.Windows.Forms.ni.dll
MOD - [2006/11/02 09:03:23 | 001,617,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\70c145ed25af403aa899ffcb633350b1\System.Drawing.ni.dll
MOD - [2006/11/02 08:52:17 | 008,151,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll
MOD - [2006/11/02 08:52:04 | 011,628,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll
MOD - [2006/11/02 08:34:59 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2006/11/02 08:34:55 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2006/11/02 08:34:55 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2006/11/02 08:34:54 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
MOD - [2006/11/02 08:34:54 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
MOD - [2006/11/02 08:34:54 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
MOD - [2006/11/02 08:34:44 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
MOD - [2006/11/02 08:34:25 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2006/11/02 08:34:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2006/11/02 08:34:04 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2006/11/02 08:34:02 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
MOD - [2006/11/02 08:34:02 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2006/11/02 08:34:01 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
MOD - [2006/11/02 08:33:51 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
MOD - [2006/11/02 08:33:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2006/11/02 08:33:48 | 000,087,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpOAV.dll
MOD - [2006/11/02 08:33:45 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2006/11/02 05:46:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2006/11/02 05:46:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2006/11/02 05:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2006/11/02 05:46:13 | 000,889,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
MOD - [2006/11/02 05:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2006/11/02 05:46:13 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2006/11/02 05:46:13 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2006/11/02 05:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2006/11/02 05:46:13 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
MOD - [2006/11/02 05:46:13 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
MOD - [2006/11/02 05:46:13 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
MOD - [2006/11/02 05:46:13 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
MOD - [2006/11/02 05:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2006/11/02 05:46:12 | 001,822,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2006/11/02 05:46:12 | 001,327,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
MOD - [2006/11/02 05:46:12 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
MOD - [2006/11/02 05:46:12 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2006/11/02 05:46:12 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pautoenr.dll
MOD - [2006/11/02 05:46:12 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2006/11/02 05:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2006/11/02 05:46:11 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
MOD - [2006/11/02 05:46:11 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2006/11/02 05:46:11 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2006/11/02 05:46:10 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2006/11/02 05:46:06 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2006/11/02 05:46:06 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2006/11/02 05:46:06 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2006/11/02 05:46:05 | 001,162,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
MOD - [2006/11/02 05:46:05 | 001,139,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
MOD - [2006/11/02 05:46:05 | 000,543,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2006/11/02 05:46:05 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2006/11/02 05:46:05 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2006/11/02 05:46:05 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2006/11/02 05:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2006/11/02 05:46:04 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2006/11/02 05:46:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
MOD - [2006/11/02 05:46:04 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2006/11/02 05:46:03 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2006/11/02 05:46:03 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2006/11/02 05:46:03 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2006/11/02 05:46:03 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2006/11/02 05:46:03 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2006/11/02 05:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2006/11/02 05:46:03 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2006/11/02 05:46:02 | 001,984,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2006/11/02 05:46:02 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
MOD - [2006/11/02 05:46:02 | 000,398,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
MOD - [2006/11/02 05:46:02 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2006/11/02 05:46:02 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2006/11/02 05:46:02 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2006/11/02 05:44:42 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2006/11/02 05:44:42 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2006/11/02 05:39:30 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icmp.dll
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
MOD - [2006/11/02 05:38:56 | 001,744,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\GdiPlus.dll
MOD - [2006/11/02 05:38:56 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
MOD - [2006/11/02 04:22:05 | 002,628,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
MOD - [2006/09/29 17:13:28 | 000,401,408 | ---- | M] (HiTRUST) -- C:\Windows\System32\CryptoAPI.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/02/20 18:40:30 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006/11/21 00:42:52 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/11/21 00:42:12 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2006/11/02 08:33:48 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/05/18 04:00:00 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/05/18 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/10 04:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/10 04:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/02/20 19:51:49 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/01/08 04:34:22 | 000,287,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20110510.001\IDSvix86.sys -- (IDSvix86)
DRV - [2010/07/08 15:10:08 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/08/03 20:07:12 | 000,038,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/08/03 20:07:10 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/03 20:07:10 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/03 20:07:10 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/08/03 20:07:10 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/08/03 20:07:10 | 000,012,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/12/01 00:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/12/01 00:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/12/01 00:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/12/11 13:34:22 | 000,097,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/21 00:45:36 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/11/02 03:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/13 23:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2002/07/08 14:26:08 | 000,025,281 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enethusb.sys -- (ENETHUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolba...92de215329e46ad
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/04 19:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/04 19:01:41 | 000,000,000 | ---D | M]

[2011/02/20 15:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Extensions
[2011/02/20 21:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Firefox\Profiles\lbs0k2jh.default\extensions
[2011/06/12 16:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/14 12:33:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2009/08/14 12:33:30 | 000,091,480 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2009/08/14 12:33:26 | 000,020,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2007/03/16 17:33:48 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2007/03/16 17:33:48 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2007/03/16 17:33:50 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2011/03/27 13:59:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/08/14 12:35:40 | 000,427,344 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2009/08/14 12:33:22 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2011/06/12 15:00:41 | 000,001,211 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Mp3Tube.xml

O1 HOSTS File: ([2011/02/18 23:40:32 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Windows\System32\SysMonitor.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [osCheck] c:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PCMService] C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [捁牥吠畯r] File not found
O4 - HKCU..\Run: [捁牥吠畯⁲敒業摮牥] File not found
O4 - Startup: C:\Users\velcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/06 17:13:36 | 000,000,000 | ---D | C] -- C:\Windows\{7EBEACC7-A0C9-4DA4-9A63-3DC7D244B051}
[2011/08/06 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy
[2011/08/04 19:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/04 19:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/04 19:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/04 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/04 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Local\Apple
[2011/08/04 18:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/08/04 18:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/07/21 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\velcd\Documents\MakeDiscVideo
[2011/07/21 18:37:10 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\CyberLink
[2006/12/26 09:16:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 30 Days ==========

[2011/08/14 17:03:43 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/14 17:03:42 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/14 17:03:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/14 17:03:09 | 469,295,104 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/14 17:03:08 | 149,060,734 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/14 12:07:19 | 000,000,680 | ---- | M] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/08/06 17:26:54 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/06 17:26:54 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/06 13:01:53 | 000,000,051 | ---- | M] () -- C:\Windows\System32\drivers\etc\lmhosts
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

========== Files Created - No Company Name ==========

[2011/08/04 18:56:55 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/02/28 22:32:54 | 000,000,680 | ---- | C] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/02/20 19:54:45 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2011/02/20 15:56:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/18 18:10:35 | 000,004,608 | ---- | C] () -- C:\Users\velcd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/11 00:15:47 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2011/02/11 00:15:47 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2006/12/26 09:17:01 | 000,319,488 | ---- | C] () -- C:\Windows\System32\SysMonitor.exe
[2006/12/26 09:16:59 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006/12/26 09:12:36 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006/12/26 09:05:29 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006/12/26 08:36:38 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006/12/26 07:41:20 | 000,000,700 | ---- | C] () -- C:\Windows\generic.ini
[2006/12/26 07:41:20 | 000,000,095 | ---- | C] () -- C:\Windows\Alaunch.ini
[2006/11/16 14:20:38 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2006/11/16 14:20:20 | 000,200,704 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2006/11/16 14:20:10 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2006/11/16 14:19:10 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll
[2006/11/16 14:19:04 | 000,123,904 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2006/11/16 14:18:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2006/11/16 14:18:50 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/11/16 14:18:06 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/13 06:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 000,240,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2011/04/29 17:45:42 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\ICAClient
[2011/05/28 13:35:52 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\OpenOffice.org
[2011/05/27 16:25:11 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\W Photo Studio Viewer
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/08/12 12:01:06 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


Thanks for any help you can provide.

Edited by Boltskull, 14 August 2011 - 03:32 PM.

  • 0

Advertisements

#2
Essexboy
Posted 16 August 2011 - 12:24 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there could I have a fresh look at the system please

There will only be one log this time
  • Run OTL.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#3
Boltskull
Posted 16 August 2011 - 04:54 PM

Boltskull

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Thanks for your assistance.

OTL.Txt Log:

OTL logfile created on: 8/16/2011 6:02:11 PM - Run 2
OTL by OldTimer - Version 3.2.26.3 Folder = c:\Users\velcd\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.94 Mb Total Physical Memory | 118.05 Mb Available Physical Memory | 26.41% Memory free
1.41 Gb Paging File | 0.47 Gb Available in Paging File | 33.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 113.20 Gb Total Space | 99.78 Gb Free Space | 88.15% Space Free | Partition Type: NTFS
Drive D: | 112.85 Gb Total Space | 107.19 Gb Free Space | 94.98% Space Free | Partition Type: NTFS

Computer Name: VELCD-PC | User Name: velcd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- c:\Users\velcd\Downloads\OTL.exe
PRC - [2011/06/22 10:59:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/02/20 18:40:30 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/08/14 12:36:26 | 000,607,576 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\pnamain.exe
PRC - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
PRC - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
PRC - [2006/11/25 02:57:52 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
PRC - [2006/11/23 19:24:54 | 000,319,488 | ---- | M] () -- C:\Windows\System32\SysMonitor.exe
PRC - [2006/11/23 19:24:46 | 000,319,488 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2006/11/08 22:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe


========== Modules (SafeList) ==========

MOD - [2011/08/16 17:37:01 | 000,180,224 | ---- | M] (Softanics) -- C:\Users\velcd\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
MOD - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- c:\Users\velcd\Downloads\OTL.exe
MOD - [2011/08/04 18:58:33 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2011/08/04 18:58:32 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2011/06/25 10:46:49 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/06/22 10:59:20 | 011,812,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2011/06/22 10:59:19 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2011/06/22 10:59:18 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2011/06/22 10:59:17 | 000,505,816 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\sqlite3.dll
MOD - [2011/06/22 10:59:17 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2011/06/22 10:59:17 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2011/06/22 10:59:16 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2011/06/22 10:59:16 | 000,018,904 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2011/06/22 10:59:15 | 000,343,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2011/06/22 10:59:15 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2011/06/22 10:59:15 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2011/06/22 10:59:14 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcrt19.dll
MOD - [2011/06/22 10:59:14 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2011/06/22 10:59:14 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2011/06/22 10:59:13 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcpp19.dll
MOD - [2011/06/22 10:59:12 | 001,014,744 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/06/22 10:59:12 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2011/06/22 10:59:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2011/02/24 21:08:40 | 002,195,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffStateMc.dll
MOD - [2011/02/24 21:08:38 | 000,234,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffIpHelper.dll
MOD - [2011/02/24 21:08:38 | 000,200,608 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\affNdis.dll
MOD - [2011/02/24 21:08:36 | 000,022,944 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/02/24 21:08:34 | 000,139,680 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffCrypto.dll
MOD - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
MOD - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
MOD - [2011/02/24 20:39:00 | 000,658,432 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2011/02/19 00:33:29 | 000,053,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
MOD - [2011/02/19 00:33:23 | 003,765,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90.dll
MOD - [2011/02/19 00:33:19 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2011/02/19 00:33:19 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2011/02/15 13:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2011/02/15 13:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2011/02/15 13:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2011/02/15 13:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2011/02/15 12:30:52 | 000,118,784 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Belkin\Router Setup and Monitor\W32N55.dll
MOD - [2011/02/15 12:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
MOD - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
MOD - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
MOD - [2009/08/18 18:27:02 | 000,326,144 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sofficeapp.dll
MOD - [2009/08/18 15:54:22 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/08/14 12:43:42 | 000,437,592 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\resource\en\pnamaiUI.dll
MOD - [2009/08/14 12:41:58 | 000,010,584 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\resource\en\ctxmuiUI.dll
MOD - [2009/08/14 12:36:26 | 000,607,576 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\pnamain.exe
MOD - [2009/08/14 12:34:12 | 000,206,160 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\ctxmui.dll
MOD - [2009/08/05 16:05:20 | 000,949,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\comphelp4MSC.dll
MOD - [2009/08/03 20:27:18 | 000,625,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymNeti.dll
MOD - [2009/08/03 20:27:16 | 000,242,056 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymRedir.dll
MOD - [2009/07/28 04:06:52 | 001,870,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\tkmi.dll
MOD - [2009/07/28 03:43:32 | 003,073,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\vclmi.dll
MOD - [2009/07/17 16:24:38 | 000,280,576 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\oleautobridge.uno.dll
MOD - [2009/07/17 15:14:40 | 000,089,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\oooimprovementmi.dll
MOD - [2009/07/17 11:12:14 | 003,121,664 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sfxmi.dll
MOD - [2009/07/17 10:38:46 | 002,886,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\svtmi.dll
MOD - [2009/07/17 10:06:34 | 000,574,464 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\basegfxmi.dll
MOD - [2009/07/02 15:10:38 | 000,243,712 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucpfile1.dll
MOD - [2009/07/02 15:06:42 | 000,197,632 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucb1.dll
MOD - [2009/06/26 09:34:30 | 000,052,224 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
MOD - [2009/06/10 10:28:34 | 000,089,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
MOD - [2009/04/22 18:03:50 | 000,067,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\i18nutilMSC.dll
MOD - [2009/04/16 16:02:02 | 001,310,720 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sbmi.dll
MOD - [2009/04/16 15:14:36 | 001,880,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwkmi.dll
MOD - [2009/04/16 15:11:32 | 000,106,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwlmi.dll
MOD - [2009/04/16 15:11:14 | 000,849,408 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwemi.dll
MOD - [2009/04/16 15:09:30 | 000,299,008 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwimi.dll
MOD - [2009/04/16 14:43:14 | 000,032,768 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\jmi_g.dll
MOD - [2009/04/16 14:35:34 | 000,730,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\svlmi.dll
MOD - [2009/04/16 14:17:10 | 000,030,208 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\localebe1.uno.dll
MOD - [2009/04/16 14:03:48 | 001,432,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\configmgr2.uno.dll
MOD - [2009/04/16 14:03:20 | 000,257,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sotmi.dll
MOD - [2009/04/16 14:01:22 | 000,037,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sysmgr1.uno.dll
MOD - [2009/04/16 14:01:16 | 000,031,232 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\behelper.uno.dll
MOD - [2009/04/16 13:59:46 | 000,465,920 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\utlmi.dll
MOD - [2009/04/16 13:59:16 | 000,529,920 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\xcrmi.dll
MOD - [2009/04/16 13:56:08 | 000,510,464 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\tlmi.dll
MOD - [2009/04/16 13:45:52 | 000,024,576 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\i18nisolang1MSC.dll
MOD - [2009/04/16 13:44:22 | 000,092,672 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
MOD - [2009/04/16 13:44:16 | 000,453,632 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
MOD - [2009/04/16 13:40:08 | 000,135,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sax.uno.dll
MOD - [2009/04/16 13:39:48 | 000,148,992 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\emsermi.dll
MOD - [2009/04/16 13:39:10 | 000,080,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\saxmi.dll
MOD - [2009/04/16 13:35:02 | 000,356,864 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucbhelper4MSC.dll
MOD - [2009/04/16 13:32:40 | 000,431,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
MOD - [2009/04/16 13:31:24 | 000,024,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\jvmaccess3MSC.dll
MOD - [2009/04/16 13:30:48 | 013,912,064 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\Basis\program\icudt40.dll
MOD - [2009/04/16 13:30:42 | 000,949,760 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\Basis\program\icuuc40.dll
MOD - [2009/04/16 13:29:48 | 000,012,800 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\unsafe_uno_uno.dll
MOD - [2009/04/16 13:29:36 | 000,018,432 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\purpenvhelper3MSC.dll
MOD - [2009/04/16 13:29:32 | 000,143,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
MOD - [2009/04/16 13:11:48 | 000,093,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
MOD - [2009/04/16 13:09:30 | 000,078,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
MOD - [2009/04/16 13:08:36 | 000,094,208 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\vos3MSC.dll
MOD - [2009/04/16 13:07:56 | 000,013,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
MOD - [2009/04/16 13:05:20 | 001,732,608 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
MOD - [2009/04/16 13:03:58 | 000,086,016 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll
MOD - [2009/04/16 12:57:36 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
MOD - [2008/09/22 18:09:34 | 000,669,048 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll
MOD - [2008/09/22 18:09:22 | 000,142,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\npcTray.dll
MOD - [2008/07/30 18:42:18 | 000,398,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll
MOD - [2008/07/30 18:42:18 | 000,283,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll
MOD - [2008/07/16 16:42:06 | 000,305,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\ISLAlert.dll
MOD - [2008/07/10 13:37:48 | 000,464,232 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\DefAlert.dll
MOD - [2008/01/29 18:38:25 | 000,398,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
MOD - [2007/09/05 15:58:06 | 000,050,032 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\IMCfg.dll
MOD - [2007/07/06 15:24:32 | 000,128,888 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\UILICPLG.DLL
MOD - [2007/07/06 15:24:28 | 000,493,432 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL
MOD - [2007/07/06 15:24:26 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCHLPR2.DLL
MOD - [2007/07/06 15:24:24 | 000,090,488 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMICL.DLL
MOD - [2007/07/06 15:24:24 | 000,082,808 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMIDT.DLL
MOD - [2007/07/06 14:24:38 | 000,064,376 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\PEPEVNT.DLL
MOD - [2007/07/06 14:24:22 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\DATAPVDR.DLL
MOD - [2007/01/26 14:03:18 | 000,366,200 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ISDataCl.dll
MOD - [2007/01/19 17:36:48 | 000,070,240 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMAIL.DLL
MOD - [2007/01/19 17:36:46 | 000,290,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIFC.DLL
MOD - [2007/01/19 17:36:40 | 000,162,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVEXCLU.DLL
MOD - [2006/12/26 08:54:05 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
MOD - [2006/12/26 08:54:03 | 001,079,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
MOD - [2006/12/26 08:53:59 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.dll
MOD - [2006/12/04 09:15:26 | 000,147,456 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\EmodeUI.dll
MOD - [2006/11/25 02:58:30 | 000,339,968 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLTinyDB.dll
MOD - [2006/11/25 02:58:26 | 000,057,407 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLAuMixer.dll
MOD - [2006/11/25 02:58:20 | 003,649,612 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\PCMRRec4.dll
MOD - [2006/11/25 02:58:12 | 000,245,848 | ---- | M] (Cyberlink) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapX.dll
MOD - [2006/11/25 02:58:12 | 000,237,662 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapEngine.dll
MOD - [2006/11/25 02:58:12 | 000,114,776 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSchMgr.dll
MOD - [2006/11/25 02:58:12 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvcps.dll
MOD - [2006/11/25 02:58:10 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\msvcp71.dll
MOD - [2006/11/25 02:58:10 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\msvcr71.dll
MOD - [2006/11/25 02:58:08 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\MFC71.dll
MOD - [2006/11/25 02:57:52 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
MOD - [2006/11/25 02:57:50 | 000,212,992 | ---- | M] (CyberLink corporate) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\DV\PCMDV_dvrecorder.dll
MOD - [2006/11/25 02:57:48 | 000,036,864 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\DV\PCMDV_dvinf.dll
MOD - [2006/11/25 02:57:46 | 000,046,080 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\common\CLRCEngine3.dll
MOD - [2006/11/23 19:24:54 | 000,319,488 | ---- | M] () -- C:\Windows\System32\SysMonitor.exe
MOD - [2006/11/23 19:24:46 | 000,319,488 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
MOD - [2006/11/23 19:24:42 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2006/11/23 19:24:32 | 001,671,168 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.LaunchBarView.dll
MOD - [2006/11/23 19:24:26 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Shared.UI.dll
MOD - [2006/11/23 19:24:26 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Presenter.dll
MOD - [2006/11/23 19:24:26 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2006/11/23 19:24:24 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Host.dll
MOD - [2006/11/23 19:24:24 | 000,032,768 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\acer.empowering.framework.shared.dll
MOD - [2006/11/23 19:24:24 | 000,020,480 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Interface.dll
MOD - [2006/11/22 18:44:36 | 001,323,008 | ---- | M] (Acer inc.) -- C:\Acer\Empowering Technology\acer.empowering.windows.forms.dll
MOD - [2006/11/21 00:45:22 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
MOD - [2006/11/21 00:45:14 | 000,278,704 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NCOItf.dll
MOD - [2006/11/21 00:44:36 | 000,013,928 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll
MOD - [2006/11/21 00:44:34 | 000,259,688 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccWebWnd.dll
MOD - [2006/11/21 00:44:34 | 000,128,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
MOD - [2006/11/21 00:44:32 | 000,296,552 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvc.dll
MOD - [2006/11/21 00:44:32 | 000,145,000 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSet.dll
MOD - [2006/11/21 00:44:32 | 000,071,272 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
MOD - [2006/11/21 00:44:32 | 000,063,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProSub.dll
MOD - [2006/11/21 00:44:30 | 000,532,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccL60U.dll
MOD - [2006/11/21 00:44:30 | 000,206,440 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
MOD - [2006/11/21 00:44:28 | 000,345,704 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll
MOD - [2006/11/21 00:44:28 | 000,263,784 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
MOD - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
MOD - [2006/11/21 00:43:42 | 000,190,608 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll
MOD - [2006/11/21 00:43:42 | 000,059,536 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll
MOD - [2006/11/21 00:43:42 | 000,046,224 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll
MOD - [2006/11/21 00:42:50 | 000,163,496 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Options\CLTWrap2.dll
MOD - [2006/11/21 00:42:26 | 000,421,008 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll
MOD - [2006/11/21 00:42:26 | 000,041,104 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll
MOD - [2006/11/21 00:42:24 | 000,033,936 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll
MOD - [2006/11/21 00:42:18 | 000,078,504 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\SetEvtHp.dll
MOD - [2006/11/21 00:42:16 | 000,097,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NisTray.dll
MOD - [2006/11/21 00:42:16 | 000,009,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NISTrRes.dll
MOD - [2006/11/21 00:42:08 | 000,231,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlert.dll
MOD - [2006/11/21 00:42:08 | 000,198,312 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwEvent.dll
MOD - [2006/11/21 00:42:08 | 000,021,160 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlRes.dll
MOD - [2006/11/21 00:42:02 | 000,074,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\AlertRes.dll
MOD - [2006/11/21 00:41:44 | 000,325,280 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NavOpts.loc
MOD - [2006/11/21 00:41:42 | 000,468,640 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NAVOpts.dll
MOD - [2006/11/21 00:41:42 | 000,008,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NavError.loc
MOD - [2006/11/21 00:41:40 | 000,083,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NAVError.dll
MOD - [2006/11/21 00:41:38 | 000,206,496 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.loc
MOD - [2006/11/21 00:41:36 | 000,226,976 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.dll
MOD - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
MOD - [2006/11/16 23:41:40 | 000,237,568 | ---- | M] (HiTRSUT) -- C:\Windows\System32\keyManager.dll
MOD - [2006/11/16 20:10:14 | 000,286,720 | ---- | M] (HiTRUST) -- C:\Windows\System32\sysenv.dll
MOD - [2006/11/16 14:20:46 | 000,172,032 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\eDSplugin.dll
MOD - [2006/11/16 14:20:26 | 000,299,008 | ---- | M] (HiTRUST) -- C:\Windows\System32\ActiveToolBand.dll
MOD - [2006/11/16 14:19:32 | 000,109,568 | ---- | M] (HiTRUST) -- C:\Windows\System32\ADMIN_CLASS_LIB.dll
MOD - [2006/11/16 14:19:10 | 000,037,376 | ---- | M] () -- C:\Windows\System32\MSNChatHook.dll
MOD - [2006/11/16 14:18:54 | 000,120,832 | ---- | M] (HiTRUST) -- C:\Windows\System32\PSDUtil.dll
MOD - [2006/11/16 14:18:50 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2006/11/16 14:18:36 | 000,151,552 | ---- | M] (HiTRUST) -- C:\Windows\System32\eDStoolbar.dll
MOD - [2006/11/12 22:35:10 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll
MOD - [2006/11/12 22:34:46 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll
MOD - [2006/11/12 22:34:46 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll
MOD - [2006/11/12 22:34:46 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll
MOD - [2006/11/12 22:34:44 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll
MOD - [2006/11/12 22:34:44 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\MemCheck.Interface.dll
MOD - [2006/11/08 22:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
MOD - [2006/11/02 09:07:06 | 001,060,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3fe3f7ba542ab78e52e49d19640a7e64\System.Management.ni.dll
MOD - [2006/11/02 09:03:53 | 000,815,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\bf5e1558dda3eb1bd0513a9e7f6c9e52\System.Runtime.Remoting.ni.dll
MOD - [2006/11/02 09:03:37 | 013,148,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\35a9f19f21aac42b979be321f1bb5fd4\System.Windows.Forms.ni.dll
MOD - [2006/11/02 09:03:23 | 001,617,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\70c145ed25af403aa899ffcb633350b1\System.Drawing.ni.dll
MOD - [2006/11/02 09:03:14 | 005,619,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f76a7622c73e26e4d2daf54068d7ff79\System.Xml.ni.dll
MOD - [2006/11/02 09:02:48 | 001,003,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d7b63c1d2ab17ac3cc24881c4ff78b63\System.Configuration.ni.dll
MOD - [2006/11/02 09:02:47 | 000,229,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\61b951bd03727a096c1c02cb18d5ce30\System.ServiceProcess.ni.dll
MOD - [2006/11/02 08:52:17 | 008,151,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll
MOD - [2006/11/02 08:52:04 | 011,628,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll
MOD - [2006/11/02 08:34:59 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2006/11/02 08:34:55 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2006/11/02 08:34:55 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2006/11/02 08:34:54 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
MOD - [2006/11/02 08:34:54 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
MOD - [2006/11/02 08:34:54 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
MOD - [2006/11/02 08:34:48 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
MOD - [2006/11/02 08:34:25 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2006/11/02 08:34:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2006/11/02 08:34:04 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2006/11/02 08:34:02 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
MOD - [2006/11/02 08:34:02 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2006/11/02 08:34:01 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
MOD - [2006/11/02 08:33:51 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
MOD - [2006/11/02 08:33:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2006/11/02 08:33:45 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2006/11/02 05:46:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2006/11/02 05:46:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2006/11/02 05:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2006/11/02 05:46:13 | 000,889,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
MOD - [2006/11/02 05:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2006/11/02 05:46:13 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2006/11/02 05:46:13 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2006/11/02 05:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2006/11/02 05:46:13 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
MOD - [2006/11/02 05:46:13 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
MOD - [2006/11/02 05:46:13 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
MOD - [2006/11/02 05:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2006/11/02 05:46:13 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
MOD - [2006/11/02 05:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
MOD - [2006/11/02 05:46:12 | 001,822,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2006/11/02 05:46:12 | 001,327,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
MOD - [2006/11/02 05:46:12 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
MOD - [2006/11/02 05:46:12 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2006/11/02 05:46:12 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pautoenr.dll
MOD - [2006/11/02 05:46:12 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2006/11/02 05:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2006/11/02 05:46:11 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
MOD - [2006/11/02 05:46:11 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2006/11/02 05:46:11 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2006/11/02 05:46:10 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2006/11/02 05:46:09 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2006/11/02 05:46:07 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
MOD - [2006/11/02 05:46:06 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2006/11/02 05:46:06 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2006/11/02 05:46:06 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2006/11/02 05:46:05 | 002,014,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
MOD - [2006/11/02 05:46:05 | 001,162,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
MOD - [2006/11/02 05:46:05 | 001,139,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
MOD - [2006/11/02 05:46:05 | 000,543,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2006/11/02 05:46:05 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2006/11/02 05:46:05 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2006/11/02 05:46:05 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2006/11/02 05:46:05 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
MOD - [2006/11/02 05:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2006/11/02 05:46:04 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2006/11/02 05:46:04 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2006/11/02 05:46:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
MOD - [2006/11/02 05:46:04 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2006/11/02 05:46:03 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2006/11/02 05:46:03 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2006/11/02 05:46:03 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2006/11/02 05:46:03 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2006/11/02 05:46:03 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2006/11/02 05:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2006/11/02 05:46:03 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2006/11/02 05:46:02 | 001,984,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2006/11/02 05:46:02 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
MOD - [2006/11/02 05:46:02 | 000,398,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
MOD - [2006/11/02 05:46:02 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2006/11/02 05:46:02 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2006/11/02 05:46:02 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2006/11/02 05:44:42 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2006/11/02 05:44:42 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2006/11/02 05:39:30 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icmp.dll
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
MOD - [2006/11/02 05:38:56 | 001,744,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\GdiPlus.dll
MOD - [2006/11/02 05:38:56 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
MOD - [2006/11/02 04:22:05 | 002,628,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
MOD - [2006/09/29 17:13:28 | 000,401,408 | ---- | M] (HiTRUST) -- C:\Windows\System32\CryptoAPI.dll
MOD - [2006/08/04 13:43:32 | 000,270,336 | ---- | M] (The Apache Software Foundation) -- C:\Acer\Empowering Technology\log4net.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/02/20 18:40:30 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006/11/21 00:42:52 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/11/21 00:42:12 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2006/11/02 08:33:48 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/02 05:46:14 | 000,376,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)


