Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Boot.Tidserv keeps returning after norton says its removed


  • Please log in to reply

#1
louuu

louuu

    Member

  • Member
  • PipPipPip
  • 223 posts
hi and thank you in advance for your help. starting today everytime i reboot my machine norton would find and quarantine Boot.Tidserv. but when i rebooted again it found it again as if its replicating itself on each reboot. i ran a norton full scan and i ran the tdss killer, but nothing helped. im stuck with this virus/rootkit and after researching it on the web i was directed here for some professional help. ive used this forum a few times, but the last time was years ago. now im back and i need help. i would gratefully make a small paypal donation to anyone who can help me resolve this, thank you.

OTL logfile created on: 11/28/2011 2:55:38 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Luis\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 10.18 Gb Available Physical Memory | 85.00% Memory free
41.28 Gb Paging File | 39.30 Gb Available in Paging File | 95.22% Paging File free
Paging file location(s): c:\pagefile.sys 30000 40000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.84 Gb Total Space | 519.48 Gb Free Space | 56.60% Space Free | Partition Type: NTFS
Drive F: | 917.84 Gb Total Space | 211.41 Gb Free Space | 23.03% Space Free | Partition Type: NTFS

Computer Name: LUIS | User Name: Luis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/28 02:55:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe
PRC - [2011/11/19 19:25:22 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011/11/10 10:51:28 | 000,520,040 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2011/11/10 01:04:50 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
PRC - [2011/06/17 10:02:10 | 001,000,896 | ---- | M] (Cyber Power Systems, Inc.) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/15 06:20:22 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2010/09/13 11:48:12 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
PRC - [2010/03/03 19:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
PRC - [2010/03/03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
PRC - [2007/10/02 11:23:26 | 002,482,176 | ---- | M] (DigiPortal Software, Inc.) -- C:\Program Files (x86)\DigiPortal Software\ChoiceMail\CMServer.exe
PRC - [2007/10/02 11:23:06 | 005,230,592 | ---- | M] (DigiPortal Software, Inc.) -- C:\Program Files (x86)\DigiPortal Software\ChoiceMail\ChoiceMail.exe