========== Driver Services (SafeList) ==========

DRV - [2011/05/18 04:00:00 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/05/18 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/10 04:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/10 04:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/02/20 19:51:49 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/01/08 04:34:22 | 000,287,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20110510.001\IDSvix86.sys -- (IDSvix86)
DRV - [2010/07/08 15:10:08 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/08/03 20:07:12 | 000,038,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/08/03 20:07:10 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/03 20:07:10 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/03 20:07:10 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/08/03 20:07:10 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/08/03 20:07:10 | 000,012,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/12/01 00:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/12/01 00:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/12/01 00:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/12/11 13:34:22 | 000,097,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/21 00:45:36 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/11/02 03:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/13 23:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2002/07/08 14:26:08 | 000,025,281 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enethusb.sys -- (ENETHUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolba...92de215329e46ad
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/04 19:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/04 19:01:41 | 000,000,000 | ---D | M]

[2011/02/20 15:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Extensions
[2011/02/20 21:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Firefox\Profiles\lbs0k2jh.default\extensions
[2011/06/12 16:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/14 12:33:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2009/08/14 12:33:30 | 000,091,480 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2009/08/14 12:33:26 | 000,020,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2007/03/16 17:33:48 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2007/03/16 17:33:48 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2007/03/16 17:33:50 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2011/03/27 13:59:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/08/14 12:35:40 | 000,427,344 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2009/08/14 12:33:22 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2011/06/12 15:00:41 | 000,001,211 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Mp3Tube.xml

O1 HOSTS File: ([2011/02/18 23:40:32 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Windows\System32\SysMonitor.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [osCheck] c:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PCMService] C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [捁牥吠畯r] File not found
O4 - HKCU..\Run: [捁牥吠畯⁲敒業摮牥] File not found
O4 - Startup: C:\Users\velcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/08/15 22:07:55 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\Citrix
[2011/08/06 17:13:36 | 000,000,000 | ---D | C] -- C:\Windows\{7EBEACC7-A0C9-4DA4-9A63-3DC7D244B051}
[2011/08/06 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy
[2011/08/04 19:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/04 19:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/04 19:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/04 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/04 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Local\Apple
[2011/08/04 18:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/08/04 18:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/07/21 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\velcd\Documents\MakeDiscVideo
[2011/07/21 18:37:10 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\CyberLink
[2006/12/26 09:16:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 30 Days ==========

[2011/08/16 17:32:35 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/16 17:32:35 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/16 17:32:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/16 17:32:01 | 469,295,104 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/16 17:32:00 | 180,489,342 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/14 12:07:19 | 000,000,680 | ---- | M] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/08/06 17:26:54 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/06 17:26:54 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/06 13:01:53 | 000,000,051 | ---- | M] () -- C:\Windows\System32\drivers\etc\lmhosts
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

========== Files Created - No Company Name ==========

[2011/08/04 18:56:55 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/02/28 22:32:54 | 000,000,680 | ---- | C] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/02/20 19:54:45 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2011/02/20 15:56:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/18 18:10:35 | 000,004,608 | ---- | C] () -- C:\Users\velcd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/11 00:15:47 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2011/02/11 00:15:47 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2006/12/26 09:17:01 | 000,319,488 | ---- | C] () -- C:\Windows\System32\SysMonitor.exe
[2006/12/26 09:16:59 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006/12/26 09:12:36 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006/12/26 09:05:29 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006/12/26 08:36:38 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006/12/26 07:41:20 | 000,000,700 | ---- | C] () -- C:\Windows\generic.ini
[2006/12/26 07:41:20 | 000,000,095 | ---- | C] () -- C:\Windows\Alaunch.ini
[2006/11/16 14:20:38 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2006/11/16 14:20:20 | 000,200,704 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2006/11/16 14:20:10 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2006/11/16 14:19:10 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll
[2006/11/16 14:19:04 | 000,123,904 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2006/11/16 14:18:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2006/11/16 14:18:50 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/11/16 14:18:06 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/13 06:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 000,240,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2011/08/15 22:07:55 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\Citrix
[2011/04/29 17:45:42 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\ICAClient
[2011/05/28 13:35:52 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\OpenOffice.org
[2011/05/27 16:25:11 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\W Photo Studio Viewer
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/08/16 16:52:22 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\explorer.exe
[2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

< MD5 for: SVCHOST.EXE >
[2006/11/02 05:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006/11/02 05:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe

< MD5 for: USERINIT.EXE >
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

< End of report >

Unfortunately, the Extras.Txt log was not created. I deleted the one from the Aug. 14th prior to this last scan.

aswMbr Log:

aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-16 18:41:37
-----------------------------
18:41:37.346 OS Version: Windows 6.0.6000
18:41:37.346 Number of processors: 2 586 0x6B01
18:41:37.348 ComputerName: VELCD-PC UserName: velcd
18:41:41.039 Initialize success
18:42:24.886 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000032
18:42:24.892 Disk 0 Vendor: Hitachi_ V5DO Size: 238475MB BusType: 6
18:42:24.899 Device \Device\0000005f -> \??\SCSI#Disk&Ven_Hitachi&Prod_HDT725025VLA#4&311ed49&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} not found
18:42:24.908 Disk 0 MBR read error 0
18:42:24.916 Disk 0 MBR scan
18:42:24.926 Disk 0 unknown MBR code
18:42:24.938 MBR BIOS signature not found 0
18:42:24.952 Disk 0 scanning sectors +488392065
18:42:24.998 Disk 0 scanning C:\Windows\system32\drivers
18:42:30.469 Service scanning
18:42:36.075 Modules scanning
18:43:09.790 Disk 0 trace - called modules:
18:43:09.837 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x845d67af]<<
18:43:09.851 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x845b95e0]
18:43:09.909 3 ntkrnlpa.exe[81cb06e2] -> nt!IofCallDriver -> [0x83f7c4d0]
18:43:09.934 5 acpi.sys[806d732a] -> nt!IofCallDriver -> [0x83f7c6f0]
18:43:09.954 \Driver\nvstor32[0x845be7e0] -> IRP_MJ_CREATE -> 0x845d67af
18:43:09.975 Scan finished successfully

Thanks Again.
  • 0

#4
Essexboy
Posted 17 August 2011 - 11:04 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets remove what I can see and then progress from there

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O4 - HKCU..\Run: [捁牥吠畯r] File not found
    O4 - HKCU..\Run: [捁牥吠畯⁲敒業摮牥] File not found
    [2011/08/06 13:01:53 | 000,000,051 | ---- | M] () -- C:\Windows\System32\drivers\etc\lmhosts

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please read carefully and follow these steps.
  • DownloadTDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

    Posted Image
  • If an infected file is detected, the default action will be Cure, click on Continue.

    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    Posted Image
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    Posted Image
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 0

#5
Boltskull
Posted 17 August 2011 - 09:03 PM

Boltskull

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Please see the two requested logs. Your help is greatly appreciated. Thanks again.

OTL Log:

OTL logfile created on: 8/17/2011 6:19:03 PM - Run 3
OTL by OldTimer - Version 3.2.26.3 Folder = c:\Users\velcd\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.94 Mb Total Physical Memory | 87.43 Mb Available Physical Memory | 19.56% Memory free
1.41 Gb Paging File | 0.61 Gb Available in Paging File | 43.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 113.20 Gb Total Space | 101.73 Gb Free Space | 89.87% Space Free | Partition Type: NTFS
Drive D: | 112.85 Gb Total Space | 107.19 Gb Free Space | 94.98% Space Free | Partition Type: NTFS

Computer Name: VELCD-PC | User Name: velcd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- c:\Users\velcd\Downloads\OTL.exe
PRC - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/08/14 12:36:26 | 000,607,576 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\pnamain.exe
PRC - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
PRC - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
PRC - [2006/11/25 02:57:52 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
PRC - [2006/11/23 19:24:54 | 000,319,488 | ---- | M] () -- C:\Windows\System32\SysMonitor.exe
PRC - [2006/11/23 19:24:46 | 000,319,488 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2006/11/08 22:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe


========== Modules (SafeList) ==========

MOD - [2011/08/17 18:11:18 | 000,180,224 | ---- | M] (Softanics) -- C:\Users\velcd\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
MOD - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- c:\Users\velcd\Downloads\OTL.exe
MOD - [2011/08/04 18:58:33 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2011/08/04 18:58:32 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2011/02/24 21:08:40 | 002,195,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffStateMc.dll
MOD - [2011/02/24 21:08:38 | 000,234,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffIpHelper.dll
MOD - [2011/02/24 21:08:38 | 000,200,608 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\affNdis.dll
MOD - [2011/02/24 21:08:36 | 000,022,944 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/02/24 21:08:34 | 000,139,680 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffCrypto.dll
MOD - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
MOD - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
MOD - [2011/02/24 20:39:00 | 000,658,432 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2011/02/19 00:33:29 | 000,053,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
MOD - [2011/02/19 00:33:23 | 003,765,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90.dll
MOD - [2011/02/19 00:33:19 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2011/02/19 00:33:19 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2011/02/15 13:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2011/02/15 13:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2011/02/15 13:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2011/02/15 13:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2011/02/15 12:30:52 | 000,118,784 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Belkin\Router Setup and Monitor\W32N55.dll
MOD - [2011/02/15 12:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
MOD - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
MOD - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
MOD - [2009/08/18 18:27:02 | 000,326,144 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sofficeapp.dll
MOD - [2009/08/18 15:54:22 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/08/14 12:43:42 | 000,437,592 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\resource\en\pnamaiUI.dll
MOD - [2009/08/14 12:41:58 | 000,010,584 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\resource\en\ctxmuiUI.dll
MOD - [2009/08/14 12:36:26 | 000,607,576 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\pnamain.exe
MOD - [2009/08/14 12:34:12 | 000,206,160 | ---- | M] (Citrix Systems, Inc.) -- D:\Program Files\Citrix\ICA Client\ctxmui.dll
MOD - [2009/08/05 16:05:20 | 000,949,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\comphelp4MSC.dll
MOD - [2009/08/03 20:27:18 | 000,625,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymNeti.dll
MOD - [2009/08/03 20:27:16 | 000,242,056 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymRedir.dll
MOD - [2009/07/28 04:06:52 | 001,870,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\tkmi.dll
MOD - [2009/07/28 03:43:32 | 003,073,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\vclmi.dll
MOD - [2009/07/17 16:24:38 | 000,280,576 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\oleautobridge.uno.dll
MOD - [2009/07/17 15:14:40 | 000,089,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\oooimprovementmi.dll
MOD - [2009/07/17 11:12:14 | 003,121,664 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sfxmi.dll
MOD - [2009/07/17 10:38:46 | 002,886,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\svtmi.dll
MOD - [2009/07/17 10:06:34 | 000,574,464 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\basegfxmi.dll
MOD - [2009/07/02 15:10:38 | 000,243,712 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucpfile1.dll
MOD - [2009/07/02 15:06:42 | 000,197,632 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucb1.dll
MOD - [2009/06/26 09:34:30 | 000,052,224 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
MOD - [2009/06/10 10:28:34 | 000,089,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
MOD - [2009/04/22 18:03:50 | 000,067,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\i18nutilMSC.dll
MOD - [2009/04/16 16:02:02 | 001,310,720 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sbmi.dll
MOD - [2009/04/16 15:14:36 | 001,880,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwkmi.dll
MOD - [2009/04/16 15:11:32 | 000,106,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwlmi.dll
MOD - [2009/04/16 15:11:14 | 000,849,408 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwemi.dll
MOD - [2009/04/16 15:09:30 | 000,299,008 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\fwimi.dll
MOD - [2009/04/16 14:43:14 | 000,032,768 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\jmi_g.dll
MOD - [2009/04/16 14:35:34 | 000,730,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\svlmi.dll
MOD - [2009/04/16 14:17:10 | 000,030,208 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\localebe1.uno.dll
MOD - [2009/04/16 14:03:48 | 001,432,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\configmgr2.uno.dll
MOD - [2009/04/16 14:03:20 | 000,257,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sotmi.dll
MOD - [2009/04/16 14:01:22 | 000,037,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sysmgr1.uno.dll
MOD - [2009/04/16 14:01:16 | 000,031,232 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\behelper.uno.dll
MOD - [2009/04/16 13:59:46 | 000,465,920 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\utlmi.dll
MOD - [2009/04/16 13:59:16 | 000,529,920 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\xcrmi.dll
MOD - [2009/04/16 13:56:08 | 000,510,464 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\tlmi.dll
MOD - [2009/04/16 13:45:52 | 000,024,576 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\i18nisolang1MSC.dll
MOD - [2009/04/16 13:44:22 | 000,092,672 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
MOD - [2009/04/16 13:44:16 | 000,453,632 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
MOD - [2009/04/16 13:40:08 | 000,135,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\sax.uno.dll
MOD - [2009/04/16 13:39:48 | 000,148,992 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\emsermi.dll
MOD - [2009/04/16 13:39:10 | 000,080,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\saxmi.dll
MOD - [2009/04/16 13:35:02 | 000,356,864 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\ucbhelper4MSC.dll
MOD - [2009/04/16 13:32:40 | 000,431,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
MOD - [2009/04/16 13:31:24 | 000,024,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\jvmaccess3MSC.dll
MOD - [2009/04/16 13:30:48 | 013,912,064 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\Basis\program\icudt40.dll
MOD - [2009/04/16 13:30:42 | 000,949,760 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\Basis\program\icuuc40.dll
MOD - [2009/04/16 13:29:48 | 000,012,800 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\unsafe_uno_uno.dll
MOD - [2009/04/16 13:29:36 | 000,018,432 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\purpenvhelper3MSC.dll
MOD - [2009/04/16 13:29:32 | 000,143,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
MOD - [2009/04/16 13:11:48 | 000,093,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
MOD - [2009/04/16 13:09:30 | 000,078,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
MOD - [2009/04/16 13:08:36 | 000,094,208 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\vos3MSC.dll
MOD - [2009/04/16 13:07:56 | 000,013,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
MOD - [2009/04/16 13:05:20 | 001,732,608 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
MOD - [2009/04/16 13:03:58 | 000,086,016 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll
MOD - [2009/04/16 12:57:36 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
MOD - [2008/09/22 18:09:34 | 000,669,048 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll
MOD - [2008/09/22 18:09:22 | 000,142,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\npcTray.dll
MOD - [2008/07/30 18:42:18 | 000,398,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll
MOD - [2008/07/30 18:42:18 | 000,283,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll
MOD - [2008/07/16 16:42:06 | 000,305,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\ISLAlert.dll
MOD - [2008/07/10 13:37:48 | 000,464,232 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\DefAlert.dll
MOD - [2008/01/29 18:38:25 | 000,398,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
MOD - [2007/09/05 15:58:06 | 000,050,032 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\IMCfg.dll
MOD - [2007/07/06 15:24:32 | 000,128,888 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\UILICPLG.DLL
MOD - [2007/07/06 15:24:28 | 000,493,432 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL
MOD - [2007/07/06 15:24:26 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCHLPR2.DLL
MOD - [2007/07/06 15:24:24 | 000,090,488 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMICL.DLL
MOD - [2007/07/06 15:24:24 | 000,082,808 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMIDT.DLL
MOD - [2007/07/06 14:24:38 | 000,064,376 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\PEPEVNT.DLL
MOD - [2007/07/06 14:24:22 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\DATAPVDR.DLL
MOD - [2007/01/26 14:03:18 | 000,366,200 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ISDataCl.dll
MOD - [2007/01/19 17:36:48 | 000,070,240 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMAIL.DLL
MOD - [2007/01/19 17:36:46 | 000,290,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIFC.DLL
MOD - [2007/01/19 17:36:40 | 000,162,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVEXCLU.DLL
MOD - [2006/12/26 08:54:05 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
MOD - [2006/12/26 08:54:03 | 001,079,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
MOD - [2006/12/04 09:15:26 | 000,147,456 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\EmodeUI.dll
MOD - [2006/11/25 02:58:30 | 000,339,968 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLTinyDB.dll
MOD - [2006/11/25 02:58:26 | 000,057,407 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLAuMixer.dll
MOD - [2006/11/25 02:58:20 | 003,649,612 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\PCMRRec4.dll
MOD - [2006/11/25 02:58:12 | 000,245,848 | ---- | M] (Cyberlink) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapX.dll
MOD - [2006/11/25 02:58:12 | 000,237,662 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapEngine.dll
MOD - [2006/11/25 02:58:12 | 000,114,776 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSchMgr.dll
MOD - [2006/11/25 02:58:12 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvcps.dll
MOD - [2006/11/25 02:58:10 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\msvcp71.dll
MOD - [2006/11/25 02:58:10 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\msvcr71.dll
MOD - [2006/11/25 02:58:08 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Acer\Empowering Technology\eMode\PCM\MFC71.dll
MOD - [2006/11/25 02:57:52 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
MOD - [2006/11/25 02:57:50 | 000,212,992 | ---- | M] (CyberLink corporate) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\DV\PCMDV_dvrecorder.dll
MOD - [2006/11/25 02:57:48 | 000,036,864 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\DV\PCMDV_dvinf.dll
MOD - [2006/11/25 02:57:46 | 000,046,080 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\common\CLRCEngine3.dll
MOD - [2006/11/23 19:24:54 | 000,319,488 | ---- | M] () -- C:\Windows\System32\SysMonitor.exe
MOD - [2006/11/23 19:24:46 | 000,319,488 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
MOD - [2006/11/23 19:24:42 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2006/11/23 19:24:32 | 001,671,168 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.LaunchBarView.dll
MOD - [2006/11/23 19:24:26 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Shared.UI.dll
MOD - [2006/11/23 19:24:26 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Presenter.dll
MOD - [2006/11/23 19:24:26 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2006/11/23 19:24:24 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Host.dll
MOD - [2006/11/23 19:24:24 | 000,032,768 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\acer.empowering.framework.shared.dll
MOD - [2006/11/23 19:24:24 | 000,020,480 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Interface.dll
MOD - [2006/11/22 18:44:36 | 001,323,008 | ---- | M] (Acer inc.) -- C:\Acer\Empowering Technology\acer.empowering.windows.forms.dll
MOD - [2006/11/21 00:45:22 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
MOD - [2006/11/21 00:45:14 | 000,278,704 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NCOItf.dll
MOD - [2006/11/21 00:44:36 | 000,013,928 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll
MOD - [2006/11/21 00:44:34 | 000,128,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
MOD - [2006/11/21 00:44:32 | 000,296,552 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvc.dll
MOD - [2006/11/21 00:44:32 | 000,145,000 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSet.dll
MOD - [2006/11/21 00:44:32 | 000,071,272 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
MOD - [2006/11/21 00:44:32 | 000,063,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProSub.dll
MOD - [2006/11/21 00:44:30 | 000,532,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccL60U.dll
MOD - [2006/11/21 00:44:30 | 000,206,440 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
MOD - [2006/11/21 00:44:28 | 000,345,704 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll
MOD - [2006/11/21 00:44:28 | 000,263,784 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
MOD - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
MOD - [2006/11/21 00:43:42 | 000,190,608 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll
MOD - [2006/11/21 00:43:42 | 000,059,536 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll
MOD - [2006/11/21 00:43:42 | 000,046,224 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll
MOD - [2006/11/21 00:42:26 | 000,421,008 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll
MOD - [2006/11/21 00:42:18 | 000,078,504 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\SetEvtHp.dll
MOD - [2006/11/21 00:42:16 | 000,097,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NisTray.dll
MOD - [2006/11/21 00:42:16 | 000,009,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NISTrRes.dll
MOD - [2006/11/21 00:42:08 | 000,231,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlert.dll
MOD - [2006/11/21 00:42:08 | 000,198,312 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwEvent.dll
MOD - [2006/11/21 00:42:08 | 000,021,160 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlRes.dll
MOD - [2006/11/21 00:42:02 | 000,074,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\AlertRes.dll
MOD - [2006/11/21 00:41:38 | 000,206,496 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.loc
MOD - [2006/11/21 00:41:36 | 000,226,976 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.dll
MOD - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
MOD - [2006/11/16 23:41:40 | 000,237,568 | ---- | M] (HiTRSUT) -- C:\Windows\System32\keyManager.dll
MOD - [2006/11/16 20:10:14 | 000,286,720 | ---- | M] (HiTRUST) -- C:\Windows\System32\sysenv.dll
MOD - [2006/11/16 14:20:46 | 000,172,032 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\eDSplugin.dll
MOD - [2006/11/16 14:19:32 | 000,109,568 | ---- | M] (HiTRUST) -- C:\Windows\System32\ADMIN_CLASS_LIB.dll
MOD - [2006/11/16 14:19:10 | 000,037,376 | ---- | M] () -- C:\Windows\System32\MSNChatHook.dll
MOD - [2006/11/16 14:18:54 | 000,120,832 | ---- | M] (HiTRUST) -- C:\Windows\System32\PSDUtil.dll
MOD - [2006/11/16 14:18:50 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2006/11/12 22:35:10 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll
MOD - [2006/11/12 22:34:46 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll
MOD - [2006/11/12 22:34:46 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll
MOD - [2006/11/12 22:34:46 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll
MOD - [2006/11/12 22:34:44 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll
MOD - [2006/11/12 22:34:44 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\MemCheck.Interface.dll
MOD - [2006/11/08 22:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
MOD - [2006/11/02 09:07:06 | 001,060,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3fe3f7ba542ab78e52e49d19640a7e64\System.Management.ni.dll
MOD - [2006/11/02 09:03:53 | 000,815,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\bf5e1558dda3eb1bd0513a9e7f6c9e52\System.Runtime.Remoting.ni.dll
MOD - [2006/11/02 09:03:37 | 013,148,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\35a9f19f21aac42b979be321f1bb5fd4\System.Windows.Forms.ni.dll
MOD - [2006/11/02 09:03:23 | 001,617,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\70c145ed25af403aa899ffcb633350b1\System.Drawing.ni.dll
MOD - [2006/11/02 09:03:14 | 005,619,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f76a7622c73e26e4d2daf54068d7ff79\System.Xml.ni.dll
MOD - [2006/11/02 09:02:48 | 001,003,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d7b63c1d2ab17ac3cc24881c4ff78b63\System.Configuration.ni.dll
MOD - [2006/11/02 09:02:47 | 000,229,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\61b951bd03727a096c1c02cb18d5ce30\System.ServiceProcess.ni.dll
MOD - [2006/11/02 08:52:17 | 008,151,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll
MOD - [2006/11/02 08:52:04 | 011,628,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll
MOD - [2006/11/02 08:34:59 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2006/11/02 08:34:55 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2006/11/02 08:34:55 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2006/11/02 08:34:54 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
MOD - [2006/11/02 08:34:54 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
MOD - [2006/11/02 08:34:54 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
MOD - [2006/11/02 08:34:25 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2006/11/02 08:34:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2006/11/02 08:34:04 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2006/11/02 08:34:02 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
MOD - [2006/11/02 08:34:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
MOD - [2006/11/02 08:34:02 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2006/11/02 08:34:01 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
MOD - [2006/11/02 08:33:51 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
MOD - [2006/11/02 08:33:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2006/11/02 08:33:45 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2006/11/02 05:46:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2006/11/02 05:46:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2006/11/02 05:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2006/11/02 05:46:13 | 000,889,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
MOD - [2006/11/02 05:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2006/11/02 05:46:13 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2006/11/02 05:46:13 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2006/11/02 05:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2006/11/02 05:46:13 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
MOD - [2006/11/02 05:46:13 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
MOD - [2006/11/02 05:46:13 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
MOD - [2006/11/02 05:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2006/11/02 05:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
MOD - [2006/11/02 05:46:12 | 001,822,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2006/11/02 05:46:12 | 001,327,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
MOD - [2006/11/02 05:46:12 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
MOD - [2006/11/02 05:46:12 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2006/11/02 05:46:12 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pautoenr.dll
MOD - [2006/11/02 05:46:12 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2006/11/02 05:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2006/11/02 05:46:11 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
MOD - [2006/11/02 05:46:11 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2006/11/02 05:46:11 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2006/11/02 05:46:10 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2006/11/02 05:46:06 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2006/11/02 05:46:06 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2006/11/02 05:46:06 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2006/11/02 05:46:05 | 001,162,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
MOD - [2006/11/02 05:46:05 | 001,139,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
MOD - [2006/11/02 05:46:05 | 000,543,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2006/11/02 05:46:05 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2006/11/02 05:46:05 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2006/11/02 05:46:05 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2006/11/02 05:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2006/11/02 05:46:04 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2006/11/02 05:46:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
MOD - [2006/11/02 05:46:04 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2006/11/02 05:46:03 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2006/11/02 05:46:03 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2006/11/02 05:46:03 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2006/11/02 05:46:03 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2006/11/02 05:46:03 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2006/11/02 05:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2006/11/02 05:46:03 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2006/11/02 05:46:02 | 001,984,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2006/11/02 05:46:02 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
MOD - [2006/11/02 05:46:02 | 000,398,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
MOD - [2006/11/02 05:46:02 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2006/11/02 05:46:02 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2006/11/02 05:46:02 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2006/11/02 05:44:42 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2006/11/02 05:44:42 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2006/11/02 05:39:30 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icmp.dll
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
MOD - [2006/11/02 05:38:56 | 001,744,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\GdiPlus.dll
MOD - [2006/11/02 05:38:56 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
MOD - [2006/11/02 04:22:05 | 002,628,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
MOD - [2006/09/29 17:13:28 | 000,401,408 | ---- | M] (HiTRUST) -- C:\Windows\System32\CryptoAPI.dll
MOD - [2006/08/04 13:43:32 | 000,270,336 | ---- | M] (The Apache Software Foundation) -- C:\Acer\Empowering Technology\log4net.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/02/20 18:40:30 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006/11/21 00:42:52 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/11/21 00:42:12 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2006/11/02 08:33:48 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/02 05:46:14 | 000,376,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)


========== Driver Services (SafeList) ==========

DRV - [2011/05/18 04:00:00 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/05/18 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/10 04:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/10 04:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/02/20 19:51:49 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/01/08 04:34:22 | 000,287,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20110510.001\IDSvix86.sys -- (IDSvix86)
DRV - [2010/07/08 15:10:08 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/08/03 20:07:12 | 000,038,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/08/03 20:07:10 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/03 20:07:10 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/03 20:07:10 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/08/03 20:07:10 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/08/03 20:07:10 | 000,012,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/12/01 00:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/12/01 00:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/12/01 00:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/12/11 13:34:22 | 000,097,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/21 00:45:36 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/11/02 03:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/13 23:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2002/07/08 14:26:08 | 000,025,281 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enethusb.sys -- (ENETHUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolba...92de215329e46ad
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/04 19:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/04 19:01:41 | 000,000,000 | ---D | M]

[2011/02/20 15:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Extensions
[2011/02/20 21:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Firefox\Profiles\lbs0k2jh.default\extensions
[2011/06/12 16:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/14 12:33:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2009/08/14 12:33:30 | 000,091,480 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2009/08/14 12:33:26 | 000,020,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2007/03/16 17:33:48 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2007/03/16 17:33:48 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2007/03/16 17:33:50 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2011/03/27 13:59:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/08/14 12:35:40 | 000,427,344 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2009/08/14 12:33:22 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2011/06/12 15:00:41 | 000,001,211 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Mp3Tube.xml

O1 HOSTS File: ([2011/08/17 17:54:52 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Windows\System32\SysMonitor.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [osCheck] c:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PCMService] C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\velcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/17 17:54:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/15 22:07:55 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\Citrix
[2011/08/06 17:13:36 | 000,000,000 | ---D | C] -- C:\Windows\{7EBEACC7-A0C9-4DA4-9A63-3DC7D244B051}
[2011/08/06 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy
[2011/08/04 19:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/04 19:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/04 19:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/04 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/04 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Local\Apple
[2011/08/04 18:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/08/04 18:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/07/21 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\velcd\Documents\MakeDiscVideo
[2011/07/21 18:37:10 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\CyberLink
[2006/12/26 09:16:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 30 Days ==========

[2011/08/17 18:10:37 | 000,000,680 | ---- | M] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/08/17 18:07:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/17 18:07:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/17 18:07:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/17 18:06:58 | 469,295,104 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/17 17:54:52 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/08/17 17:22:02 | 168,365,182 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/16 18:44:23 | 000,000,512 | ---- | M] () -- C:\Users\velcd\Desktop\MBR.dat
[2011/08/06 17:26:54 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/06 17:26:54 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

========== Files Created - No Company Name ==========

[2011/08/16 18:44:17 | 000,000,512 | ---- | C] () -- C:\Users\velcd\Desktop\MBR.dat
[2011/08/04 18:56:55 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/02/28 22:32:54 | 000,000,680 | ---- | C] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/02/20 19:54:45 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2011/02/20 15:56:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/18 18:10:35 | 000,004,608 | ---- | C] () -- C:\Users\velcd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/11 00:15:47 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2011/02/11 00:15:47 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2006/12/26 09:17:01 | 000,319,488 | ---- | C] () -- C:\Windows\System32\SysMonitor.exe
[2006/12/26 09:16:59 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006/12/26 09:12:36 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006/12/26 09:05:29 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006/12/26 08:36:38 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006/12/26 07:41:20 | 000,000,700 | ---- | C] () -- C:\Windows\generic.ini
[2006/12/26 07:41:20 | 000,000,095 | ---- | C] () -- C:\Windows\Alaunch.ini
[2006/11/16 14:20:38 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2006/11/16 14:20:20 | 000,200,704 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2006/11/16 14:20:10 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2006/11/16 14:19:10 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll
[2006/11/16 14:19:04 | 000,123,904 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2006/11/16 14:18:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2006/11/16 14:18:50 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/11/16 14:18:06 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/13 06:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 000,240,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2011/08/15 22:07:55 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\Citrix
[2011/04/29 17:45:42 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\ICAClient
[2011/05/28 13:35:52 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\OpenOffice.org
[2011/05/27 16:25:11 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\W Photo Studio Viewer
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/08/17 18:05:55 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >



TDSSKiller Log:

2011/08/17 20:13:50.0697 3380 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/17 20:13:52.0710 3380 ================================================================================
2011/08/17 20:13:52.0710 3380 SystemInfo:
2011/08/17 20:13:52.0710 3380
2011/08/17 20:13:52.0710 3380 OS Version: 6.0.6000 ServicePack: 0.0
2011/08/17 20:13:52.0710 3380 Product type: Workstation
2011/08/17 20:13:52.0710 3380 ComputerName: VELCD-PC
2011/08/17 20:13:52.0710 3380 UserName: velcd
2011/08/17 20:13:52.0710 3380 Windows directory: C:\Windows
2011/08/17 20:13:52.0710 3380 System windows directory: C:\Windows
2011/08/17 20:13:52.0710 3380 Processor architecture: Intel x86
2011/08/17 20:13:52.0710 3380 Number of processors: 2
2011/08/17 20:13:52.0710 3380 Page size: 0x1000
2011/08/17 20:13:52.0710 3380 Boot type: Normal boot
2011/08/17 20:13:52.0710 3380 ================================================================================
2011/08/17 20:13:59.0870 3380 Initialize success
2011/08/17 20:14:08.0341 3080 ================================================================================
2011/08/17 20:14:08.0341 3080 Scan started
2011/08/17 20:14:08.0341 3080 Mode: Manual;
2011/08/17 20:14:08.0341 3080 ================================================================================
2011/08/17 20:14:27.0342 3080 ACPI (192bdbd1540645c4a2aa69f24cce197f) C:\Windows\system32\drivers\acpi.sys
2011/08/17 20:14:29.0026 3080 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/08/17 20:14:31.0366 3080 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/08/17 20:14:33.0082 3080 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/08/17 20:14:37.0996 3080 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/08/17 20:14:39.0634 3080 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/08/17 20:14:40.0789 3080 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/08/17 20:14:42.0099 3080 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/08/17 20:14:43.0456 3080 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/08/17 20:14:44.0658 3080 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/08/17 20:14:45.0500 3080 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/08/17 20:14:46.0452 3080 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/08/17 20:14:47.0232 3080 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/17 20:14:48.0012 3080 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/08/17 20:14:49.0244 3080 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/08/17 20:14:50.0149 3080 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/17 20:14:50.0898 3080 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys
2011/08/17 20:14:51.0693 3080 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/08/17 20:14:54.0517 3080 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/17 20:14:55.0531 3080 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/08/17 20:14:56.0170 3080 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/08/17 20:14:57.0044 3080 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/08/17 20:14:57.0637 3080 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/08/17 20:14:58.0588 3080 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/08/17 20:15:02.0239 3080 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/08/17 20:15:03.0534 3080 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/08/17 20:15:05.0094 3080 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/17 20:15:07.0106 3080 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/17 20:15:10.0366 3080 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/08/17 20:15:12.0488 3080 CLFS (51b4b82560e49c415ae5b1337d635c3f) C:\Windows\system32\CLFS.sys
2011/08/17 20:15:13.0596 3080 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/08/17 20:15:14.0563 3080 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/08/17 20:15:15.0452 3080 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/08/17 20:15:15.0951 3080 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/08/17 20:15:16.0809 3080 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/08/17 20:15:17.0605 3080 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/08/17 20:15:18.0198 3080 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/08/17 20:15:18.0697 3080 DXGKrnl (f032a2f91287a0b800891c7bef9ca7a8) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/17 20:15:19.0726 3080 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/08/17 20:15:20.0725 3080 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/08/17 20:15:21.0411 3080 eeCtrl (5461f01b7def17dc90d90b029f874c3b) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2011/08/17 20:15:24.0453 3080 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/08/17 20:15:26.0481 3080 ENETHUSB (765015da7e00da1fa6b2d9b790157efd) C:\Windows\system32\DRIVERS\enethusb.sys
2011/08/17 20:15:27.0324 3080 EraserUtilRebootDrv (17fcc372d03ba39f3aee85198c0ec594) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/08/17 20:15:28.0821 3080 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/08/17 20:15:29.0991 3080 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/17 20:15:31.0255 3080 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/08/17 20:15:32.0191 3080 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/08/17 20:15:34.0359 3080 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/17 20:15:35.0208 3080 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/08/17 20:15:35.0828 3080 Fs_Rec (1ed8599e1e08ba40f2b7301f0b83583a) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/17 20:15:36.0393 3080 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/17 20:15:37.0223 3080 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/08/17 20:15:37.0593 3080 HDAudBus (5fd053f305b77ebe97f284b20d89dc1c) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/17 20:15:37.0898 3080 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/08/17 20:15:38.0098 3080 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/08/17 20:15:38.0293 3080 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/17 20:15:38.0478 3080 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/08/17 20:15:38.0773 3080 HTTP (f31d27ccf514549a17e79bebe01b40b6) C:\Windows\system32\drivers\HTTP.sys
2011/08/17 20:15:39.0003 3080 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/08/17 20:15:39.0393 3080 i8042prt (1060f1377f395a242e27719440ece602) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/17 20:15:39.0643 3080 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/08/17 20:15:40.0113 3080 IDSvix86 (b147ccf3b7a42b64af8ec0520b4b15e3) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20110510.001\IDSvix86.sys
2011/08/17 20:15:40.0523 3080 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/08/17 20:15:41.0093 3080 IntcAzAudAddService (a47b2875680ad67b35c6150bd0203056) C:\Windows\system32\drivers\RTKVHDA.sys
2011/08/17 20:15:41.0638 3080 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/08/17 20:15:42.0673 3080 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/17 20:15:43.0408 3080 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/17 20:15:45.0158 3080 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/08/17 20:15:45.0898 3080 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/08/17 20:15:46.0668 3080 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/08/17 20:15:47.0168 3080 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/08/17 20:15:47.0698 3080 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/17 20:15:48.0303 3080 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/08/17 20:15:48.0930 3080 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/08/17 20:15:49.0507 3080 kbdclass (1a48765f92ba1a88445fc25c9c9d94fc) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/17 20:15:50.0085 3080 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/17 20:15:51.0036 3080 KSecDD (11d0bc1f2afd8abbb5a3dc47a042de54) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/17 20:15:51.0660 3080 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/17 20:15:52.0019 3080 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/17 20:15:52.0409 3080 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/17 20:15:52.0737 3080 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/17 20:15:53.0127 3080 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/08/17 20:15:53.0501 3080 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/08/17 20:15:53.0797 3080 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/08/17 20:15:54.0078 3080 monitor (ec839ba91e45cce6eadafc418fff8206) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/17 20:15:54.0265 3080 mouclass (3c9469dfb3440555dab070716d768b1e) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/17 20:15:54.0499 3080 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/17 20:15:54.0687 3080 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/08/17 20:15:54.0936 3080 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/08/17 20:15:55.0264 3080 mpsdrv (8d326e8b321685d4784afa1c55169d73) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/17 20:15:55.0545 3080 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/08/17 20:15:56.0028 3080 MRxDAV (93224014a418b72356462b8f7de6e8c9) C:\Windows\system32\drivers\mrxdav.sys
2011/08/17 20:15:56.0356 3080 mrxsmb (fca7563d87f71c6db0182ca67cc19aa7) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/17 20:15:56.0543 3080 mrxsmb10 (58a9ab5754fa4cabede7401283b5a771) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/17 20:15:56.0793 3080 mrxsmb20 (79b09504e4a790104683722cd04f76b4) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/17 20:15:57.0089 3080 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/08/17 20:15:57.0385 3080 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/08/17 20:15:57.0713 3080 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/08/17 20:15:58.0056 3080 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
2011/08/17 20:15:58.0228 3080 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/17 20:15:58.0493 3080 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/17 20:15:58.0821 3080 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/08/17 20:15:59.0055 3080 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/08/17 20:15:59.0195 3080 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/17 20:15:59.0257 3080 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/08/17 20:15:59.0663 3080 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/08/17 20:15:59.0803 3080 NativeWifiP (497de786240303ee67ab01f5690c24c2) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/17 20:15:59.0975 3080 NAVENG (920d9701bba90dbb7ccfd3536ea4d6f9) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110520.002\NAVENG.SYS
2011/08/17 20:16:00.0334 3080 NAVEX15 (31b1a9b53c3319b97f7874347cd992d2) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110520.002\NAVEX15.SYS
2011/08/17 20:16:00.0615 3080 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/08/17 20:16:00.0661 3080 NdisTapi (7584f1794b23b83d63cc124a8c56d103) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/17 20:16:00.0817 3080 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/17 20:16:00.0927 3080 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/17 20:16:00.0989 3080 NDProxy (874c12e3ad1431cabc854697d302c563) C:\Windows\system32\drivers\NDProxy.sys
2011/08/17 20:16:01.0036 3080 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/17 20:16:01.0129 3080 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/17 20:16:01.0317 3080 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/08/17 20:16:01.0473 3080 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/08/17 20:16:01.0551 3080 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/17 20:16:01.0644 3080 Ntfs (3f379380a4a2637f559444e338cf1b51) C:\Windows\system32\drivers\Ntfs.sys
2011/08/17 20:16:01.0722 3080 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/08/17 20:16:01.0800 3080 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/08/17 20:16:01.0831 3080 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/08/17 20:16:02.0019 3080 nvlddmkm (cfddedc1151839dd71f78472645214a5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/17 20:16:02.0190 3080 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/08/17 20:16:02.0237 3080 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/08/17 20:16:02.0268 3080 nvstor32 (86b1b96806829066982ed67b7aba74ef) C:\Windows\system32\drivers\nvstor32.sys
2011/08/17 20:16:03.0220 3080 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/08/17 20:16:03.0953 3080 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/08/17 20:16:04.0125 3080 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys
2011/08/17 20:16:04.0171 3080 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/08/17 20:16:04.0296 3080 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys
2011/08/17 20:16:04.0343 3080 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
2011/08/17 20:16:04.0374 3080 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/08/17 20:16:04.0468 3080 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/08/17 20:16:04.0702 3080 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/08/17 20:16:04.0998 3080 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/17 20:16:05.0029 3080 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/08/17 20:16:05.0170 3080 PSched (b74edf14453c9987e99e66535047ebee) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/17 20:16:05.0232 3080 PSDFilter (88b72d2a800300eb05c69f3c6c3180f2) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/08/17 20:16:05.0326 3080 PSDNServ (9649e11fc5459bf6b2c9e8e327e45c3a) C:\Windows\system32\drivers\PSDNServ.sys
2011/08/17 20:16:05.0373 3080 psdvdisk (3d0be1373b9dfe9fc7b64f090e4d59e3) C:\Windows\system32\drivers\psdvdisk.sys
2011/08/17 20:16:05.0435 3080 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/08/17 20:16:05.0544 3080 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/08/17 20:16:05.0607 3080 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/17 20:16:05.0700 3080 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/17 20:16:05.0747 3080 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/17 20:16:05.0794 3080 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/17 20:16:05.0856 3080 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/17 20:16:05.0950 3080 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/17 20:16:06.0043 3080 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/08/17 20:16:06.0106 3080 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/17 20:16:06.0153 3080 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/08/17 20:16:06.0293 3080 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/17 20:16:06.0371 3080 RTL8192su (3e322976d9414490df552d63a0dbe288) C:\Windows\system32\DRIVERS\RTL8192su.sys
2011/08/17 20:16:06.0511 3080 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/08/17 20:16:06.0589 3080 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/08/17 20:16:06.0714 3080 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
2011/08/17 20:16:06.0745 3080 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
2011/08/17 20:16:06.0777 3080 sermouse (fd06895f55c0bec3cbd84bda14e1c6b7) C:\Windows\system32\drivers\sermouse.sys
2011/08/17 20:16:06.0839 3080 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/08/17 20:16:06.0933 3080 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/17 20:16:06.0964 3080 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/17 20:16:06.0995 3080 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/08/17 20:16:07.0104 3080 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/08/17 20:16:07.0135 3080 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/08/17 20:16:07.0338 3080 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/08/17 20:16:07.0463 3080 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/08/17 20:16:07.0541 3080 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
2011/08/17 20:16:07.0650 3080 SPBBCDrv (905782bcf15b6e5af9905b77923c7fa2) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
2011/08/17 20:16:07.0822 3080 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/08/17 20:16:07.0993 3080 SRTSP (655773f2f1a3730c6cf20280a49f4ee1) C:\Windows\system32\Drivers\SRTSP.SYS
2011/08/17 20:16:08.0181 3080 SRTSPL (2a0aaf370d4c6574a34ae2f4a0709cae) C:\Windows\system32\Drivers\SRTSPL.SYS
2011/08/17 20:16:08.0337 3080 SRTSPX (3104bdceace2d5710776dd05e6a286c1) C:\Windows\system32\Drivers\SRTSPX.SYS
2011/08/17 20:16:08.0383 3080 srv (2c677528b24d64d22886ecbe5cd97f20) C:\Windows\system32\DRIVERS\srv.sys
2011/08/17 20:16:08.0493 3080 srv2 (382baf4dcbd7648ced6c64a8a1e335b2) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/17 20:16:08.0539 3080 srvnet (f8e47a77e1690d8574962b69cb22beb3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/17 20:16:08.0602 3080 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/17 20:16:08.0727 3080 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/08/17 20:16:08.0789 3080 SYMDNS (51b57cda977170ac608d839dbfa1d3ee) C:\Windows\System32\Drivers\SYMDNS.SYS
2011/08/17 20:16:08.0883 3080 SymEvent (06b95820df51502099a8a15c93e87986) C:\Windows\system32\Drivers\SYMEVENT.SYS
2011/08/17 20:16:08.0914 3080 SYMFW (a131d8360b01044517aa44529e2137d6) C:\Windows\System32\Drivers\SYMFW.SYS
2011/08/17 20:16:08.0961 3080 SYMIDS (2b77868f02dae02103380b824431b798) C:\Windows\System32\Drivers\SYMIDS.SYS
2011/08/17 20:16:09.0054 3080 SYMNDISV (7d3addfe63e5227bd2dbd5692bafb688) C:\Windows\System32\Drivers\SYMNDISV.SYS
2011/08/17 20:16:09.0085 3080 SYMREDRV (394b2368212114d538316812af60fddd) C:\Windows\System32\Drivers\SYMREDRV.SYS
2011/08/17 20:16:09.0132 3080 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\Windows\System32\Drivers\SYMTDI.SYS
2011/08/17 20:16:09.0195 3080 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/08/17 20:16:09.0288 3080 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/08/17 20:16:09.0382 3080 Tcpip (d944522b048a5feb7700b5170d3d9423) C:\Windows\system32\drivers\tcpip.sys
2011/08/17 20:16:09.0444 3080 Tcpip6 (d944522b048a5feb7700b5170d3d9423) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/17 20:16:09.0522 3080 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/17 20:16:09.0569 3080 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/08/17 20:16:09.0600 3080 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/08/17 20:16:09.0678 3080 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/17 20:16:09.0756 3080 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/17 20:16:09.0897 3080 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/17 20:16:09.0975 3080 tunmp (80fc4ac81602c88e7d23618e6efba2c6) C:\Windows\system32\DRIVERS\tunmp.sys
2011/08/17 20:16:10.0021 3080 tunnel (52daa1fa3b5a40d6a6627b44c60a9b78) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/17 20:16:10.0053 3080 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/08/17 20:16:10.0131 3080 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\Windows\system32\drivers\UBHelper.sys
2011/08/17 20:16:10.0162 3080 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/17 20:16:10.0255 3080 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/17 20:16:10.0365 3080 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/08/17 20:16:10.0427 3080 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/08/17 20:16:10.0505 3080 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/08/17 20:16:10.0536 3080 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/17 20:16:10.0614 3080 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/17 20:16:10.0692 3080 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/08/17 20:16:10.0723 3080 usbehci (63fe924d8a1113c3ba6750693fbec7d3) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/17 20:16:10.0770 3080 usbhub (5edec5510592c905e91817707dce62a2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/17 20:16:10.0817 3080 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\DRIVERS\usbohci.sys
2011/08/17 20:16:10.0895 3080 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/17 20:16:10.0942 3080 USBSTOR (fdbaabf07244c60b0f4e0a6e71a107c6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/08/17 20:16:10.0989 3080 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/08/17 20:16:11.0098 3080 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/17 20:16:11.0129 3080 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/08/17 20:16:11.0191 3080 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/08/17 20:16:11.0223 3080 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/08/17 20:16:11.0301 3080 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/08/17 20:16:11.0347 3080 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
2011/08/17 20:16:11.0394 3080 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/08/17 20:16:11.0441 3080 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys
2011/08/17 20:16:11.0535 3080 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/08/17 20:16:11.0613 3080 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/08/17 20:16:11.0644 3080 Wanarp (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/17 20:16:11.0675 3080 Wanarpv6 (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/17 20:16:11.0784 3080 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/08/17 20:16:11.0847 3080 Wdf01000 (5dfdbd5ef13e4d95be6fc108e2ed4a67) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/17 20:16:12.0049 3080 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/17 20:16:12.0143 3080 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/17 20:16:12.0221 3080 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/17 20:16:12.0361 3080 yukonwlh (bfab14d10543963dbda7128adabfa51d) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/08/17 20:16:12.0408 3080 MBR (0x1B8) (a5e72b9509e04abcce59c653b7c10c4a) \Device\Harddisk0\DR0
2011/08/17 20:16:12.0439 3080 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/08/17 20:16:12.0486 3080 Boot (0x1200) (6f844bd69970bb89911233cd5c6012d6) \Device\Harddisk0\DR0\Partition0
2011/08/17 20:16:12.0502 3080 Boot (0x1200) (bc9daf097a35ba6ac1599b07603bfdb1) \Device\Harddisk0\DR0\Partition1
2011/08/17 20:16:12.0517 3080 ================================================================================
2011/08/17 20:16:12.0517 3080 Scan finished
2011/08/17 20:16:12.0517 3080 ================================================================================
2011/08/17 20:16:12.0673 3796 Detected object count: 1
2011/08/17 20:16:12.0673 3796 Actual detected object count: 1
2011/08/17 20:16:32.0797 3796 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/08/17 20:16:32.0813 3796 \Device\Harddisk0\DR0 - ok
2011/08/17 20:16:32.0844 3796 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/08/17 20:16:47.0181 3212 Deinitialize success
  • 0