========== Modules (No Company Name) ==========

MOD - [2011/02/15 06:20:22 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2011/02/15 06:20:08 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2011/02/15 06:20:02 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2011/02/15 06:19:44 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2011/02/15 06:19:30 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2011/02/15 06:19:20 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2010/07/26 23:37:16 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/25 21:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/11/19 19:25:22 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011/11/10 10:51:28 | 000,520,040 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2011/11/10 01:04:50 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2011/06/17 10:02:10 | 001,000,896 | ---- | M] (Cyber Power Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/09/13 11:48:12 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2010/03/27 16:09:22 | 001,054,568 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2010/02/12 07:09:18 | 002,227,216 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe -- (GenericMount Helper Service)
SRV - [2009/09/21 20:19:22 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/10/02 11:23:26 | 002,482,176 | ---- | M] (DigiPortal Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigiPortal Software\ChoiceMail\CMServer.exe -- (svcChoiceMail)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006/12/15 04:01:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/19 21:09:58 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011/11/19 19:25:23 | 000,252,512 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011/11/19 19:25:21 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV:64bit: - [2011/11/19 19:25:17 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/11/19 19:25:12 | 000,271,456 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011/11/17 21:11:48 | 000,561,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011/11/17 21:08:52 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/10/25 22:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/25 20:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/21 19:35:58 | 000,279,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2011/09/21 19:35:58 | 000,120,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symfw.sys -- (SYMFW)
DRV:64bit: - [2011/09/21 19:35:58 | 000,056,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2011/06/06 17:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/15 17:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/30 14:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 14:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/07/26 21:41:28 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/07/19 23:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/19 23:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/13 16:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/06/08 05:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2010/06/03 11:35:02 | 000,033,792 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir3.sys -- (hcw85cir)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/12 07:10:12 | 000,066,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2010/01/20 16:14:19 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2010/01/20 16:14:19 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2010/01/20 16:14:18 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/01/20 16:14:18 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2010/01/20 16:14:18 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/10/01 22:03:40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009/09/21 20:40:14 | 000,020,528 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV:64bit: - [2009/09/21 20:20:42 | 000,170,032 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009/09/11 16:19:08 | 001,705,600 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/17 14:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV:64bit: - [2008/01/19 19:45:40 | 000,045,104 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\v2imount.sys -- (v2imount)
DRV - [2011/11/26 07:34:26 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20111127.005\EX64.SYS -- (NAVEX15)
DRV - [2011/11/26 07:34:26 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20111127.005\ENG64.SYS -- (NAVENG)
DRV - [2011/11/17 16:04:32 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20111124.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011/11/17 10:45:58 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/11/17 10:45:58 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/26 19:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/11/17 21:13:10 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [ChoiceMail] C:\Program Files (x86)\DigiPortal Software\ChoiceMail\ChoiceMail.exe (DigiPortal Software, Inc.)
O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClearHistory.cmd ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBF958F2-8A6A-4D16-856E-78A57CD80E54}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/28 02:55:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe
[2011/11/28 02:39:50 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\tdsskiller
[2011/11/28 01:56:32 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\NPE
[2011/11/28 00:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2011/11/27 21:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image Home
[2011/11/27 21:21:03 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Acronis
[2011/11/27 16:43:33 | 000,000,000 | R--D | C] -- C:\OffStart
[2011/11/26 20:08:49 | 000,000,000 | R--D | C] -- C:\Users\Luis\Documents\Scanned Documents
[2011/11/26 20:08:49 | 000,000,000 | ---D | C] -- C:\Users\Luis\Documents\Fax
[2011/11/26 19:14:04 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\EPSON
[2011/11/26 19:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2011/11/26 19:07:34 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011/11/26 19:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON
[2011/11/26 19:06:22 | 000,000,000 | ---D | C] -- C:\epson
[2011/11/23 15:38:35 | 000,626,688 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2011/11/23 15:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2011/11/23 13:09:12 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\ATI
[2011/11/23 13:09:12 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\ATI
[2011/11/23 13:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/11/23 13:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/11/23 13:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/11/23 13:08:04 | 000,000,000 | ---D | C] -- C:\Program Files (86)
[2011/11/23 13:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/11/23 13:05:36 | 000,000,000 | ---D | C] -- C:\ATI
[2011/11/23 05:20:59 | 000,000,000 | ---D | C] -- C:\ViewSonic
[2011/11/23 05:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2011/11/23 05:04:55 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\PC_Drivers_Headquarters
[2011/11/23 05:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters Inc
[2011/11/23 04:52:09 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\GetRightToGo
[2011/11/23 00:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAvi and ConvertXtoDvd
[2011/11/23 00:39:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dvd Vlc Players
[2011/11/23 00:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware And Cleanup
[2011/11/23 00:31:47 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Symantec
[2011/11/22 06:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeroInstall.bak
[2011/11/21 23:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinAVI
[2011/11/21 20:20:29 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Nero
[2011/11/21 20:20:08 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Nero
[2011/11/21 20:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/11/21 20:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2011/11/21 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Citrix
[2011/11/21 20:14:03 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Apps
[2011/11/21 20:14:02 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Deployment
[2011/11/21 20:09:05 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Ahead
[2011/11/21 20:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/11/21 20:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011/11/21 20:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/11/21 09:43:29 | 000,000,000 | ---D | C] -- C:\Users\Luis\etpro
[2011/11/21 09:43:25 | 000,000,000 | ---D | C] -- C:\data
[2011/11/21 09:41:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/11/20 18:19:30 | 000,000,000 | ---D | C] -- C:\Windows\Media XP
[2011/11/20 17:54:43 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\TP
[2011/11/20 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\Luis\Documents\Roxio Projects
[2011/11/20 17:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dvd Cd Amazon Burning Programs
[2011/11/20 03:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daemon Virtual Drive
[2011/11/20 03:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Pro
[2011/11/20 02:28:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/11/20 02:24:06 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\WinAVI
[2011/11/20 02:24:06 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\WinAVI
[2011/11/20 02:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\unlocker beta
[2011/11/19 23:38:01 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Sierra
[2011/11/19 23:36:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Print Artist
[2011/11/19 23:35:59 | 000,000,000 | ---D | C] -- C:\Windows\Fonts\FONTS
[2011/11/19 23:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011/11/19 23:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sierra
[2011/11/19 23:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra
[2011/11/19 23:31:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\[bleep] NFO Viewer
[2011/11/19 21:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/11/19 21:13:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrontPage Express
[2011/11/19 21:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Frontpage
[2011/11/19 21:09:58 | 000,082,816 | ---- | C] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin.sys
[2011/11/19 21:09:58 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Luis\AppData\Roaming\pcouffin.sys
[2011/11/19 21:09:57 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Vso
[2011/11/19 21:09:57 | 000,000,000 | ---D | C] -- C:\Users\Luis\Documents\PcSetup
[2011/11/19 20:58:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/11/19 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\uTorrent
[2011/11/19 19:53:18 | 000,000,000 | ---D | C] -- C:\Windows\Ulead.dat
[2011/11/19 19:52:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead Photo Express
[2011/11/19 19:46:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ulead iPhoto Express
[2011/11/19 19:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\my reminders
[2011/11/19 19:28:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2011/11/19 19:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2011/11/19 19:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2011/11/19 08:58:34 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\pix
[2011/11/19 08:57:22 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\stock urls
[2011/11/19 00:41:20 | 000,170,032 | ---- | C] (StorageCraft) -- C:\Windows\SysNative\drivers\symsnap.sys
[2011/11/19 00:41:07 | 000,020,528 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\vproeventmonitor.sys
[2011/11/19 00:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Ghost
[2011/11/18 23:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2011/11/18 23:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2011/11/18 21:43:47 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\DigiPortal
[2011/11/18 20:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DigiPortal Software
[2011/11/18 19:23:36 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\MigWiz
[2011/11/18 19:13:03 | 000,000,000 | R-SD | C] -- C:\Users\Luis\Documents\My Stationery
[2011/11/18 19:11:55 | 000,000,000 | ---D | C] -- C:\Users\Luis\Tracing
[2011/11/18 18:59:54 | 000,000,000 | ---D | C] -- C:\ProgramData\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
[2011/11/18 15:41:01 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/11/18 12:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Amazon
[2011/11/18 12:16:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2011/11/18 12:16:18 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/11/18 11:43:41 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\unseen
[2011/11/18 10:51:04 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Symantec_Corporation
[2011/11/18 10:51:04 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Symantec
[2011/11/18 10:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lock my Folder
[2011/11/18 10:41:45 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Adobe
[2011/11/18 10:32:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2011/11/18 10:31:46 | 000,045,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\v2imount.sys
[2011/11/18 10:31:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/11/18 10:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Future Systems Solutions
[2011/11/18 09:54:41 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\PowerPanel Personal Edition
[2011/11/18 09:54:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
[2011/11/18 09:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberPower Personal Edition
[2011/11/18 09:42:45 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Splashtop Remote Client
[2011/11/18 09:42:38 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Downloaded Installations
[2011/11/18 09:36:43 | 000,000,000 | ---D | C] -- C:\temp
[2011/11/18 09:35:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2011/11/18 09:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop
[2011/11/18 09:35:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Splashtop
[2011/11/18 09:35:07 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\{BA5F88F1-D2F2-4E27-85A3-42F74C7F2FC2}
[2011/11/18 09:34:57 | 000,000,000 | ---D | C] -- C:\Windows\Ver
[2011/11/18 09:33:23 | 000,000,000 | ---D | C] -- C:\Pics
[2011/11/18 09:31:24 | 000,000,000 | ---D | C] -- C:\DivXtoDvdMovies
[2011/11/18 09:31:07 | 000,000,000 | ---D | C] -- C:\Desktop Pics
[2011/11/18 08:44:18 | 000,000,000 | ---D | C] -- C:\Completed Movies
[2011/11/18 08:43:47 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\Bills
[2011/11/18 08:38:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Hauppauge
[2011/11/18 08:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HCW85
[2011/11/18 08:29:02 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2011/11/18 08:29:02 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2011/11/18 08:29:02 | 000,118,849 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2011/11/18 08:29:02 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2011/11/18 08:02:38 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Macromedia
[2011/11/18 08:02:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/11/18 08:02:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/18 08:00:25 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Malwarebytes
[2011/11/18 08:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/18 08:00:18 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/18 08:00:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/18 02:33:22 | 000,000,000 | ---D | C] -- C:\Lou Saved Files
[2011/11/18 02:29:11 | 000,000,000 | ---D | C] -- C:\Lou Music
[2011/11/18 02:18:59 | 000,000,000 | ---D | C] -- C:\LTemp On Desktop
[2011/11/18 01:35:10 | 000,000,000 | ---D | C] -- C:\Lou Videos
[2011/11/18 01:09:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\modern warfare 3
[2011/11/18 00:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011/11/18 00:13:12 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\DAEMON Tools Pro
[2011/11/18 00:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2011/11/18 00:01:51 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\vlc
[2011/11/18 00:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/11/17 23:33:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fraps
[2011/11/17 22:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/11/17 21:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CleanUp!
[2011/11/17 21:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2011/11/17 21:34:29 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Macrovision
[2011/11/17 21:34:04 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Sonic_Solutions
[2011/11/17 21:13:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011/11/17 21:11:54 | 000,476,720 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtsp64.sys
[2011/11/17 21:11:54 | 000,402,992 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymEFA64.sys
[2011/11/17 21:11:54 | 000,334,384 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\BHDrvx64.sys
[2011/11/17 21:11:54 | 000,279,160 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symtdi.sys
[2011/11/17 21:11:54 | 000,120,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symfw.sys
[2011/11/17 21:11:54 | 000,056,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symndisv.sys
[2011/11/17 21:11:54 | 000,044,152 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symndis.sys
[2011/11/17 21:11:54 | 000,043,640 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symids.sys
[2011/11/17 21:11:54 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtspx64.sys
[2011/11/17 21:11:48 | 000,561,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\cchpx64.sys
[2011/11/17 21:11:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1008030.006
[2011/11/17 20:45:37 | 000,000,000 | ---D | C] -- C:\Users\Luis\Documents\Symantec
[2011/11/17 20:42:55 | 000,031,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys
[2011/11/17 20:42:53 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/11/17 20:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/11/17 20:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/11/17 20:42:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2011/11/17 20:42:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security And Ghost
[2011/11/17 20:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2011/11/17 20:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2011/11/17 20:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/11/17 20:42:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/11/17 20:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011/11/17 20:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec Temporary Files
[2011/11/17 19:27:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/11/17 19:23:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/11/17 19:19:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/11/17 19:19:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/11/17 18:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/11/17 18:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/11/17 18:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2011/11/17 18:00:00 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Adobe
[2011/11/17 17:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Futuremark Shared
[2011/11/17 17:59:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Futuremark
[2011/11/17 17:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2011/11/17 17:59:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2011/11/17 17:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2011/11/17 17:59:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011/11/17 17:46:44 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011/11/17 17:46:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HWMonitor
[2011/11/17 17:14:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Dell
[2011/11/17 17:14:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2011/11/17 16:41:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\codatser
[2011/11/17 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Roxio
[2011/11/17 16:36:25 | 000,000,000 | R--D | C] -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/11/17 16:36:25 | 000,000,000 | R--D | C] -- C:\Users\Luis\Searches
[2011/11/17 16:36:25 | 000,000,000 | -H-D | C] -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/11/17 16:36:19 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Identities
[2011/11/17 16:36:15 | 000,000,000 | R--D | C] -- C:\Users\Luis\Contacts
[2011/11/17 16:36:11 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\VirtualStore
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\AppData\Local\Temporary Internet Files
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Templates
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Start Menu
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\SendTo
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Recent
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\PrintHood
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\NetHood
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Documents\My Videos
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Documents\My Pictures
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Documents\My Music
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\My Documents
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Local Settings
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\AppData\Local\History
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Cookies
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Application Data
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\AppData\Local\Application Data
[2011/11/17 16:36:00 | 000,000,000 | --SD | C] -- C:\Users\Luis\AppData\Roaming\Microsoft
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Videos
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Saved Games
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Pictures
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Music
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Links
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Favorites
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Downloads
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Documents
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Desktop
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/11/17 16:36:00 | 000,000,000 | -H-D | C] -- C:\Users\Luis\AppData
[2011/11/17 16:36:00 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Temp
[2011/11/17 16:36:00 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Microsoft
[2011/11/17 16:36:00 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Media Center Programs
[2011/11/03 13:03:48 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/11/03 13:03:35 | 000,000,000 | -HSD | C] -- C:\Boot
[2011/11/03 13:00:33 | 000,180,736 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3xhc.sys
[2011/11/03 13:00:33 | 000,080,384 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3hub.sys
[2011/11/03 13:00:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM
[2011/11/03 13:00:33 | 000,000,000 | ---D | C] -- C:\Hotfix
[2011/11/03 12:55:08 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2011/11/03 12:54:42 | 000,147,456 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcwecppp.ax
[2011/11/03 12:54:42 | 000,099,328 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcwcp.ax
[2011/11/03 12:54:42 | 000,033,792 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir3.sys
[2011/11/03 12:54:37 | 000,139,776 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw85enc.ax
[2011/11/03 12:54:37 | 000,110,592 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw85prop.ax
[2011/11/03 12:54:36 | 001,705,600 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\drivers\HCW85BDA.sys
[2011/11/03 12:53:07 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011/11/03 12:53:06 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011/11/03 12:53:06 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011/11/03 12:53:06 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011/11/03 12:53:06 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011/11/03 12:53:06 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011/11/03 12:53:06 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011/11/03 12:53:06 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011/11/03 12:53:06 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011/11/03 12:53:06 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011/11/03 12:53:06 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011/11/03 12:53:06 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011/11/03 12:53:06 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011/11/03 12:53:05 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/11/03 12:53:04 | 000,000,000 | -H-D | C] -- C:\Drivers
[2011/11/03 12:52:54 | 000,000,000 | ---D | C] -- C:\Minint
[2011/11/03 12:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/11/03 12:08:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011/11/03 12:06:42 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/11/03 12:06:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/11/03 10:50:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/11/03 10:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/11/03 10:48:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/11/03 10:48:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/11/03 10:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/11/03 10:47:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/11/03 10:47:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/11/03 10:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/11/03 10:42:06 | 000,000,000 | ---D | C] -- C:\dell
[2011/11/03 10:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/11/03 10:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/11/03 10:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2011/11/03 10:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2011/11/03 10:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/11/03 10:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/11/03 10:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2011/11/03 10:33:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/11/03 10:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011/11/03 10:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2011/11/03 10:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2011/11/03 10:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2011/11/03 10:30:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/11/03 10:30:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2011/11/03 10:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2011/11/03 10:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011/11/03 10:27:25 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/11/03 10:11:24 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/11/03 10:11:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2011/11/28 02:55:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe
[2011/11/28 02:39:35 | 001,547,774 | ---- | M] () -- C:\Users\Luis\Desktop\tdsskiller.zip
[2011/11/28 02:27:10 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/28 02:27:10 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/28 02:25:31 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/28 02:25:31 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/28 02:25:31 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/28 02:19:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/28 02:19:23 | 1059,934,206 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/28 02:18:59 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2011/11/28 01:30:06 | 000,045,004 | ---- | M] () -- C:\Users\Luis\Desktop\dex ep9.torrent
[2011/11/27 23:47:02 | 000,000,724 | ---- | M] () -- C:\Windows\ULead32.ini
[2011/11/27 22:32:14 | 001,427,318 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\Cat.DB
[2011/11/27 21:36:21 | 000,007,603 | ---- | M] () -- C:\Users\Luis\AppData\Local\Resmon.ResmonCfg
[2011/11/27 18:33:33 | 000,000,952 | ---- | M] () -- C:\Users\Luis\Desktop\ati phone number.url
[2011/11/27 11:53:32 | 000,000,573 | ---- | M] () -- C:\Users\Luis\Desktop\Dell 24 calibration.url
[2011/11/27 07:58:34 | 000,000,312 | ---- | M] () -- C:\Users\Luis\Desktop\wd 1tb daurys18.url
[2011/11/26 19:27:31 | 000,000,312 | ---- | M] () -- C:\Users\Luis\Desktop\wd 2tb mjcizme.url
[2011/11/26 18:13:08 | 000,000,360 | ---- | M] () -- C:\Users\Luis\Desktop\dell 23.url
[2011/11/23 22:27:16 | 000,003,270 | ---- | M] () -- C:\Windows\DesktopOK.ini
[2011/11/23 21:08:13 | 000,000,215 | ---- | M] () -- C:\Users\Luis\Desktop\G Maps.url
[2011/11/23 15:39:52 | 000,001,057 | ---- | M] () -- C:\Users\Luis\AppData\Roaming\vso_ts_preview.xml
[2011/11/23 15:36:41 | 000,099,384 | ---- | M] () -- C:\Users\Luis\AppData\Roaming\inst.exe
[2011/11/23 15:36:41 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Luis\AppData\Roaming\pcouffin.sys
[2011/11/23 15:36:41 | 000,007,859 | ---- | M] () -- C:\Users\Luis\AppData\Roaming\pcouffin.cat
[2011/11/23 15:36:41 | 000,001,167 | ---- | M] () -- C:\Users\Luis\AppData\Roaming\pcouffin.inf
[2011/11/22 20:27:22 | 000,000,312 | ---- | M] () -- C:\Users\Luis\Desktop\wd 2tb me.url
[2011/11/21 23:50:31 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/11/21 20:20:28 | 000,007,867 | ---- | M] () -- C:\Windows\Irremote.ini
[2011/11/21 20:14:15 | 000,103,784 | ---- | M] () -- C:\Users\Luis\GoToAssistDownloadHelper.exe
[2011/11/21 19:06:58 | 000,000,314 | ---- | M] () -- C:\Users\Luis\Desktop\newegg.url
[2011/11/20 02:24:05 | 000,001,208 | ---- | M] () -- C:\Users\Luis\Desktop\WinAvi.lnk
[2011/11/19 23:53:45 | 000,384,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/19 23:47:43 | 000,000,150 | ---- | M] () -- C:\Windows\Sierra.ini
[2011/11/19 22:47:44 | 000,001,397 | ---- | M] () -- C:\Users\Luis\Desktop\NY Post.url
[2011/11/19 22:47:13 | 000,000,260 | ---- | M] () -- C:\Users\Luis\Desktop\Lottery.url
[2011/11/19 22:46:49 | 000,000,578 | ---- | M] () -- C:\Users\Luis\Desktop\Amazon Feed.url
[2011/11/19 22:46:19 | 000,001,545 | ---- | M] () -- C:\Users\Luis\Desktop\dexter.url
[2011/11/19 22:45:34 | 000,000,578 | ---- | M] () -- C:\Users\Luis\Desktop\PayPal shipping.url
[2011/11/19 22:44:57 | 000,000,298 | ---- | M] () -- C:\Users\Luis\Desktop\PayPal.url
[2011/11/19 22:44:16 | 000,000,415 | ---- | M] () -- C:\Users\Luis\Desktop\dell 8300 refurb.url
[2011/11/19 22:43:16 | 000,000,318 | ---- | M] () -- C:\Users\Luis\Desktop\My eBay.url
[2011/11/19 22:42:22 | 000,000,291 | ---- | M] () -- C:\Users\Luis\Desktop\Andale.url
[2011/11/19 22:41:40 | 000,008,662 | ---- | M] () -- C:\Users\Luis\Desktop\% Gainers.url
[2011/11/19 22:41:17 | 000,000,370 | ---- | M] () -- C:\Users\Luis\Desktop\charles clist.url
[2011/11/19 22:40:55 | 000,000,272 | ---- | M] () -- C:\Users\Luis\Desktop\kitco sil.url
[2011/11/19 22:40:35 | 000,000,440 | ---- | M] () -- C:\Users\Luis\Desktop\nel jcof.url
[2011/11/19 22:40:14 | 000,000,317 | ---- | M] () -- C:\Users\Luis\Desktop\charles ebay.url
[2011/11/19 22:39:45 | 000,001,269 | ---- | M] () -- C:\Users\Luis\Desktop\Jilgx.url
[2011/11/19 22:39:22 | 000,009,879 | ---- | M] () -- C:\Users\Luis\Desktop\jcof.url
[2011/11/19 22:38:26 | 000,074,568 | ---- | M] () -- C:\Users\Luis\Desktop\arora report.url
[2011/11/19 22:37:27 | 000,000,587 | ---- | M] () -- C:\Users\Luis\Desktop\Bloom Futures.url
[2011/11/19 22:37:03 | 000,000,251 | ---- | M] () -- C:\Users\Luis\Desktop\CraigsList.url
[2011/11/19 22:36:34 | 000,006,444 | ---- | M] () -- C:\Users\Luis\Desktop\stocks.url
[2011/11/19 22:35:08 | 000,002,062 | ---- | M] () -- C:\Users\Luis\Desktop\Weather.url
[2011/11/19 22:34:11 | 000,000,188 | ---- | M] () -- C:\Users\Luis\Desktop\Face Jess.url
[2011/11/19 22:29:02 | 000,004,047 | ---- | M] () -- C:\Users\Luis\Desktop\Slickdeals.url
[2011/11/19 21:09:58 | 000,082,816 | ---- | M] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin.sys
[2011/11/19 02:22:07 | 000,001,200 | ---- | M] () -- C:\Users\Luis\Desktop\Downloads.lnk
[2011/11/19 00:29:26 | 000,005,560 | ---- | M] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2011/11/18 19:08:01 | 000,002,222 | ---- | M] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail.lnk
[2011/11/18 19:00:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_GenericMount_01009.Wdf
[2011/11/18 08:29:09 | 000,005,005 | ---- | M] () -- C:\Windows\HCWPNP.INI
[2011/11/18 01:24:53 | 000,000,970 | ---- | M] () -- C:\Users\Luis\Desktop\MW3.lnk
[2011/11/18 00:18:57 | 000,001,340 | ---- | M] () -- C:\Users\Luis\Desktop\explorer.lnk
[2011/11/17 23:21:15 | 000,000,428 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Luis - Full System Scan.job
[2011/11/17 22:44:03 | 000,002,444 | ---- | M] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\ClearHistory.lnk
[2011/11/17 21:11:48 | 000,561,800 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\cchpx64.sys
[2011/11/17 21:11:48 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\isolate.ini
[2011/11/17 21:08:52 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/11/17 21:08:52 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/11/17 21:08:52 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/11/17 21:08:41 | 000,009,412 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symnetv.cat
[2011/11/17 21:08:41 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNetV.inf
[2011/11/17 20:56:10 | 000,000,208 | ---- | M] () -- C:\Users\Luis\Desktop\Yahoo!.url
[2011/11/17 16:34:28 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/11/17 16:34:28 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/11/17 10:12:33 | 000,000,571 | ---- | M] () -- C:\Users\Luis\Desktop\evga 560ti 2gb.url
[2011/11/11 22:13:42 | 000,000,551 | ---- | M] () -- C:\Users\Luis\Desktop\Modern Warfare 3 Spec Ops Walkthrough GameFront.url
[2011/11/03 13:03:36 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011/11/03 12:08:18 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/11/03 12:07:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/11/03 10:51:38 | 000,000,051 | ---- | M] () -- C:\Windows\smsts.ini

========== Files Created - No Company Name ==========

[2011/11/28 02:39:33 | 001,547,774 | ---- | C] () -- C:\Users\Luis\Desktop\tdsskiller.zip
[2011/11/28 01:30:06 | 000,045,004 | ---- | C] () -- C:\Users\Luis\Desktop\dex ep9.torrent
[2011/11/28 00:11:30 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\rtvcvfw32.dll
[2011/11/27 19:25:05 | 000,004,096 | -HS- | C] () -- C:\VSNAP.IDX
[2011/11/27 18:33:33 | 000,000,952 | ---- | C] () -- C:\Users\Luis\Desktop\ati phone number.url
[2011/11/27 11:53:32 | 000,000,573 | ---- | C] () -- C:\Users\Luis\Desktop\Dell 24 calibration.url
[2011/11/27 07:58:34 | 000,000,312 | ---- | C] () -- C:\Users\Luis\Desktop\wd 1tb daurys18.url
[2011/11/26 19:27:30 | 000,000,312 | ---- | C] () -- C:\Users\Luis\Desktop\wd 2tb mjcizme.url
[2011/11/26 18:13:08 | 000,000,360 | ---- | C] () -- C:\Users\Luis\Desktop\dell 23.url
[2011/11/23 21:08:13 | 000,000,215 | ---- | C] () -- C:\Users\Luis\Desktop\G Maps.url
[2011/11/23 00:38:55 | 000,000,312 | ---- | C] () -- C:\Users\Luis\Desktop\wd 2tb me.url
[2011/11/21 23:18:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/11/21 20:14:15 | 000,103,784 | ---- | C] () -- C:\Users\Luis\GoToAssistDownloadHelper.exe
[2011/11/21 20:06:09 | 000,007,867 | ---- | C] () -- C:\Windows\Irremote.ini
[2011/11/21 19:06:57 | 000,000,314 | ---- | C] () -- C:\Users\Luis\Desktop\newegg.url
[2011/11/20 17:42:11 | 000,032,256 | ---- | C] () -- C:\Users\Luis\Documents\happy anniversary.pa
[2011/11/20 17:41:59 | 000,111,104 | ---- | C] () -- C:\Users\Luis\Documents\Dchart2.pa
[2011/11/20 17:41:59 | 000,073,728 | ---- | C] () -- C:\Users\Luis\Documents\eve 44th birthday.pa
[2011/11/20 17:41:59 | 000,046,592 | ---- | C] () -- C:\Users\Luis\Documents\birthday card.pa
[2011/11/20 17:41:59 | 000,040,960 | ---- | C] () -- C:\Users\Luis\Documents\Dchart3 extension.pa
[2011/11/20 17:41:59 | 000,039,936 | ---- | C] () -- C:\Users\Luis\Documents\Dchart.pa
[2011/11/19 23:34:55 | 000,000,150 | ---- | C] () -- C:\Windows\Sierra.ini
[2011/11/19 22:44:16 | 000,000,415 | ---- | C] () -- C:\Users\Luis\Desktop\dell 8300 refurb.url
[2011/11/19 22:29:02 | 000,004,047 | ---- | C] () -- C:\Users\Luis\Desktop\Slickdeals.url
[2011/11/19 21:10:25 | 000,001,057 | ---- | C] () -- C:\Users\Luis\AppData\Roaming\vso_ts_preview.xml
[2011/11/19 21:09:58 | 000,099,384 | ---- | C] () -- C:\Users\Luis\AppData\Roaming\inst.exe
[2011/11/19 21:09:58 | 000,007,859 | ---- | C] () -- C:\Users\Luis\AppData\Roaming\pcouffin.cat
[2011/11/19 21:09:58 | 000,001,167 | ---- | C] () -- C:\Users\Luis\AppData\Roaming\pcouffin.inf
[2011/11/19 19:53:18 | 000,000,724 | ---- | C] () -- C:\Windows\ULead32.ini
[2011/11/19 08:58:35 | 000,002,062 | ---- | C] () -- C:\Users\Luis\Desktop\Weather.url
[2011/11/19 08:58:35 | 000,000,370 | ---- | C] () -- C:\Users\Luis\Desktop\charles clist.url
[2011/11/19 08:58:35 | 000,000,318 | ---- | C] () -- C:\Users\Luis\Desktop\My eBay.url
[2011/11/19 08:58:35 | 000,000,291 | ---- | C] () -- C:\Users\Luis\Desktop\Andale.url
[2011/11/19 08:58:35 | 000,000,251 | ---- | C] () -- C:\Users\Luis\Desktop\CraigsList.url
[2011/11/19 08:58:34 | 000,074,568 | ---- | C] () -- C:\Users\Luis\Desktop\arora report.url
[2011/11/19 08:58:34 | 000,009,879 | ---- | C] () -- C:\Users\Luis\Desktop\jcof.url
[2011/11/19 08:58:34 | 000,008,662 | ---- | C] () -- C:\Users\Luis\Desktop\% Gainers.url
[2011/11/19 08:58:34 | 000,006,444 | ---- | C] () -- C:\Users\Luis\Desktop\stocks.url
[2011/11/19 08:58:34 | 000,001,269 | ---- | C] () -- C:\Users\Luis\Desktop\Jilgx.url
[2011/11/19 08:58:34 | 000,001,208 | ---- | C] () -- C:\Users\Luis\Desktop\WinAvi.lnk
[2011/11/19 08:58:34 | 000,000,870 | ---- | C] () -- C:\Users\Luis\Desktop\torrents.lnk
[2011/11/19 08:58:34 | 000,000,587 | ---- | C] () -- C:\Users\Luis\Desktop\Bloom Futures.url
[2011/11/19 08:58:34 | 000,000,551 | ---- | C] () -- C:\Users\Luis\Desktop\Modern Warfare 3 Spec Ops Walkthrough GameFront.url
[2011/11/19 08:58:34 | 000,000,440 | ---- | C] () -- C:\Users\Luis\Desktop\nel jcof.url
[2011/11/19 08:58:34 | 000,000,437 | ---- | C] () -- C:\Users\Luis\Desktop\LTemp.lnk
[2011/11/19 08:58:34 | 000,000,417 | ---- | C] () -- C:\Users\Luis\Desktop\Desktop Pics.lnk
[2011/11/19 08:58:34 | 000,000,317 | ---- | C] () -- C:\Users\Luis\Desktop\charles ebay.url
[2011/11/19 08:58:34 | 000,000,272 | ---- | C] () -- C:\Users\Luis\Desktop\kitco sil.url
[2011/11/19 08:58:34 | 000,000,212 | ---- | C] () -- C:\Users\Luis\Desktop\short feed.url
[2011/11/19 08:58:34 | 000,000,208 | ---- | C] () -- C:\Users\Luis\Desktop\buy feed.url
[2011/11/19 08:58:34 | 000,000,188 | ---- | C] () -- C:\Users\Luis\Desktop\Face Jess.url
[2011/11/19 08:57:22 | 000,001,545 | ---- | C] () -- C:\Users\Luis\Desktop\dexter.url
[2011/11/19 08:57:22 | 000,001,392 | ---- | C] () -- C:\Users\Luis\Desktop\Dad 3750 Shared.lnk
[2011/11/19 08:57:22 | 000,000,578 | ---- | C] () -- C:\Users\Luis\Desktop\Amazon Feed.url
[2011/11/19 08:57:18 | 000,001,397 | ---- | C] () -- C:\Users\Luis\Desktop\NY Post.url
[2011/11/19 08:57:18 | 000,000,578 | ---- | C] () -- C:\Users\Luis\Desktop\PayPal shipping.url
[2011/11/19 08:57:18 | 000,000,571 | ---- | C] () -- C:\Users\Luis\Desktop\evga 560ti 2gb.url
[2011/11/19 08:57:17 | 000,001,621 | ---- | C] () -- C:\Users\Luis\Desktop\JessDad Shared.lnk
[2011/11/19 08:57:17 | 000,001,343 | ---- | C] () -- C:\Users\Luis\Desktop\Amazon.url
[2011/11/19 08:57:17 | 000,000,675 | ---- | C] () -- C:\Users\Luis\Desktop\Nightmare Next Door.url
[2011/11/19 08:57:17 | 000,000,298 | ---- | C] () -- C:\Users\Luis\Desktop\PayPal.url
[2011/11/19 08:57:17 | 000,000,260 | ---- | C] () -- C:\Users\Luis\Desktop\Lottery.url
[2011/11/19 08:55:43 | 000,003,270 | ---- | C] () -- C:\Windows\DesktopOK.ini
[2011/11/18 20:16:10 | 000,002,222 | ---- | C] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail.lnk
[2011/11/18 19:00:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_GenericMount_01009.Wdf
[2011/11/18 18:51:40 | 000,001,200 | ---- | C] () -- C:\Users\Luis\Desktop\Downloads.lnk
[2011/11/18 18:40:22 | 000,005,560 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2011/11/18 12:22:14 | 000,000,794 | ---- | C] () -- C:\Users\Luis\Desktop\Amazon credit.url
[2011/11/18 10:38:34 | 000,215,144 | R--- | C] () -- C:\Windows\patchw32.dll
[2011/11/18 08:29:04 | 000,005,005 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2011/11/18 01:24:53 | 000,000,970 | ---- | C] () -- C:\Users\Luis\Desktop\MW3.lnk
[2011/11/18 00:18:05 | 000,001,340 | ---- | C] () -- C:\Users\Luis\Desktop\explorer.lnk
[2011/11/17 23:14:07 | 000,007,603 | ---- | C] () -- C:\Users\Luis\AppData\Local\Resmon.ResmonCfg
[2011/11/17 22:51:45 | 000,000,428 | ---- | C] () -- C:\Windows\tasks\Norton Internet Security - Luis - Full System Scan.job
[2011/11/17 22:44:03 | 000,002,444 | ---- | C] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\ClearHistory.lnk
[2011/11/17 22:41:46 | 000,000,049 | ---- | C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClearHistory.cmd
[2011/11/17 21:13:06 | 001,427,318 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\Cat.DB
[2011/11/17 21:11:54 | 000,009,415 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNet.cat
[2011/11/17 21:11:54 | 000,009,412 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symnetv.cat
[2011/11/17 21:11:54 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\ccHPx64.cat
[2011/11/17 21:11:54 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtsp64.cat
[2011/11/17 21:11:54 | 000,007,401 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtspx64.cat
[2011/11/17 21:11:54 | 000,007,399 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymEFA64.cat
[2011/11/17 21:11:54 | 000,007,362 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\bhdrvx64.cat
[2011/11/17 21:11:54 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymEFA.inf
[2011/11/17 21:11:54 | 000,001,836 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\ccHPx64.inf
[2011/11/17 21:11:54 | 000,001,481 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNetV.inf
[2011/11/17 21:11:54 | 000,001,479 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNet.inf
[2011/11/17 21:11:54 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtsp64.inf
[2011/11/17 21:11:54 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtspx64.inf
[2011/11/17 21:11:54 | 000,000,640 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\BHDrvx64.inf
[2011/11/17 21:11:48 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\isolate.ini
[2011/11/17 20:56:10 | 000,000,208 | ---- | C] () -- C:\Users\Luis\Desktop\Yahoo!.url
[2011/11/17 20:42:53 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/11/17 20:42:53 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/11/17 16:41:28 | 003,256,320 | ---- | C] () -- C:\Windows\SysWow64\camuhcat.exe
[2011/11/17 16:41:28 | 000,860,160 | ---- | C] () -- C:\Windows\SysWow64\capimvoc.dll
[2011/11/17 16:41:28 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ntefipx.dll
[2011/11/17 16:41:28 | 000,123,783 | ---- | C] () -- C:\Windows\SysWow64\setipreg32.dll
[2011/11/17 16:36:00 | 000,000,290 | ---- | C] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/17 16:36:00 | 000,000,272 | ---- | C] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/03 13:03:36 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2011/11/03 13:03:35 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2011/11/03 13:00:33 | 000,000,028 | ---- | C] () -- C:\Windows\version
[2011/11/03 12:54:42 | 000,376,836 | ---- | C] () -- C:\Windows\SysNative\drivers\hcw85enc.rom
[2011/11/03 12:54:42 | 000,016,382 | ---- | C] () -- C:\Windows\SysNative\drivers\hcw85mlD.rom
[2011/11/03 12:08:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/11/03 12:07:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/11/03 12:06:11 | 1059,934,206 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/03 10:11:59 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini
[2011/10/25 21:21:54 | 000,066,560 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo64.dll
[2011/10/25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/25 21:21:40 | 000,066,560 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder64.dll
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/25 20:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/10/25 20:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/08/03 16:14:04 | 000,215,144 | R--- | C] () -- C:\Windows\pw32a.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2011/11/27 21:21:03 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\Acronis
[2011/11/18 00:21:35 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\DAEMON Tools Pro
[2011/11/26 19:14:04 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\EPSON
[2011/11/23 05:03:09 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\GetRightToGo
[2011/11/19 23:38:01 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\Sierra
[2011/11/18 09:42:50 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\Splashtop Remote Client
[2011/11/23 01:02:56 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\TP
[2011/11/23 15:35:16 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\uTorrent
[2011/11/23 15:38:42 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\Vso
[2011/11/20 02:24:06 | 000,000,000 | ---D | M] -- C:\Users\Luis\AppData\Roaming\WinAVI
[2009/07/14 00:08:49 | 000,024,094 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\ProgramData\Temp:02A62A91

< End of report >

Edited by louuu, 28 November 2011 - 01:59 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
If one of the following will not run then just skip to the next one then go back and try the things that wouldn't run again after finishing the others.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
Don't change the default from SKIP as this mode is very prone to False Positives. Let me look at the log before you do anything.
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator

change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Ron
  • 0

#3
louuu

louuu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 223 posts
thank you for helping me, its sincerely appreciated. im hoping that we will be able to get rid of this boot.tidserv that keeps coming back everytime i reboot even though norton is catching it and quarantining it each time i reboot.

below are all the logs you requested and here are a few notes about them:
after combofix rebooted my machine, upon restart norton again found and quanrantined boot.tidserv.
on the aswmbr scan i didnt see anywhere to change a-v scan to none. also when the aswmbr scan completed the fix button was greyed out and not available.

malwarebytes log:
-----------------
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8256

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

11/28/2011 8:46:22 AM
mbam-log-2011-11-28 (08-46-22).txt

Scan type: Quick scan
Objects scanned: 173517
Time elapsed: 3 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


combofix log:
-------------
ComboFix 11-11-28.02 - Luis 11/28/2011 8:54.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12270.10440 [GMT -5:00]
Running from: c:\users\Luis\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Luis\AppData\Roaming\inst.exe
c:\users\Luis\AppData\Roaming\vso_ts_preview.xml
c:\users\Luis\GoToAssistDownloadHelper.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-28 )))))))))))))))))))))))))))))))
.
.
2011-11-28 13:58 . 2011-11-28 13:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-28 13:42 . 2011-11-28 13:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-28 05:11 . 2010-10-27 01:43 110592 ----a-w- c:\windows\system32\rtvcvfw32.dll
2011-11-28 05:11 . 2011-11-28 13:52 -------- d-----w- c:\program files (x86)\MSI Afterburner
2011-11-27 21:43 . 2011-11-28 06:17 -------- d-----r- C:\OffStart
2011-11-27 00:08 . 2011-11-27 00:08 -------- d-----w- c:\program files (x86)\epson
2011-11-27 00:08 . 2006-10-13 05:00 93184 ----a-w- c:\windows\system32\esxcwiad.dll
2011-11-27 00:07 . 2011-11-27 00:07 -------- d-----w- c:\programdata\EPSON
2011-11-27 00:07 . 2006-12-08 07:04 129536 ----a-w- c:\windows\system32\E_ILMACA.DLL
2011-11-27 00:07 . 2006-04-19 07:00 86528 ----a-w- c:\windows\system32\E_IBCBACA.DLL
2011-11-27 00:07 . 2011-11-27 00:07 -------- d-----w- c:\program files\EPSON
2011-11-27 00:06 . 2011-11-27 00:08 -------- d-----w- C:\epson
2011-11-23 20:38 . 2009-09-02 18:44 65602 ----a-w- c:\windows\SysWow64\cook3260.dll
2011-11-23 20:38 . 2009-09-02 18:44 217127 ----a-w- c:\windows\SysWow64\drv43260.dll
2011-11-23 20:38 . 2009-09-02 18:44 208935 ----a-w- c:\windows\SysWow64\drv33260.dll
2011-11-23 20:38 . 2009-09-02 18:44 176165 ----a-w- c:\windows\SysWow64\drv23260.dll
2011-11-23 20:38 . 2009-09-02 18:44 102439 ----a-w- c:\windows\SysWow64\sipr3260.dll
2011-11-23 20:38 . 2009-09-02 18:44 626688 ----a-w- c:\windows\SysWow64\vp7vfw.dll
2011-11-23 20:38 . 2011-11-23 20:38 -------- d-----w- c:\program files (x86)\VSO
2011-11-23 18:09 . 2011-11-23 18:09 -------- d-----w- c:\programdata\ATI
2011-11-23 18:09 . 2011-11-23 18:09 -------- d-----w- c:\program files (x86)\AMD APP
2011-11-23 18:08 . 2011-11-23 18:08 -------- d-----w- C:\Program Files (86)
2011-11-23 18:08 . 2011-11-23 18:08 -------- d-----w- c:\program files\ATI
2011-11-23 18:05 . 2011-11-23 18:05 -------- d-----w- C:\ATI
2011-11-23 10:20 . 2011-11-24 00:20 -------- d-----w- C:\ViewSonic
2011-11-23 10:04 . 2011-11-23 10:04 -------- d-----w- c:\programdata\UAB
2011-11-23 10:04 . 2011-11-23 10:04 -------- d-----w- c:\programdata\PC Drivers HeadQuarters Inc
2011-11-22 04:53 . 2011-11-22 04:53 -------- d-----w- c:\program files (x86)\WinAVI
2011-11-22 01:14 . 2011-11-22 01:14 -------- d-----w- c:\programdata\Citrix
2011-11-22 01:14 . 2011-11-22 01:14 -------- d-----w- c:\program files (x86)\Citrix
2011-11-22 01:05 . 2011-11-22 11:50 -------- d-----w- c:\program files (x86)\Common Files\Nero
2011-11-22 01:05 . 2011-11-22 01:05 -------- d-----w- c:\programdata\Nero
2011-11-22 01:05 . 2011-11-22 01:05 -------- d-----w- c:\program files (x86)\Nero
2011-11-21 14:43 . 2011-11-21 14:43 -------- d-----w- C:\data
2011-11-21 14:41 . 2011-11-21 14:41 410984 ----a-w- c:\windows\SysWow64\deploytk.dll
2011-11-21 14:41 . 2011-11-21 14:41 -------- d-----w- c:\program files (x86)\Java
2011-11-21 00:10 . 2009-07-14 01:06 19810816 ----a-w- c:\windows\system32\imageres.dll
2011-11-20 23:19 . 2011-11-20 23:19 -------- d-----w- c:\windows\Media XP
2011-11-20 08:01 . 2011-11-27 21:42 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2011-11-20 07:15 . 2011-11-20 07:15 -------- d-----w- c:\program files (x86)\unlocker beta
2011-11-20 04:35 . 2011-11-20 04:35 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2011-11-20 04:34 . 2011-11-20 04:34 -------- d-----w- c:\programdata\Sierra
2011-11-20 04:34 . 1998-06-30 21:13 252176 ----a-w- c:\windows\SysWow64\msrd2x35.dll
2011-11-20 04:34 . 1998-06-30 21:13 368912 ----a-w- c:\windows\SysWow64\vbar332.dll
2011-11-20 04:34 . 1998-06-30 21:13 1045776 ----a-w- c:\windows\SysWow64\msjet35.dll
2011-11-20 04:34 . 1998-06-30 21:13 407312 ----a-w- c:\windows\SysWow64\msrepl35.dll
2011-11-20 04:34 . 1998-06-30 21:12 582144 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\dao350.dll
2011-11-20 04:34 . 1998-06-30 21:12 24848 ----a-w- c:\windows\SysWow64\msjter35.dll
2011-11-20 04:34 . 1998-06-30 21:12 123664 ----a-w- c:\windows\SysWow64\Msjint35.dll
2011-11-20 04:34 . 2011-11-20 04:36 -------- d-----w- c:\program files (x86)\Sierra
2011-11-20 04:33 . 1998-10-29 22:45 306688 ----a-w- c:\windows\IsUninst.exe
2011-11-20 04:31 . 2011-11-20 04:31 -------- d-----w- c:\program files (x86)\[bleep] NFO Viewer
2011-11-20 02:16 . 2011-11-20 02:16 -------- d-----w- c:\program files (x86)\Trend Micro
2011-11-20 02:11 . 2011-11-20 02:11 -------- d-----w- c:\program files (x86)\Frontpage
2011-11-20 02:09 . 2011-11-20 02:09 82816 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2011-11-20 01:58 . 2011-11-20 01:58 -------- d-----w- c:\program files (x86)\uTorrent
2011-11-20 00:53 . 2011-11-24 20:11 -------- d-----w- c:\windows\Ulead.dat
2011-11-20 00:46 . 2011-11-20 00:46 -------- d-----w- c:\program files (x86)\Ulead iPhoto Express
2011-11-20 00:45 . 2011-11-20 00:45 -------- d-----w- c:\program files (x86)\my reminders
2011-11-20 00:25 . 2011-11-20 00:25 252512 ----a-w- c:\windows\system32\drivers\afcdp.sys
2011-11-20 00:25 . 2011-11-20 00:25 1477728 ----a-w- c:\windows\system32\drivers\tdrpm258.sys
2011-11-20 00:25 . 2011-11-20 00:25 943712 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-11-20 00:25 . 2011-11-20 00:25 271456 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-11-20 00:25 . 2011-11-20 00:25 -------- d-----w- c:\program files (x86)\Common Files\Acronis
2011-11-20 00:25 . 2011-11-20 00:25 -------- d-----w- c:\program files (x86)\Acronis
2011-11-19 05:41 . 2009-10-02 03:03 154168 ----a-w- c:\windows\system32\drivers\WimFltr.sys
2011-11-19 05:41 . 2009-09-22 01:20 170032 ----a-w- c:\windows\system32\drivers\symsnap.sys
2011-11-19 05:41 . 2009-09-22 01:40 20528 ----a-w- c:\windows\system32\drivers\vproeventmonitor.sys
2011-11-19 05:40 . 2011-11-19 05:40 -------- d-----w- c:\program files (x86)\Norton Ghost
2011-11-19 04:24 . 2011-11-19 04:33 -------- d-----w- c:\program files\Core Temp
2011-11-19 04:24 . 2011-11-19 04:28 -------- d-----w- c:\programdata\Yahoo!
2011-11-19 01:42 . 2011-11-19 01:42 -------- d-----w- c:\program files (x86)\DigiPortal Software
2011-11-19 00:00 . 2009-05-18 19:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-11-19 00:00 . 2008-04-17 18:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-11-19 00:00 . 2008-04-17 18:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-11-18 23:59 . 2011-11-19 05:40 -------- d-----w- c:\programdata\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
2011-11-18 17:17 . 2011-11-18 17:17 -------- d-----w- c:\programdata\Amazon
2011-11-18 17:16 . 2011-11-18 17:16 -------- d-----w- c:\program files (x86)\Amazon
2011-11-18 17:16 . 2011-11-18 17:16 -------- d-----w- c:\windows\Downloaded Installations
2011-11-18 15:44 . 2011-11-18 15:45 -------- d-----w- c:\program files (x86)\Lock my Folder
2011-11-18 15:38 . 2009-08-03 21:14 215144 ----a-r- c:\windows\patchw32.dll
2011-11-18 15:32 . 2007-03-22 01:39 1060864 ----a-w- c:\windows\SysWow64\MFC71.DLL
2011-11-18 15:32 . 2007-03-22 01:33 503808 ----a-w- c:\windows\SysWow64\MSVCP71.DLL
2011-11-18 15:32 . 2007-03-22 01:33 348160 ----a-w- c:\windows\SysWow64\MSVCR71.DLL
2011-11-18 15:32 . 2011-11-18 15:32 -------- d-----w- c:\program files (x86)\Symantec
2011-11-18 15:31 . 2008-01-20 00:45 45104 ----a-w- c:\windows\system32\drivers\v2imount.sys
2011-11-18 15:31 . 2011-11-19 05:41 -------- dc----w- c:\windows\system32\DRVSTORE
2011-11-18 15:09 . 2011-11-18 15:09 -------- d-----w- c:\programdata\Future Systems Solutions
2011-11-18 14:54 . 2011-11-28 13:59 -------- d-----w- c:\program files (x86)\CyberPower PowerPanel Personal Edition
2011-11-18 14:36 . 2011-11-18 14:36 -------- d-----w- C:\temp
2011-11-18 14:35 . 2011-11-18 14:35 -------- d-----w- c:\programdata\Splashtop
2011-11-18 14:35 . 2011-11-18 14:35 -------- d-----w- c:\program files (x86)\Splashtop
2011-11-18 14:34 . 2011-11-18 15:10 -------- d-----w- c:\windows\Ver
2011-11-18 14:33 . 2011-11-18 15:42 -------- d-----w- C:\Pics
2011-11-18 14:31 . 2011-11-27 02:01 -------- d-----w- C:\DivXtoDvdMovies
2011-11-18 14:31 . 2011-11-28 04:51 -------- d-----w- C:\Desktop Pics
2011-11-18 13:44 . 2011-11-27 04:31 -------- d-----w- C:\Completed Movies
2011-11-18 13:43 . 2011-11-18 13:43 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-11-18 13:43 . 2011-11-18 13:43 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-11-18 13:43 . 2011-11-18 13:43 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-11-18 13:43 . 2011-11-18 13:43 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-11-18 13:38 . 2011-11-18 13:38 -------- d-----w- c:\windows\system32\Hauppauge
2011-11-18 13:37 . 2004-03-09 05:00 212240 ----a-w- c:\windows\SysWow64\RICHTX32.OCX
2011-11-18 13:37 . 2011-11-18 14:12 -------- d-----w- c:\program files (x86)\HCW85
2011-11-18 13:29 . 2011-01-13 16:43 118849 ----a-w- c:\windows\SysWow64\hcwi2c32.dll
2011-11-18 13:29 . 2011-01-07 20:31 323640 ----a-w- c:\windows\SysWow64\hcwpnp32.dll
2011-11-18 13:29 . 2009-02-17 03:09 831554 ----a-w- c:\windows\SysWow64\hcwtvwnd.dll
2011-11-18 13:29 . 2006-10-10 21:47 36921 ----a-w- c:\windows\SysWow64\hcwutl32.dll
2011-11-18 13:02 . 2011-11-18 13:02 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-18 13:02 . 2011-11-18 13:02 -------- d-----w- c:\windows\SysWow64\Macromed
2011-11-18 13:02 . 2011-11-18 13:02 -------- d-----w- c:\windows\system32\Macromed
2011-11-18 13:00 . 2011-11-18 13:00 -------- d-----w- c:\programdata\Malwarebytes
2011-11-18 13:00 . 2011-08-31 22:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-18 09:54 . 2011-10-18 06:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{79C5EE4B-EC8C-4ED2-918F-FC21F87BE41B}\mpengine.dll
2011-11-18 07:33 . 2011-11-28 04:50 -------- d-----w- C:\Lou Saved Files
2011-11-18 07:29 . 2011-11-18 07:33 -------- d-----w- C:\Lou Music
2011-11-18 07:18 . 2011-11-24 03:28 -------- d-----w- C:\LTemp On Desktop
2011-11-18 06:35 . 2011-11-18 07:18 -------- d-----w- C:\Lou Videos
2011-11-18 06:09 . 2011-11-28 06:10 -------- d-----w- c:\program files (x86)\modern warfare 3
2011-11-18 05:23 . 2011-11-18 05:23 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-11-18 05:13 . 2011-11-18 05:13 -------- d-----w- c:\programdata\DAEMON Tools Pro
2011-11-18 05:01 . 2011-11-18 05:01 -------- d-----w- c:\program files (x86)\VideoLAN
2011-11-18 04:33 . 2011-11-18 04:33 -------- d-----w- c:\program files (x86)\Fraps
2011-11-18 03:07 . 2011-11-18 03:07 -------- d-----w- c:\program files\CCleaner
2011-11-18 02:59 . 2011-11-18 03:00 -------- d-----w- c:\program files (x86)\CleanUp!
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-26 03:05 . 2011-10-26 03:05 10496512 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-10-26 02:21 . 2011-10-26 02:21 66560 ----a-w- c:\windows\SysWow64\OpenVideo64.dll
2011-10-26 02:21 . 2011-10-26 02:21 56832 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-10-26 02:21 . 2011-10-26 02:21 66560 ----a-w- c:\windows\SysWow64\OVDecoder64.dll
2011-10-26 02:21 . 2011-10-26 02:21 56832 ----a-w- c:\windows\SysWow64\OVDecoder.dll
2011-10-26 02:21 . 2011-10-26 02:21 16991744 ----a-w- c:\windows\SysWow64\amdocl64.dll
2011-10-26 02:20 . 2011-10-26 02:20 13950464 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-10-26 02:19 . 2011-10-26 02:19 51200 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-10-26 02:16 . 2011-10-26 02:16 24866816 ----a-w- c:\windows\system32\atio6axx.dll
2011-10-26 02:06 . 2011-10-26 02:06 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-10-26 02:01 . 2011-10-26 02:01 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-10-26 02:01 . 2011-10-26 02:01 517120 ----a-w- c:\windows\system32\atieclxx.exe
2011-10-26 02:00 . 2011-10-26 02:00 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-10-26 01:59 . 2011-10-26 01:59 18757120 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-10-26 01:59 . 2011-10-26 01:59 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-10-26 01:59 . 2011-10-26 01:59 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-10-26 01:59 . 2011-10-26 01:59 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-10-26 01:59 . 2011-10-26 01:59 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-10-26 01:58 . 2011-10-26 01:58 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-10-26 01:58 . 2011-10-26 01:58 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-10-26 01:58 . 2011-10-26 01:58 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-10-26 01:55 . 2011-10-26 01:55 4292096 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-10-26 01:43 . 2011-10-26 01:43 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-10-26 01:43 . 2011-10-26 01:43 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-10-26 01:43 . 2011-10-26 01:43 4044288 ----a-w- c:\windows\system32\atiumd6a.dll
2011-10-26 01:38 . 2011-10-26 01:38 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-10-26 01:38 . 2011-10-26 01:38 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-10-26 01:38 . 2011-10-26 01:38 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-10-26 01:38 . 2011-10-26 01:38 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-10-26 01:38 . 2011-10-26 01:38 9978880 ----a-w- c:\windows\system32\aticaldd64.dll
2011-10-26 01:34 . 2011-10-26 01:34 8449024 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-10-26 01:29 . 2011-10-26 01:29 5510144 ----a-w- c:\windows\system32\atiumd64.dll
2011-10-26 01:22 . 2011-10-26 01:22 486912 ----a-w- c:\windows\system32\atiadlxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 339968 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-10-26 01:22 . 2011-10-26 01:22 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-10-26 01:22 . 2011-10-26 01:22 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-10-26 01:21 . 2011-10-26 01:21 326656 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-10-26 01:21 . 2011-10-26 01:21 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-10-26 01:20 . 2011-10-26 01:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-10-26 01:16 . 2011-10-26 01:16 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-10-26 01:16 . 2011-10-26 01:16 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-10-26 01:15 . 2011-10-26 01:15 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-10-26 01:15 . 2011-10-26 01:15 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ChoiceMail"="c:\program files (x86)\DigiPortal Software\ChoiceMail\ChoiceMail.exe" [2007-10-02 5230592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Ghost 15.0"="c:\program files (x86)\Norton Ghost\Agent\VProTray.exe" [2010-03-04 2598760]
.
c:\users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ClearHistory.cmd [2009-5-6 49]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 cpuz130;cpuz130;c:\users\Luis\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [x]
R3 GenericMount Helper Service;GenericMount Helper Service;c:\program files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe [2010-02-12 2227216]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 PCDSRVC{67F2314B-25F2B3C0-06020101}_0;PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\gencotst\pcdsrvc_x64.pkms [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-07-14 9728]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS [x]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [x]
S1 BHDrvx64;Symantec Heuristics Driver;c:\windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys [x]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20111124.030\IDSvia64.sys [2011-11-17 488568]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-11-20 2480048]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 Norton Internet Security;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [2011-09-22 117648]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2011-11-10 520040]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]
S2 svcChoiceMail;Choice Mail;c:\program files (x86)\DigiPortal Software\ChoiceMail\CMServer.exe [2007-10-02 2482176]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Luis\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-17 138360]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [x]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2010-05-27 14648]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NISx64\1008030.006\SYMNDISV.SYS [x]
S3 SymSnapService;SymSnapService;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2009-09-22 2963960]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - RTCORE64
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-21 03:24 302592 ----a-w- c:\windows\System32\cmd.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-18 c:\windows\Tasks\Norton Internet Security - Luis - Full System Scan.job
- c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\Navw32.exe [2011-11-18 00:35]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-44917769.sys
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{67F2314B-25F2B3C0-06020101}_0]
"ImagePath"="\??\c:\gencotst\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files (x86)\Norton Ghost\Agent\VProSvc.exe
c:\program files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
.
**************************************************************************
.
Completion time: 2011-11-28 09:02:24 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-28 14:02
.
Pre-Run: 569,438,928,896 bytes free
Post-Run: 571,129,958,400 bytes free
.
- - End Of File - - 9C27FB3943DBC332E8728426A2453E67


tdsskiller log:
---------------
09:15:37.0251 4328 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
09:15:38.0311 4328 ============================================================
09:15:38.0311 4328 Current date / time: 2011/11/28 09:15:38.0311
09:15:38.0311 4328 SystemInfo:
09:15:38.0311 4328
09:15:38.0311 4328 OS Version: 6.1.7601 ServicePack: 1.0
09:15:38.0311 4328 Product type: Workstation
09:15:38.0311 4328 ComputerName: LUIS
09:15:38.0311 4328 UserName: Luis
09:15:38.0311 4328 Windows directory: C:\Windows
09:15:38.0311 4328 System windows directory: C:\Windows
09:15:38.0311 4328 Running under WOW64
09:15:38.0311 4328 Processor architecture: Intel x64
09:15:38.0311 4328 Number of processors: 8
09:15:38.0311 4328 Page size: 0x1000
09:15:38.0311 4328 Boot type: Normal boot
09:15:38.0311 4328 ============================================================
09:15:40.0061 4328 Initialize success
09:16:10.0601 4852 ============================================================
09:16:10.0601 4852 Scan started
09:16:10.0601 4852 Mode: Manual; SigCheck; TDLFS;
09:16:10.0601 4852 ============================================================
09:16:11.0971 4852 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:16:12.0151 4852 1394ohci - ok
09:16:12.0181 4852 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:16:12.0211 4852 ACPI - ok
09:16:12.0221 4852 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:16:12.0291 4852 AcpiPmi - ok
09:16:12.0341 4852 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:16:12.0391 4852 adp94xx - ok
09:16:12.0401 4852 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:16:12.0431 4852 adpahci - ok
09:16:12.0471 4852 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:16:12.0491 4852 adpu320 - ok
09:16:12.0541 4852 afcdp (d9a76e6e541e2e61c78140b65db63e6a) C:\Windows\system32\DRIVERS\afcdp.sys
09:16:12.0601 4852 afcdp - ok
09:16:12.0651 4852 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
09:16:12.0731 4852 AFD - ok
09:16:12.0751 4852 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:16:12.0781 4852 agp440 - ok
09:16:12.0811 4852 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:16:12.0831 4852 aliide - ok
09:16:12.0871 4852 ALSysIO - ok
09:16:12.0901 4852 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:16:12.0951 4852 amdide - ok
09:16:12.0971 4852 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:16:13.0041 4852 AmdK8 - ok
09:16:13.0231 4852 amdkmdag (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
09:16:13.0501 4852 amdkmdag - ok
09:16:13.0541 4852 amdkmdap (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
09:16:13.0601 4852 amdkmdap - ok
09:16:13.0621 4852 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:16:13.0671 4852 AmdPPM - ok
09:16:13.0721 4852 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:16:13.0771 4852 amdsata - ok
09:16:13.0781 4852 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:16:13.0811 4852 amdsbs - ok
09:16:13.0811 4852 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:16:13.0831 4852 amdxata - ok
09:16:13.0871 4852 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:16:14.0021 4852 AppID - ok
09:16:14.0061 4852 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:16:14.0101 4852 arc - ok
09:16:14.0111 4852 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:16:14.0141 4852 arcsas - ok
09:16:14.0171 4852 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:16:14.0281 4852 AsyncMac - ok
09:16:14.0301 4852 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:16:14.0321 4852 atapi - ok
09:16:14.0361 4852 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
09:16:14.0391 4852 AtiHDAudioService - ok
09:16:14.0421 4852 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:16:14.0521 4852 b06bdrv - ok
09:16:14.0541 4852 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:16:14.0601 4852 b57nd60a - ok
09:16:14.0621 4852 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:16:14.0681 4852 Beep - ok
09:16:14.0771 4852 BHDrvx64 (4d7f8401eae7eaa4ef702fa6f4153269) C:\Windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys
09:16:14.0801 4852 BHDrvx64 - ok
09:16:14.0811 4852 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:16:14.0841 4852 blbdrive - ok
09:16:14.0861 4852 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:16:14.0891 4852 bowser - ok
09:16:14.0901 4852 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:16:14.0931 4852 BrFiltLo - ok
09:16:14.0931 4852 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:16:14.0951 4852 BrFiltUp - ok
09:16:14.0971 4852 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:16:15.0051 4852 Brserid - ok
09:16:15.0081 4852 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:16:15.0151 4852 BrSerWdm - ok
09:16:15.0191 4852 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:16:15.0231 4852 BrUsbMdm - ok
09:16:15.0241 4852 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:16:15.0271 4852 BrUsbSer - ok
09:16:15.0291 4852 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
09:16:15.0331 4852 BTHMODEM - ok
09:16:15.0371 4852 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
09:16:15.0451 4852 BTHPORT - ok
09:16:15.0471 4852 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
09:16:15.0511 4852 BTHUSB - ok
09:16:15.0561 4852 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
09:16:15.0611 4852 btwampfl - ok
09:16:15.0631 4852 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys
09:16:15.0681 4852 btwavdt - ok
09:16:15.0691 4852 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\drivers\btwrchid.sys
09:16:15.0721 4852 btwrchid - ok
09:16:15.0751 4852 catchme - ok
09:16:15.0811 4852 ccHP (a2e6ab452b9393ca8d11d28827e0e1a1) C:\Windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys
09:16:15.0841 4852 ccHP - ok
09:16:15.0871 4852 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:16:15.0911 4852 cdfs - ok
09:16:15.0941 4852 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:16:15.0991 4852 cdrom - ok
09:16:16.0021 4852 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:16:16.0061 4852 circlass - ok
09:16:16.0081 4852 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:16:16.0101 4852 CLFS - ok
09:16:16.0121 4852 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:16:16.0161 4852 CmBatt - ok
09:16:16.0171 4852 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:16:16.0191 4852 cmdide - ok
09:16:16.0201 4852 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
09:16:16.0261 4852 CNG - ok
09:16:16.0321 4852 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:16:16.0341 4852 Compbatt - ok
09:16:16.0361 4852 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
09:16:16.0401 4852 CompositeBus - ok
09:16:16.0421 4852 cpuz130 - ok
09:16:16.0471 4852 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
09:16:16.0501 4852 cpuz135 - ok
09:16:16.0511 4852 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:16:16.0561 4852 crcdisk - ok
09:16:16.0571 4852 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:16:16.0621 4852 DfsC - ok
09:16:16.0641 4852 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:16:16.0681 4852 discache - ok
09:16:16.0691 4852 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:16:16.0701 4852 Disk - ok
09:16:16.0721 4852 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:16:16.0771 4852 drmkaud - ok
09:16:16.0801 4852 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:16:16.0841 4852 DXGKrnl - ok
09:16:16.0901 4852 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:16:17.0001 4852 ebdrv - ok
09:16:17.0081 4852 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:16:17.0101 4852 eeCtrl - ok
09:16:17.0151 4852 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:16:17.0181 4852 elxstor - ok
09:16:17.0201 4852 ENTECH64 (12c061d9f9621be916d58191872ec281) C:\Windows\system32\DRIVERS\ENTECH64.sys
09:16:17.0241 4852 ENTECH64 - ok
09:16:17.0341 4852 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:16:17.0381 4852 EraserUtilRebootDrv - ok
09:16:17.0401 4852 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:16:17.0451 4852 ErrDev - ok
09:16:17.0471 4852 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:16:17.0511 4852 exfat - ok
09:16:17.0531 4852 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:16:17.0601 4852 fastfat - ok
09:16:17.0621 4852 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:16:17.0661 4852 fdc - ok
09:16:17.0671 4852 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:16:17.0691 4852 FileInfo - ok
09:16:17.0701 4852 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:16:17.0751 4852 Filetrace - ok
09:16:17.0771 4852 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:16:17.0791 4852 flpydisk - ok
09:16:17.0801 4852 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:16:17.0821 4852 FltMgr - ok
09:16:17.0831 4852 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:16:17.0851 4852 FsDepends - ok
09:16:17.0871 4852 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
09:16:17.0881 4852 Fs_Rec - ok
09:16:17.0921 4852 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:16:17.0941 4852 fvevol - ok
09:16:17.0951 4852 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:16:17.0971 4852 gagp30kx - ok
09:16:18.0031 4852 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:16:18.0061 4852 GEARAspiWDM - ok
09:16:18.0101 4852 GenericMount (9ba50351af95c9df28c8bcd382427d11) C:\Windows\system32\DRIVERS\GenericMount.sys
09:16:18.0111 4852 GenericMount - ok
09:16:18.0201 4852 HCW85BDA (6d0f56d217545e2d0addbf301b35260f) C:\Windows\system32\drivers\HCW85BDA.sys
09:16:18.0301 4852 HCW85BDA - ok
09:16:18.0321 4852 hcw85cir (c3097ddf0618315438a660ce34cab4e6) C:\Windows\system32\drivers\hcw85cir3.sys
09:16:18.0371 4852 hcw85cir - ok
09:16:18.0411 4852 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:16:18.0471 4852 HDAudBus - ok
09:16:18.0491 4852 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:16:18.0531 4852 HidBatt - ok
09:16:18.0541 4852 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:16:18.0591 4852 HidBth - ok
09:16:18.0621 4852 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:16:18.0681 4852 HidIr - ok
09:16:18.0721 4852 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:16:18.0751 4852 HidUsb - ok
09:16:18.0791 4852 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:16:18.0841 4852 HpSAMD - ok
09:16:18.0861 4852 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:16:18.0931 4852 HTTP - ok
09:16:18.0971 4852 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:16:18.0981 4852 hwpolicy - ok
09:16:19.0001 4852 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:16:19.0031 4852 i8042prt - ok
09:16:19.0071 4852 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:16:19.0111 4852 iaStorV - ok
09:16:19.0201 4852 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20111124.030\IDSvia64.sys
09:16:19.0241 4852 IDSVia64 - ok
09:16:19.0261 4852 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:16:19.0301 4852 iirsp - ok
09:16:19.0331 4852 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
09:16:19.0371 4852 Impcd - ok
09:16:19.0461 4852 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
09:16:19.0501 4852 IntcAzAudAddService - ok
09:16:19.0551 4852 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:16:19.0631 4852 IntcDAud - ok
09:16:19.0651 4852 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:16:19.0681 4852 intelide - ok
09:16:19.0711 4852 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:16:19.0741 4852 intelppm - ok
09:16:19.0761 4852 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:16:19.0811 4852 IpFilterDriver - ok
09:16:19.0861 4852 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:16:19.0911 4852 IPMIDRV - ok
09:16:19.0921 4852 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:16:19.0991 4852 IPNAT - ok
09:16:20.0021 4852 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:16:20.0071 4852 IRENUM - ok
09:16:20.0081 4852 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:16:20.0101 4852 isapnp - ok
09:16:20.0111 4852 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:16:20.0161 4852 iScsiPrt - ok
09:16:20.0211 4852 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys
09:16:20.0231 4852 k57nd60a - ok
09:16:20.0241 4852 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
09:16:20.0251 4852 kbdclass - ok
09:16:20.0311 4852 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
09:16:20.0331 4852 kbdhid - ok
09:16:20.0351 4852 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
09:16:20.0361 4852 KSecDD - ok
09:16:20.0371 4852 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
09:16:20.0391 4852 KSecPkg - ok
09:16:20.0421 4852 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:16:20.0471 4852 ksthunk - ok
09:16:20.0501 4852 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:16:20.0531 4852 lltdio - ok
09:16:20.0561 4852 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:16:20.0611 4852 LSI_FC - ok
09:16:20.0621 4852 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:16:20.0641 4852 LSI_SAS - ok
09:16:20.0661 4852 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:16:20.0691 4852 LSI_SAS2 - ok
09:16:20.0701 4852 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:16:20.0721 4852 LSI_SCSI - ok
09:16:20.0741 4852 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:16:20.0801 4852 luafv - ok
09:16:20.0801 4852 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:16:20.0831 4852 megasas - ok
09:16:20.0841 4852 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:16:20.0871 4852 MegaSR - ok
09:16:20.0891 4852 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
09:16:20.0911 4852 MEIx64 - ok
09:16:20.0911 4852 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:16:20.0961 4852 Modem - ok
09:16:20.0991 4852 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:16:21.0031 4852 monitor - ok
09:16:21.0031 4852 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:16:21.0051 4852 mouclass - ok
09:16:21.0061 4852 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:16:21.0071 4852 mouhid - ok
09:16:21.0121 4852 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:16:21.0151 4852 mountmgr - ok
09:16:21.0161 4852 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:16:21.0181 4852 mpio - ok
09:16:21.0191 4852 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:16:21.0221 4852 mpsdrv - ok
09:16:21.0231 4852 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:16:21.0271 4852 MRxDAV - ok
09:16:21.0291 4852 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:16:21.0341 4852 mrxsmb - ok
09:16:21.0371 4852 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:16:21.0421 4852 mrxsmb10 - ok
09:16:21.0441 4852 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:16:21.0471 4852 mrxsmb20 - ok
09:16:21.0491 4852 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:16:21.0531 4852 msahci - ok
09:16:21.0641 4852 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:16:21.0841 4852 msdsm - ok
09:16:21.0841 4852 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:16:21.0891 4852 Msfs - ok
09:16:21.0911 4852 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:16:22.0001 4852 mshidkmdf - ok
09:16:22.0021 4852 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:16:22.0041 4852 msisadrv - ok
09:16:22.0051 4852 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:16:22.0111 4852 MSKSSRV - ok
09:16:22.0131 4852 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:16:22.0181 4852 MSPCLOCK - ok
09:16:22.0181 4852 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:16:22.0221 4852 MSPQM - ok
09:16:22.0231 4852 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:16:22.0241 4852 MsRPC - ok
09:16:22.0251 4852 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
09:16:22.0271 4852 mssmbios - ok
09:16:22.0271 4852 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:16:22.0311 4852 MSTEE - ok
09:16:22.0311 4852 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:16:22.0341 4852 MTConfig - ok
09:16:22.0351 4852 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:16:22.0361 4852 Mup - ok
09:16:22.0401 4852 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:16:22.0441 4852 NativeWifiP - ok
09:16:22.0531 4852 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20111127.005\ENG64.SYS
09:16:22.0591 4852 NAVENG - ok
09:16:22.0641 4852 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20111127.005\EX64.SYS
09:16:22.0701 4852 NAVEX15 - ok
09:16:22.0731 4852 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:16:22.0771 4852 NDIS - ok
09:16:22.0801 4852 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:16:22.0841 4852 NdisCap - ok
09:16:22.0841 4852 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:16:22.0871 4852 NdisTapi - ok
09:16:22.0891 4852 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:16:22.0941 4852 Ndisuio - ok
09:16:22.0941 4852 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:16:22.0981 4852 NdisWan - ok
09:16:23.0001 4852 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:16:23.0031 4852 NDProxy - ok
09:16:23.0061 4852 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:16:23.0121 4852 NetBIOS - ok
09:16:23.0131 4852 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:16:23.0161 4852 NetBT - ok
09:16:23.0191 4852 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:16:23.0221 4852 nfrd960 - ok
09:16:23.0241 4852 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:16:23.0271 4852 Npfs - ok
09:16:23.0291 4852 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:16:23.0321 4852 nsiproxy - ok
09:16:23.0361 4852 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:16:23.0431 4852 Ntfs - ok
09:16:23.0431 4852 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:16:23.0471 4852 Null - ok
09:16:23.0501 4852 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
09:16:23.0561 4852 nusb3hub - ok
09:16:23.0581 4852 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:16:23.0641 4852 nusb3xhc - ok
09:16:23.0671 4852 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:16:23.0721 4852 nvraid - ok
09:16:23.0751 4852 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:16:23.0801 4852 nvstor - ok
09:16:23.0821 4852 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:16:23.0861 4852 nv_agp - ok
09:16:23.0871 4852 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:16:23.0901 4852 ohci1394 - ok
09:16:23.0921 4852 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:16:23.0941 4852 Parport - ok
09:16:23.0961 4852 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:16:23.0971 4852 partmgr - ok
09:16:24.0001 4852 PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - ok
09:16:24.0021 4852 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:16:24.0031 4852 pci - ok
09:16:24.0051 4852 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:16:24.0081 4852 pciide - ok
09:16:24.0131 4852 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:16:24.0181 4852 pcmcia - ok
09:16:24.0221 4852 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
09:16:24.0301 4852 pcouffin - ok
09:16:24.0321 4852 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:16:24.0341 4852 pcw - ok
09:16:24.0361 4852 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:16:24.0401 4852 PEAUTH - ok
09:16:24.0431 4852 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:16:24.0461 4852 PptpMiniport - ok
09:16:24.0511 4852 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:16:24.0561 4852 Processor - ok
09:16:24.0581 4852 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:16:24.0621 4852 Psched - ok
09:16:24.0651 4852 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:16:24.0661 4852 PxHlpa64 - ok
09:16:24.0701 4852 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:16:24.0771 4852 ql2300 - ok
09:16:24.0781 4852 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:16:24.0801 4852 ql40xx - ok
09:16:24.0811 4852 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:16:24.0841 4852 QWAVEdrv - ok
09:16:24.0841 4852 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:16:24.0881 4852 RasAcd - ok
09:16:24.0911 4852 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:16:24.0941 4852 RasAgileVpn - ok
09:16:24.0951 4852 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:16:24.0991 4852 Rasl2tp - ok
09:16:25.0001 4852 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:16:25.0041 4852 RasPppoe - ok
09:16:25.0071 4852 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:16:25.0121 4852 RasSstp - ok
09:16:25.0121 4852 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:16:25.0151 4852 rdbss - ok
09:16:25.0171 4852 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
09:16:25.0201 4852 rdpbus - ok
09:16:25.0211 4852 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:16:25.0241 4852 RDPCDD - ok
09:16:25.0281 4852 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:16:25.0331 4852 RDPENCDD - ok
09:16:25.0341 4852 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:16:25.0361 4852 RDPREFMP - ok
09:16:25.0421 4852 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
09:16:25.0491 4852 RDPWD - ok
09:16:25.0511 4852 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:16:25.0531 4852 rdyboost - ok
09:16:25.0571 4852 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:16:25.0601 4852 rspndr - ok
09:16:25.0641 4852 RTCore64 (2e887e52e45bba3c47ccd0e75fc5266f) C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
09:16:25.0681 4852 RTCore64 - ok
09:16:25.0681 4852 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:16:25.0711 4852 sbp2port - ok
09:16:25.0741 4852 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:16:25.0791 4852 scfilter - ok
09:16:25.0801 4852 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:16:25.0841 4852 secdrv - ok
09:16:25.0871 4852 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:16:25.0921 4852 Serenum - ok
09:16:25.0941 4852 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:16:25.0991 4852 Serial - ok
09:16:25.0991 4852 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:16:26.0071 4852 sermouse - ok
09:16:26.0091 4852 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:16:26.0131 4852 sffdisk - ok
09:16:26.0141 4852 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:16:26.0191 4852 sffp_mmc - ok
09:16:26.0201 4852 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:16:26.0281 4852 sffp_sd - ok
09:16:26.0281 4852 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:16:26.0311 4852 sfloppy - ok
09:16:26.0321 4852 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:16:26.0341 4852 SiSRaid2 - ok
09:16:26.0351 4852 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:16:26.0381 4852 SiSRaid4 - ok
09:16:26.0391 4852 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:16:26.0441 4852 Smb - ok
09:16:26.0481 4852 snapman (0775cb5147953cce129bc3414740d109) C:\Windows\system32\DRIVERS\snapman.sys
09:16:26.0501 4852 snapman - ok
09:16:26.0521 4852 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:16:26.0531 4852 spldr - ok
09:16:26.0581 4852 SRTSP (9e399476e5d5e0d3c8822c857a7e9a9a) C:\Windows\System32\Drivers\NISx64\1008030.006\SRTSP64.SYS
09:16:26.0611 4852 SRTSP - ok
09:16:26.0631 4852 SRTSPX (3d7717b582f0365e75071556936e5a6b) C:\Windows\system32\drivers\NISx64\1008030.006\SRTSPX64.SYS
09:16:26.0651 4852 SRTSPX - ok
09:16:26.0671 4852 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:16:26.0711 4852 srv - ok
09:16:26.0711 4852 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:16:26.0741 4852 srv2 - ok
09:16:26.0781 4852 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:16:26.0801 4852 srvnet - ok
09:16:26.0831 4852 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:16:26.0871 4852 stexstor - ok
09:16:26.0901 4852 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
09:16:26.0911 4852 swenum - ok
09:16:26.0941 4852 SymEFA (4f87bb5389a93778ebc363b28271a65b) C:\Windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS
09:16:26.0971 4852 SymEFA - ok
09:16:27.0011 4852 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:16:27.0051 4852 SymEvent - ok
09:16:27.0081 4852 SYMFW (b4af6633ecd674b74bd4e80788299d2a) C:\Windows\System32\Drivers\NISx64\1008030.006\SYMFW.SYS
09:16:27.0091 4852 SYMFW - ok
09:16:27.0121 4852 SymIM (212bbf5a964513980d5de9397381534f) C:\Windows\system32\DRIVERS\SymIMv.sys
09:16:27.0141 4852 SymIM - ok
09:16:27.0181 4852 SYMNDISV (d451a05f7e7b9d1f9f8fb76b2a16d786) C:\Windows\System32\Drivers\NISx64\1008030.006\SYMNDISV.SYS
09:16:27.0211 4852 SYMNDISV - ok
09:16:27.0251 4852 symsnap (2d9b2746f7dea46d1572b84a06311566) C:\Windows\system32\DRIVERS\symsnap.sys
09:16:27.0271 4852 symsnap - ok
09:16:27.0311 4852 SYMTDI (33b37cb0a74f1f4b78a665ece9184095) C:\Windows\System32\Drivers\NISx64\1008030.006\SYMTDI.SYS
09:16:27.0321 4852 SYMTDI - ok
09:16:27.0381 4852 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:16:27.0451 4852 Tcpip - ok
09:16:27.0521 4852 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:16:27.0561 4852 TCPIP6 - ok
09:16:27.0601 4852 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:16:27.0661 4852 tcpipreg - ok
09:16:27.0671 4852 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:16:27.0711 4852 TDPIPE - ok
09:16:27.0791 4852 tdrpman258 (bf7ac81df6fbe09438d9dc7188178ea9) C:\Windows\system32\DRIVERS\tdrpm258.sys
09:16:27.0831 4852 tdrpman258 - ok
09:16:27.0841 4852 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
09:16:27.0881 4852 TDTCP - ok
09:16:27.0891 4852 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:16:27.0921 4852 tdx - ok
09:16:27.0931 4852 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
09:16:27.0941 4852 TermDD - ok
09:16:27.0971 4852 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys
09:16:27.0991 4852 timounter - ok
09:16:28.0001 4852 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:16:28.0091 4852 tssecsrv - ok
09:16:28.0121 4852 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:16:28.0151 4852 TsUsbFlt - ok
09:16:28.0151 4852 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
09:16:28.0181 4852 TsUsbGD - ok
09:16:28.0211 4852 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:16:28.0251 4852 tunnel - ok
09:16:28.0251 4852 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:16:28.0291 4852 uagp35 - ok
09:16:28.0311 4852 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:16:28.0351 4852 udfs - ok
09:16:28.0361 4852 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:16:28.0391 4852 uliagpkx - ok
09:16:28.0421 4852 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:16:28.0451 4852 umbus - ok
09:16:28.0461 4852 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:16:28.0481 4852 UmPass - ok
09:16:28.0541 4852 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:16:28.0591 4852 usbccgp - ok
09:16:28.0591 4852 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:16:28.0661 4852 usbcir - ok
09:16:28.0681 4852 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:16:28.0711 4852 usbehci - ok
09:16:28.0731 4852 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:16:28.0761 4852 usbhub - ok
09:16:28.0801 4852 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:16:28.0851 4852 usbohci - ok
09:16:28.0881 4852 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:16:28.0921 4852 usbprint - ok
09:16:28.0961 4852 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:16:29.0031 4852 usbscan - ok
09:16:29.0041 4852 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:16:29.0111 4852 USBSTOR - ok
09:16:29.0181 4852 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:16:29.0241 4852 usbuhci - ok
09:16:29.0291 4852 v2imount (39583837498d6430833b03b37bcb1eff) C:\Windows\system32\DRIVERS\v2imount.sys
09:16:29.0321 4852 v2imount - ok
09:16:29.0351 4852 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:16:29.0371 4852 vdrvroot - ok
09:16:29.0401 4852 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:16:29.0431 4852 vga - ok
09:16:29.0441 4852 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:16:29.0471 4852 VgaSave - ok
09:16:29.0511 4852 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:16:29.0561 4852 vhdmp - ok
09:16:29.0561 4852 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:16:29.0581 4852 viaide - ok
09:16:29.0611 4852 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:16:29.0621 4852 volmgr - ok
09:16:29.0631 4852 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:16:29.0651 4852 volmgrx - ok
09:16:29.0691 4852 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:16:29.0721 4852 volsnap - ok
09:16:29.0791 4852 VProEventMonitor (8b7454930230db4bc4ba35a467be09aa) C:\Windows\system32\DRIVERS\vproeventmonitor.sys
09:16:29.0831 4852 VProEventMonitor - ok
09:16:29.0851 4852 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:16:29.0901 4852 vsmraid - ok
09:16:29.0931 4852 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
09:16:29.0981 4852 vwifibus - ok
09:16:30.0011 4852 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:16:30.0081 4852 WacomPen - ok
09:16:30.0101 4852 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:16:30.0161 4852 WANARP - ok
09:16:30.0161 4852 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:16:30.0201 4852 Wanarpv6 - ok
09:16:30.0231 4852 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:16:30.0271 4852 Wd - ok
09:16:30.0281 4852 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:16:30.0301 4852 Wdf01000 - ok
09:16:30.0321 4852 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:16:30.0341 4852 WfpLwf - ok
09:16:30.0371 4852 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
09:16:30.0421 4852 WimFltr - ok
09:16:30.0441 4852 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:16:30.0471 4852 WIMMount - ok
09:16:30.0491 4852 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:16:30.0521 4852 WmiAcpi - ok
09:16:30.0531 4852 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:16:30.0571 4852 ws2ifsl - ok
09:16:30.0591 4852 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:16:30.0611 4852 WudfPf - ok
09:16:30.0641 4852 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:16:30.0671 4852 WUDFRd - ok
09:16:30.0691 4852 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
09:16:31.0501 4852 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
09:16:31.0501 4852 \Device\Harddisk1\DR1 - detected TDSS File System (1)
09:16:31.0501 4852 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:16:31.0561 4852 \Device\Harddisk0\DR0 - ok
09:16:31.0561 4852 Boot (0x1200) (423e438175736b4178993abd0f6df97f) \Device\Harddisk1\DR1\Partition0
09:16:31.0561 4852 \Device\Harddisk1\DR1\Partition0 - ok
09:16:31.0601 4852 Boot (0x1200) (c735155e5d132c17402be0cd69777b63) \Device\Harddisk1\DR1\Partition1
09:16:31.0601 4852 \Device\Harddisk1\DR1\Partition1 - ok
09:16:31.0601 4852 Boot (0x1200) (3814bd66e872d6024d42e842f44b8b76) \Device\Harddisk0\DR0\Partition0
09:16:31.0601 4852 \Device\Harddisk0\DR0\Partition0 - ok
09:16:31.0611 4852 Boot (0x1200) (c735155e5d132c17402be0cd69777b63) \Device\Harddisk0\DR0\Partition1
09:16:31.0611 4852 \Device\Harddisk0\DR0\Partition1 - ok
09:16:31.0611 4852 ============================================================
09:16:31.0611 4852 Scan finished
09:16:31.0611 4852 ============================================================
09:16:31.0621 5484 Detected object count: 1
09:16:31.0621 5484 Actual detected object count: 1
09:16:59.0541 5484 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
09:16:59.0541 5484 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip


aswmbr log:
-----------
aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-28 09:18:17
-----------------------------
09:18:17.383 OS Version: Windows x64 6.1.7601 Service Pack 1
09:18:17.383 Number of processors: 8 586 0x2A07
09:18:17.383 ComputerName: LUIS UserName: Luis
09:18:19.543 Initialize success
09:20:20.061 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
09:20:20.061 Disk 0 Vendor: ST31000524AS JC47 Size: 953869MB BusType: 11
09:20:20.071 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
09:20:20.071 Disk 1 Vendor: ST31000524AS JC47 Size: 953869MB BusType: 11
09:20:22.091 Disk 1 MBR read successfully
09:20:22.091 Disk 1 MBR scan
09:20:22.091 Disk 1 Windows 7 default MBR code
09:20:22.101 Service scanning
09:20:23.771 Modules scanning
09:20:23.771 Scan finished successfully
09:20:53.871 Disk 1 MBR has been saved successfully to "C:\Users\Luis\Desktop\MBR.dat"
09:20:53.881 The log file has been saved successfully to "C:\Users\Luis\Desktop\aswMBR.txt"


2 otl logs:
-----------
OTL logfile created on