#6
Essexboy
Posted 18 August 2011 - 11:18 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A sweep for orphans now I feel, what are your current problems ?

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#7
Boltskull
Posted 18 August 2011 - 04:21 PM

Boltskull

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
My Host processes are still up in reference to memory. My PC is loading slow.


MBAM Report:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7502

Windows 6.0.6000
Internet Explorer 7.0.6000.16386

8/18/2011 5:40:04 PM
mbam-log-2011-08-18 (17-40-04).txt

Scan type: Quick scan
Objects scanned: 153319
Time elapsed: 9 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790677B3765B5B3FAE97 (Malware.Trace) -> Value: SRS_IT_E8790677B3765B5B3FAE97 -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\velcd\downloads\setuplivingplay(2).exe (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\Users\velcd\downloads\setuplivingplay(3).exe (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\Users\velcd\downloads\setuplivingplay.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\Users\velcd\downloads\xvidsetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\searchplugins\Mp3Tube.xml (Adware.Mp3Tube) -> Quarantined and deleted successfully.

Thanks Again.
  • 0

#8
Essexboy
Posted 19 August 2011 - 11:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You are very short on memory 446.94 Mb Total Physical Memory even XP would struggle with that, also you have a lot of modules running . Looking at them a great deal are running with Open Office , so for a start I would recommend that you disable the open office quick start

Once you have done this let me know if there is a difference

For the RAM I would suggest that you run the Crucial scanner to see how much memory your system can take, what type and the general cost

These are the items that I would recommend that you disable from starting
[Acer Empowering Technology Monitor] C:\Windows\System32\SysMonitor.exe ()
[Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
[PCMService]C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe (CyberLink Corp.)
[RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
Startup: C:\Users\velcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()


Go to BlackVipers page here and we will then look at the running services

Click on the Safe column
[attachment=51999:Capture.GIF]
Scroll down to the Automatic start (delayed )
[attachment=52000:Capture1.GIF]

Then in the search box on the start menu of your computer type services.msc
The programme will appear in the top of the box, run that
[attachment=52002:Untitled.gif]

Then set your services to as described in the tutorial

To do this right click the associated service
Select properties and in the drop down box set them as detailed
Then click apply

[attachment=52001:Untitled1.gif]
  • 0

#9
Boltskull
Posted 19 August 2011 - 04:55 PM

Boltskull

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
The phsical memory is still high it hovers around 70 to 80 % after following the above recommendations from your last post. Also, I still have to end host service processes when they get high (18000 - to 24000) and set priority to low after pc is reboted.

Thanks Again.
  • 0

#10
Essexboy
Posted 20 August 2011 - 04:24 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you run OTL again please so that I can see if there is anything else we can trim

Have the redirects gone ?
  • 0

#11
Boltskull
Posted 20 August 2011 - 09:37 AM

Boltskull

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Yes the redirects are gone. Thanks.

After a reboot I still have to manually end the host service processes when they get high in reference to memory and set their priority to low.

Please see the OTL Report from the Quick Scan:

OTL logfile created on: 8/20/2011 11:27:25 AM - Run 4
OTL by OldTimer - Version 3.2.26.3 Folder = C:\Users\velcd\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.94 Mb Total Physical Memory | 98.13 Mb Available Physical Memory | 21.96% Memory free
1.41 Gb Paging File | 0.52 Gb Available in Paging File | 36.92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 113.20 Gb Total Space | 99.48 Gb Free Space | 87.88% Space Free | Partition Type: NTFS
Drive D: | 112.85 Gb Total Space | 107.19 Gb Free Space | 94.98% Space Free | Partition Type: NTFS

Computer Name: VELCD-PC | User Name: velcd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/18 18:42:20 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\velcd\Downloads\OTL.exe
PRC - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/02/20 18:40:30 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
PRC - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
PRC - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe


========== Modules (SafeList) ==========

MOD - [2011/08/19 18:35:44 | 000,180,224 | ---- | M] (Softanics) -- C:\Users\velcd\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
MOD - [2011/08/18 18:42:27 | 011,835,352 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2011/08/18 18:42:25 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2011/08/18 18:42:24 | 000,505,816 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\sqlite3.dll
MOD - [2011/08/18 18:42:24 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2011/08/18 18:42:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2011/08/18 18:42:24 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2011/08/18 18:42:23 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2011/08/18 18:42:23 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2011/08/18 18:42:23 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2011/08/18 18:42:23 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2011/08/18 18:42:22 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcrt19.dll
MOD - [2011/08/18 18:42:22 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2011/08/18 18:42:22 | 000,343,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2011/08/18 18:42:22 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2011/08/18 18:42:21 | 001,000,920 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/08/18 18:42:21 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcpp19.dll
MOD - [2011/08/18 18:42:21 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2011/08/18 18:42:20 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\velcd\Downloads\OTL.exe
MOD - [2011/08/04 18:58:33 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2011/08/04 18:58:32 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2011/06/25 10:46:49 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/02/24 21:08:40 | 002,195,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffStateMc.dll
MOD - [2011/02/24 21:08:38 | 000,234,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffIpHelper.dll
MOD - [2011/02/24 21:08:38 | 000,200,608 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\affNdis.dll
MOD - [2011/02/24 21:08:36 | 000,022,944 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/02/24 21:08:34 | 000,139,680 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffCrypto.dll
MOD - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
MOD - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
MOD - [2011/02/24 20:39:00 | 000,658,432 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2011/02/19 00:33:29 | 000,053,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
MOD - [2011/02/19 00:33:23 | 003,765,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90.dll
MOD - [2011/02/19 00:33:19 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2011/02/19 00:33:19 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2011/02/15 13:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2011/02/15 13:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2011/02/15 13:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2011/02/15 13:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2011/02/15 12:30:52 | 000,118,784 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Belkin\Router Setup and Monitor\W32N55.dll
MOD - [2011/02/15 12:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
MOD - [2009/08/03 20:27:18 | 000,625,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymNeti.dll
MOD - [2009/08/03 20:27:16 | 000,242,056 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymRedir.dll
MOD - [2008/09/22 18:09:34 | 000,669,048 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll
MOD - [2008/09/22 18:09:22 | 000,142,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\npcTray.dll
MOD - [2008/07/30 18:42:18 | 000,398,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll
MOD - [2008/07/30 18:42:18 | 000,283,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll
MOD - [2008/07/16 16:42:06 | 000,305,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\ISLAlert.dll
MOD - [2008/07/10 13:37:48 | 000,464,232 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\DefAlert.dll
MOD - [2008/01/29 18:38:26 | 000,353,672 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertUi.dll
MOD - [2008/01/29 18:38:25 | 000,398,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
MOD - [2007/07/06 15:24:32 | 000,128,888 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\UILICPLG.DLL
MOD - [2007/07/06 15:24:28 | 000,493,432 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL
MOD - [2007/07/06 15:24:26 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCHLPR2.DLL
MOD - [2007/07/06 15:24:24 | 000,090,488 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMICL.DLL
MOD - [2007/07/06 15:24:24 | 000,082,808 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMIDT.DLL
MOD - [2007/07/06 14:24:38 | 000,064,376 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\PEPEVNT.DLL
MOD - [2007/07/06 14:24:22 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\DATAPVDR.DLL
MOD - [2007/01/26 14:03:18 | 000,366,200 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ISDataCl.dll
MOD - [2007/01/19 17:36:48 | 000,070,240 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMAIL.DLL
MOD - [2007/01/19 17:36:46 | 000,290,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIFC.DLL
MOD - [2007/01/19 17:36:40 | 000,162,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVEXCLU.DLL
MOD - [2006/12/26 08:54:05 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
MOD - [2006/12/26 08:54:03 | 001,079,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
MOD - [2006/11/25 02:58:46 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\VideoProcessor\MDTLM2Splter.ax
MOD - [2006/11/25 02:58:44 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\VideoProcessor\MDTLM1Splter.ax
MOD - [2006/11/25 02:58:18 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\PCMRM2Splter.ax
MOD - [2006/11/25 02:58:14 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\PCMBM2Splter.ax
MOD - [2006/11/25 02:58:14 | 000,139,264 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\PCMBM1Splter.ax
MOD - [2006/11/25 02:57:54 | 000,155,648 | ---- | M] (CyberLink Corp.) -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\Movie\CLDemuxer.ax
MOD - [2006/11/21 00:45:22 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
MOD - [2006/11/21 00:45:14 | 000,278,704 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NCOItf.dll
MOD - [2006/11/21 00:44:36 | 000,013,928 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll
MOD - [2006/11/21 00:44:34 | 000,259,688 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccWebWnd.dll
MOD - [2006/11/21 00:44:34 | 000,128,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
MOD - [2006/11/21 00:44:32 | 000,296,552 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvc.dll
MOD - [2006/11/21 00:44:32 | 000,145,000 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSet.dll
MOD - [2006/11/21 00:44:32 | 000,071,272 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
MOD - [2006/11/21 00:44:32 | 000,063,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProSub.dll
MOD - [2006/11/21 00:44:30 | 000,532,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccL60U.dll
MOD - [2006/11/21 00:44:30 | 000,206,440 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
MOD - [2006/11/21 00:44:28 | 000,345,704 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll
MOD - [2006/11/21 00:44:28 | 000,263,784 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
MOD - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
MOD - [2006/11/21 00:43:42 | 000,190,608 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll
MOD - [2006/11/21 00:43:42 | 000,059,536 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll
MOD - [2006/11/21 00:43:42 | 000,046,224 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll
MOD - [2006/11/21 00:42:50 | 000,163,496 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Options\CLTWrap2.dll
MOD - [2006/11/21 00:42:26 | 000,421,008 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll
MOD - [2006/11/21 00:42:26 | 000,041,104 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll
MOD - [2006/11/21 00:42:24 | 000,033,936 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll
MOD - [2006/11/21 00:42:18 | 000,078,504 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\SetEvtHp.dll
MOD - [2006/11/21 00:42:16 | 000,097,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NisTray.dll
MOD - [2006/11/21 00:42:16 | 000,009,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NISTrRes.dll
MOD - [2006/11/21 00:42:08 | 000,231,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlert.dll
MOD - [2006/11/21 00:42:08 | 000,198,312 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwEvent.dll
MOD - [2006/11/21 00:42:08 | 000,021,160 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlRes.dll
MOD - [2006/11/21 00:42:02 | 000,074,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\AlertRes.dll
MOD - [2006/11/21 00:41:44 | 000,325,280 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NavOpts.loc
MOD - [2006/11/21 00:41:42 | 000,468,640 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NAVOpts.dll
MOD - [2006/11/21 00:41:42 | 000,008,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NavError.loc
MOD - [2006/11/21 00:41:40 | 000,083,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NAVError.dll
MOD - [2006/11/21 00:41:38 | 000,206,496 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.loc
MOD - [2006/11/21 00:41:36 | 000,226,976 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.dll
MOD - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
MOD - [2006/11/16 23:41:40 | 000,237,568 | ---- | M] (HiTRSUT) -- C:\Windows\System32\keyManager.dll
MOD - [2006/11/16 20:10:14 | 000,286,720 | ---- | M] (HiTRUST) -- C:\Windows\System32\sysenv.dll
MOD - [2006/11/16 14:19:32 | 000,109,568 | ---- | M] (HiTRUST) -- C:\Windows\System32\ADMIN_CLASS_LIB.dll
MOD - [2006/11/16 14:19:10 | 000,037,376 | ---- | M] () -- C:\Windows\System32\MSNChatHook.dll
MOD - [2006/11/16 14:18:54 | 000,120,832 | ---- | M] (HiTRUST) -- C:\Windows\System32\PSDUtil.dll
MOD - [2006/11/16 14:18:50 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2006/11/02 08:34:59 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2006/11/02 08:34:55 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2006/11/02 08:34:55 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2006/11/02 08:34:54 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
MOD - [2006/11/02 08:34:54 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
MOD - [2006/11/02 08:34:50 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
MOD - [2006/11/02 08:34:25 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2006/11/02 08:34:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2006/11/02 08:34:04 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2006/11/02 08:34:03 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
MOD - [2006/11/02 08:34:02 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
MOD - [2006/11/02 08:34:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
MOD - [2006/11/02 08:34:02 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2006/11/02 08:34:01 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
MOD - [2006/11/02 08:33:53 | 000,505,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
MOD - [2006/11/02 08:33:51 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
MOD - [2006/11/02 08:33:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2006/11/02 08:33:45 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2006/11/02 05:46:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2006/11/02 05:46:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2006/11/02 05:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2006/11/02 05:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2006/11/02 05:46:13 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2006/11/02 05:46:13 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2006/11/02 05:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2006/11/02 05:46:13 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
MOD - [2006/11/02 05:46:13 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
MOD - [2006/11/02 05:46:13 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
MOD - [2006/11/02 05:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2006/11/02 05:46:13 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
MOD - [2006/11/02 05:46:12 | 001,822,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2006/11/02 05:46:12 | 001,327,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
MOD - [2006/11/02 05:46:12 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2006/11/02 05:46:12 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pautoenr.dll
MOD - [2006/11/02 05:46:12 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2006/11/02 05:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2006/11/02 05:46:11 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
MOD - [2006/11/02 05:46:11 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2006/11/02 05:46:11 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2006/11/02 05:46:10 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2006/11/02 05:46:09 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2006/11/02 05:46:07 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
MOD - [2006/11/02 05:46:06 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2006/11/02 05:46:06 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2006/11/02 05:46:06 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2006/11/02 05:46:05 | 002,014,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
MOD - [2006/11/02 05:46:05 | 000,543,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2006/11/02 05:46:05 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2006/11/02 05:46:05 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2006/11/02 05:46:05 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2006/11/02 05:46:05 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
MOD - [2006/11/02 05:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2006/11/02 05:46:04 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2006/11/02 05:46:04 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2006/11/02 05:46:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
MOD - [2006/11/02 05:46:04 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2006/11/02 05:46:03 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2006/11/02 05:46:03 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2006/11/02 05:46:03 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2006/11/02 05:46:03 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2006/11/02 05:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2006/11/02 05:46:03 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2006/11/02 05:46:02 | 001,984,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2006/11/02 05:46:02 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
MOD - [2006/11/02 05:46:02 | 000,398,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
MOD - [2006/11/02 05:46:02 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2006/11/02 05:46:02 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2006/11/02 05:46:02 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2006/11/02 05:44:42 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2006/11/02 05:44:42 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2006/11/02 05:39:30 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icmp.dll
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
MOD - [2006/11/02 05:38:56 | 001,744,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\GdiPlus.dll
MOD - [2006/11/02 05:38:56 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
MOD - [2006/11/02 04:22:05 | 002,628,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
MOD - [2006/09/29 17:13:28 | 000,401,408 | ---- | M] (HiTRUST) -- C:\Windows\System32\CryptoAPI.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/02/20 18:40:30 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006/11/21 00:42:52 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/11/21 00:42:12 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2006/11/02 08:33:48 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/18 04:00:00 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/05/18 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/10 04:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/10 04:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/02/20 19:51:49 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/01/08 04:34:22 | 000,287,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20110510.001\IDSvix86.sys -- (IDSvix86)
DRV - [2010/07/08 15:10:08 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/08/03 20:07:12 | 000,038,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/08/03 20:07:10 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/03 20:07:10 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/03 20:07:10 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/08/03 20:07:10 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/08/03 20:07:10 | 000,012,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/12/01 00:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/12/01 00:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/12/01 00:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/12/11 13:34:22 | 000,097,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/21 00:45:36 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/11/02 03:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/13 23:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2002/07/08 14:26:08 | 000,025,281 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enethusb.sys -- (ENETHUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolba...92de215329e46ad
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/18 18:42:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/18 18:42:28 | 000,000,000 | ---D | M]

[2011/02/20 15:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Extensions
[2011/02/20 21:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Firefox\Profiles\lbs0k2jh.default\extensions
[2011/06/12 16:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/14 12:33:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2009/08/14 12:33:30 | 000,091,480 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2009/08/14 12:33:26 | 000,020,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2007/03/16 17:33:48 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2007/03/16 17:33:48 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2007/03/16 17:33:50 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2011/03/27 13:59:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/08/14 12:35:40 | 000,427,344 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2009/08/14 12:33:22 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2011/08/17 17:54:52 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [osCheck] c:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PCMService] C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/18 17:25:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/18 17:25:34 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/18 17:25:22 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/17 20:13:07 | 001,404,720 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\velcd\Desktop\TDSSKiller.exe
[2011/08/17 17:54:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/15 22:07:55 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\Citrix
[2011/08/06 17:13:36 | 000,000,000 | ---D | C] -- C:\Windows\{7EBEACC7-A0C9-4DA4-9A63-3DC7D244B051}
[2011/08/06 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy
[2011/08/04 19:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/04 19:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/04 19:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/04 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/04 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Local\Apple
[2011/08/04 18:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/08/04 18:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/07/21 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\velcd\Documents\MakeDiscVideo
[2011/07/21 18:37:10 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\CyberLink
[2006/12/26 09:16:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 30 Days ==========

[2011/08/20 11:02:04 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 11:02:04 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 10:43:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/19 18:32:07 | 469,295,104 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/18 17:25:35 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/17 20:13:07 | 001,404,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\velcd\Desktop\TDSSKiller.exe
[2011/08/17 18:31:26 | 169,294,974 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/17 18:10:37 | 000,000,680 | ---- | M] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/08/17 17:54:52 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/08/16 18:44:23 | 000,000,512 | ---- | M] () -- C:\Users\velcd\Desktop\MBR.dat
[2011/08/06 17:26:54 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/06 17:26:54 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

========== Files Created - No Company Name ==========

[2011/08/18 17:25:35 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/16 18:44:17 | 000,000,512 | ---- | C] () -- C:\Users\velcd\Desktop\MBR.dat
[2011/08/04 18:56:55 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/02/28 22:32:54 | 000,000,680 | ---- | C] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/02/20 19:54:45 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2011/02/20 15:56:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/18 18:10:35 | 000,004,608 | ---- | C] () -- C:\Users\velcd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/11 00:15:47 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2011/02/11 00:15:47 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2006/12/26 09:17:01 | 000,319,488 | ---- | C] () -- C:\Windows\System32\SysMonitor.exe
[2006/12/26 09:16:59 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006/12/26 09:12:36 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006/12/26 09:05:29 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006/12/26 08:36:38 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006/12/26 07:41:20 | 000,000,700 | ---- | C] () -- C:\Windows\generic.ini
[2006/12/26 07:41:20 | 000,000,095 | ---- | C] () -- C:\Windows\Alaunch.ini
[2006/11/16 14:20:38 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2006/11/16 14:20:20 | 000,200,704 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2006/11/16 14:20:10 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2006/11/16 14:19:10 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll
[2006/11/16 14:19:04 | 000,123,904 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2006/11/16 14:18:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2006/11/16 14:18:50 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/11/16 14:18:06 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/13 06:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 000,240,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2011/08/15 22:07:55 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\Citrix
[2011/04/29 17:45:42 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\ICAClient
[2011/05/28 13:35:52 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\OpenOffice.org
[2011/05/27 16:25:11 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\W Photo Studio Viewer
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/08/19 18:28:38 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#12
Essexboy
Posted 20 August 2011 - 09:48 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Both Norton and Firefox are consuming a lot of memory, when Norton expires I would recommend that you get a lighter AV (or invest in at least 2 GB of RAM)

As a test could you not run Firefox but just IE when you run OTL again so that I can see if the difference is as marked as I think

The start up is now at near basic as you can get I feel
  • 0

#13
Boltskull
Posted 20 August 2011 - 10:58 AM

Boltskull

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I might have to go ahead and bite the bullet and invest in atleast 2 GB of RAM.

Please see below for OTL Quick Scan report while running IE:

OTL logfile created on: 8/20/2011 12:37:16 PM - Run 5
OTL by OldTimer - Version 3.2.26.3 Folder = C:\Users\velcd\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.94 Mb Total Physical Memory | 121.32 Mb Available Physical Memory | 27.14% Memory free
1.41 Gb Paging File | 0.57 Gb Available in Paging File | 40.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 113.20 Gb Total Space | 99.46 Gb Free Space | 87.87% Space Free | Partition Type: NTFS
Drive D: | 112.85 Gb Total Space | 107.19 Gb Free Space | 94.98% Space Free | Partition Type: NTFS

Computer Name: VELCD-PC | User Name: velcd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\velcd\Downloads\OTL.exe
PRC - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/02/20 18:40:30 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
PRC - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
PRC - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe


========== Modules (SafeList) ==========

MOD - [2011/08/19 18:35:44 | 000,180,224 | ---- | M] (Softanics) -- C:\Users\velcd\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
MOD - [2011/08/14 17:19:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\velcd\Downloads\OTL.exe
MOD - [2011/08/04 18:58:33 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2011/08/04 18:58:32 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2011/03/27 13:59:56 | 000,325,408 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\ssv.dll
MOD - [2011/02/24 21:08:40 | 002,195,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffStateMc.dll
MOD - [2011/02/24 21:08:38 | 000,234,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffIpHelper.dll
MOD - [2011/02/24 21:08:38 | 000,200,608 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\affNdis.dll
MOD - [2011/02/24 21:08:36 | 000,022,944 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/02/24 21:08:34 | 000,139,680 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\AffCrypto.dll
MOD - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
MOD - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
MOD - [2011/02/24 20:39:00 | 000,658,432 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2011/02/19 00:33:29 | 000,053,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
MOD - [2011/02/19 00:33:23 | 003,765,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90.dll
MOD - [2011/02/19 00:33:19 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2011/02/19 00:33:19 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2011/02/15 13:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2011/02/15 13:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2011/02/15 13:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2011/02/15 13:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2011/02/15 12:30:52 | 000,118,784 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Belkin\Router Setup and Monitor\W32N55.dll
MOD - [2011/02/15 12:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2011/01/30 11:45:12 | 000,064,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MOD - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
MOD - [2009/08/03 20:27:18 | 000,625,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymNeti.dll
MOD - [2009/08/03 20:27:16 | 000,242,056 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymRedir.dll
MOD - [2008/09/22 18:09:34 | 000,669,048 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll
MOD - [2008/09/22 18:09:22 | 000,142,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\npcTray.dll
MOD - [2008/07/30 18:42:18 | 000,398,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll
MOD - [2008/07/30 18:42:18 | 000,283,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll
MOD - [2008/07/16 16:42:06 | 000,305,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\ISLAlert.dll
MOD - [2008/07/10 13:37:48 | 000,464,232 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\DefAlert.dll
MOD - [2008/01/29 18:38:26 | 000,353,672 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertUi.dll
MOD - [2008/01/29 18:38:25 | 000,398,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
MOD - [2007/10/18 18:24:22 | 000,148,856 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\coShared\WP\1.0\nppwBHO.dll
MOD - [2007/10/02 20:20:52 | 000,439,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\coShared\WP\1.0\nppw.dll
MOD - [2007/07/06 15:24:32 | 000,128,888 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\UILICPLG.DLL
MOD - [2007/07/06 15:24:28 | 000,493,432 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL
MOD - [2007/07/06 15:24:26 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NSCHLPR2.DLL
MOD - [2007/07/06 15:24:24 | 000,090,488 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMICL.DLL
MOD - [2007/07/06 15:24:24 | 000,082,808 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\NPCWMIDT.DLL
MOD - [2007/07/06 14:24:38 | 000,064,376 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\PEPEVNT.DLL
MOD - [2007/07/06 14:24:22 | 000,057,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NPC\DATAPVDR.DLL
MOD - [2007/01/26 14:03:18 | 000,366,200 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ISDataCl.dll
MOD - [2007/01/19 17:36:48 | 000,070,240 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMAIL.DLL
MOD - [2007/01/19 17:36:46 | 000,290,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIFC.DLL
MOD - [2007/01/19 17:36:40 | 000,162,912 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVEXCLU.DLL
MOD - [2006/12/26 08:54:05 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
MOD - [2006/12/26 08:54:03 | 001,079,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
MOD - [2006/11/21 00:45:22 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
MOD - [2006/11/21 00:45:18 | 000,163,016 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\coShared\WP\1.0\nppwUI.dll
MOD - [2006/11/21 00:45:14 | 000,278,704 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\NCOItf.dll
MOD - [2006/11/21 00:45:10 | 000,565,960 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
MOD - [2006/11/21 00:45:10 | 000,546,472 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHORes.loc
MOD - [2006/11/21 00:45:08 | 000,158,368 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\BrRules.dll
MOD - [2006/11/21 00:45:08 | 000,096,984 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll
MOD - [2006/11/21 00:45:08 | 000,073,392 | R--- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\BrCore.dll
MOD - [2006/11/21 00:44:36 | 000,013,928 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll
MOD - [2006/11/21 00:44:34 | 000,259,688 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccWebWnd.dll
MOD - [2006/11/21 00:44:34 | 000,128,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
MOD - [2006/11/21 00:44:32 | 000,296,552 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvc.dll
MOD - [2006/11/21 00:44:32 | 000,145,000 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSet.dll
MOD - [2006/11/21 00:44:32 | 000,071,272 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
MOD - [2006/11/21 00:44:32 | 000,063,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProSub.dll
MOD - [2006/11/21 00:44:30 | 000,532,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccL60U.dll
MOD - [2006/11/21 00:44:30 | 000,206,440 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
MOD - [2006/11/21 00:44:28 | 000,345,704 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll
MOD - [2006/11/21 00:44:28 | 000,263,784 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
MOD - [2006/11/21 00:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
MOD - [2006/11/21 00:43:42 | 000,190,608 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll
MOD - [2006/11/21 00:43:42 | 000,059,536 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll
MOD - [2006/11/21 00:43:42 | 000,046,224 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll
MOD - [2006/11/21 00:42:50 | 000,163,496 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Options\CLTWrap2.dll
MOD - [2006/11/21 00:42:26 | 000,421,008 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll
MOD - [2006/11/21 00:42:26 | 000,041,104 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll
MOD - [2006/11/21 00:42:24 | 000,033,936 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll
MOD - [2006/11/21 00:42:18 | 000,078,504 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\SetEvtHp.dll
MOD - [2006/11/21 00:42:16 | 000,097,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NisTray.dll
MOD - [2006/11/21 00:42:16 | 000,009,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\NISTrRes.dll
MOD - [2006/11/21 00:42:14 | 001,016,488 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\isRes.dll
MOD - [2006/11/21 00:42:08 | 000,231,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlert.dll
MOD - [2006/11/21 00:42:08 | 000,198,312 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwEvent.dll
MOD - [2006/11/21 00:42:08 | 000,021,160 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\fwAlRes.dll
MOD - [2006/11/21 00:42:02 | 000,074,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\AlertRes.dll
MOD - [2006/11/21 00:41:44 | 000,325,280 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NavOpts.loc
MOD - [2006/11/21 00:41:42 | 000,468,640 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NAVOpts.dll
MOD - [2006/11/21 00:41:42 | 000,008,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NavError.loc
MOD - [2006/11/21 00:41:40 | 000,083,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\NAVError.dll
MOD - [2006/11/21 00:41:38 | 000,206,496 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.loc
MOD - [2006/11/21 00:41:36 | 000,226,976 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\AVPAPP32.dll
MOD - [2006/11/17 09:26:58 | 000,453,120 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
MOD - [2006/11/16 23:41:40 | 000,237,568 | ---- | M] (HiTRSUT) -- C:\Windows\System32\keyManager.dll
MOD - [2006/11/16 20:10:14 | 000,286,720 | ---- | M] (HiTRUST) -- C:\Windows\System32\sysenv.dll
MOD - [2006/11/16 14:20:26 | 000,299,008 | ---- | M] (HiTRUST) -- C:\Windows\System32\ActiveToolBand.dll
MOD - [2006/11/16 14:19:32 | 000,109,568 | ---- | M] (HiTRUST) -- C:\Windows\System32\ADMIN_CLASS_LIB.dll
MOD - [2006/11/16 14:19:10 | 000,037,376 | ---- | M] () -- C:\Windows\System32\MSNChatHook.dll
MOD - [2006/11/16 14:18:54 | 000,120,832 | ---- | M] (HiTRUST) -- C:\Windows\System32\PSDUtil.dll
MOD - [2006/11/16 14:18:50 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2006/11/02 08:34:59 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2006/11/02 08:34:55 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2006/11/02 08:34:55 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2006/11/02 08:34:25 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2006/11/02 08:34:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2006/11/02 08:34:04 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2006/11/02 08:34:02 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
MOD - [2006/11/02 08:34:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
MOD - [2006/11/02 08:34:02 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2006/11/02 08:34:01 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
MOD - [2006/11/02 08:33:51 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
MOD - [2006/11/02 08:33:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2006/11/02 08:33:45 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2006/11/02 05:46:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2006/11/02 05:46:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2006/11/02 05:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2006/11/02 05:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2006/11/02 05:46:13 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2006/11/02 05:46:13 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2006/11/02 05:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2006/11/02 05:46:13 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
MOD - [2006/11/02 05:46:13 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
MOD - [2006/11/02 05:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2006/11/02 05:46:13 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
MOD - [2006/11/02 05:46:12 | 003,022,848 | ---- | M] (NVidia Corporation) -- C:\Windows\System32\nvd3dum.dll
MOD - [2006/11/02 05:46:12 | 001,822,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2006/11/02 05:46:12 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2006/11/02 05:46:12 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
MOD - [2006/11/02 05:46:12 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pautoenr.dll
MOD - [2006/11/02 05:46:12 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2006/11/02 05:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2006/11/02 05:46:11 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
MOD - [2006/11/02 05:46:11 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2006/11/02 05:46:11 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2006/11/02 05:46:10 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2006/11/02 05:46:09 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2006/11/02 05:46:07 | 000,458,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
MOD - [2006/11/02 05:46:07 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
MOD - [2006/11/02 05:46:06 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2006/11/02 05:46:06 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2006/11/02 05:46:06 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2006/11/02 05:46:05 | 002,014,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
MOD - [2006/11/02 05:46:05 | 000,543,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2006/11/02 05:46:05 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
MOD - [2006/11/02 05:46:05 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2006/11/02 05:46:05 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
MOD - [2006/11/02 05:46:05 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2006/11/02 05:46:05 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2006/11/02 05:46:05 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\iebrshim.dll
MOD - [2006/11/02 05:46:05 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
MOD - [2006/11/02 05:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2006/11/02 05:46:04 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
MOD - [2006/11/02 05:46:04 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
MOD - [2006/11/02 05:46:04 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2006/11/02 05:46:04 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2006/11/02 05:46:03 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2006/11/02 05:46:03 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2006/11/02 05:46:03 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2006/11/02 05:46:03 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2006/11/02 05:46:03 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddrawex.dll
MOD - [2006/11/02 05:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2006/11/02 05:46:03 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2006/11/02 05:46:02 | 001,984,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2006/11/02 05:46:02 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
MOD - [2006/11/02 05:46:02 | 000,398,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
MOD - [2006/11/02 05:46:02 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2006/11/02 05:46:02 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcRedir.dll
MOD - [2006/11/02 05:46:02 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2006/11/02 05:46:02 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2006/11/02 05:44:42 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2006/11/02 05:44:42 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2006/11/02 05:39:30 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icmp.dll
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
MOD - [2006/11/02 05:38:56 | 001,744,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\GdiPlus.dll
MOD - [2006/11/02 05:38:56 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
MOD - [2006/11/02 04:22:05 | 002,628,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
MOD - [2006/09/29 17:13:28 | 000,401,408 | ---- | M] (HiTRUST) -- C:\Windows\System32\CryptoAPI.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/02/20 18:40:30 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/11/25 02:58:28 | 000,118,870 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006/11/25 02:58:26 | 000,274,520 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/21 00:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/11/21 00:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006/11/21 00:42:52 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/11/21 00:42:12 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006/11/12 22:35:08 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2006/11/02 08:33:48 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/18 04:00:00 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/05/18 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110520.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/10 04:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/10 04:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/02/20 19:51:49 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/01/08 04:34:22 | 000,287,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20110510.001\IDSvix86.sys -- (IDSvix86)
DRV - [2010/07/08 15:10:08 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/08/03 20:07:12 | 000,038,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/08/03 20:07:10 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/03 20:07:10 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/03 20:07:10 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/08/03 20:07:10 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/08/03 20:07:10 | 000,012,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/12/01 00:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/12/01 00:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/12/01 00:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/12/11 13:34:22 | 000,097,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/21 00:45:36 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/11/02 03:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/13 23:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2002/07/08 14:26:08 | 000,025,281 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enethusb.sys -- (ENETHUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolba...92de215329e46ad
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/18 18:42:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/18 18:42:28 | 000,000,000 | ---D | M]

[2011/02/20 15:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Extensions
[2011/02/20 21:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\velcd\AppData\Roaming\Mozilla\Firefox\Profiles\lbs0k2jh.default\extensions
[2011/06/12 16:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/14 12:33:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2009/08/14 12:33:30 | 000,091,480 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2009/08/14 12:33:26 | 000,020,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2007/03/16 17:33:48 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2007/03/16 17:33:48 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2007/03/16 17:33:50 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2011/03/27 13:59:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/08/14 12:35:40 | 000,427,344 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2009/08/14 12:33:22 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2011/08/17 17:54:52 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [osCheck] c:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PCMService] C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/18 17:25:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/18 17:25:34 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/18 17:25:22 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/17 20:13:07 | 001,404,720 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\velcd\Desktop\TDSSKiller.exe
[2011/08/17 17:54:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/15 22:07:55 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\Citrix
[2011/08/06 17:13:36 | 000,000,000 | ---D | C] -- C:\Windows\{7EBEACC7-A0C9-4DA4-9A63-3DC7D244B051}
[2011/08/06 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2011/08/06 13:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy
[2011/08/04 19:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/04 19:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/04 19:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/04 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/04 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Local\Apple
[2011/08/04 18:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/08/04 18:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/07/21 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\velcd\Documents\MakeDiscVideo
[2011/07/21 18:37:10 | 000,000,000 | ---D | C] -- C:\Users\velcd\AppData\Roaming\CyberLink
[2006/12/26 09:16:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 30 Days ==========

[2011/08/20 12:02:04 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 12:02:04 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 10:43:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/19 18:32:07 | 469,295,104 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/18 17:25:35 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/17 20:13:07 | 001,404,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\velcd\Desktop\TDSSKiller.exe
[2011/08/17 18:31:26 | 169,294,974 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/17 18:10:37 | 000,000,680 | ---- | M] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/08/17 17:54:52 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/08/16 18:44:23 | 000,000,512 | ---- | M] () -- C:\Users\velcd\Desktop\MBR.dat
[2011/08/06 17:26:54 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/06 17:26:54 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

========== Files Created - No Company Name ==========

[2011/08/18 17:25:35 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/16 18:44:17 | 000,000,512 | ---- | C] () -- C:\Users\velcd\Desktop\MBR.dat
[2011/08/04 18:56:55 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/02/28 22:32:54 | 000,000,680 | ---- | C] () -- C:\Users\velcd\AppData\Local\d3d9caps.dat
[2011/02/20 19:54:45 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2011/02/20 15:56:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/18 18:10:35 | 000,004,608 | ---- | C] () -- C:\Users\velcd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/11 00:15:47 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2011/02/11 00:15:47 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2006/12/26 09:17:01 | 000,319,488 | ---- | C] () -- C:\Windows\System32\SysMonitor.exe
[2006/12/26 09:16:59 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006/12/26 09:12:36 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006/12/26 09:05:29 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006/12/26 08:36:38 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006/12/26 07:41:20 | 000,000,700 | ---- | C] () -- C:\Windows\generic.ini
[2006/12/26 07:41:20 | 000,000,095 | ---- | C] () -- C:\Windows\Alaunch.ini
[2006/11/16 14:20:38 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2006/11/16 14:20:20 | 000,200,704 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2006/11/16 14:20:10 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2006/11/16 14:19:10 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll
[2006/11/16 14:19:04 | 000,123,904 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2006/11/16 14:18:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2006/11/16 14:18:50 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/11/16 14:18:06 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/13 06:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 000,240,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2011/08/15 22:07:55 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\Citrix
[2011/04/29 17:45:42 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\ICAClient
[2011/05/28 13:35:52 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\OpenOffice.org
[2011/05/27 16:25:11 | 000,000,000 | ---D | M] -- C:\Users\velcd\AppData\Roaming\W Photo Studio Viewer
[2011/07/22 10:10:06 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/08/19 18:28:38 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#14
Essexboy
Posted 20 August 2011 - 11:41 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not running Firefox freed 25Mb or so. But to be honest with only 450Mb you are always going to be on a hiding to nothing. Memory is cheap now, did you try the crucial scanner ?

Subject to no further problems :yes:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :unsure:
  • 0

#15
Essexboy
Posted 22 August 2011 - 08:32 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP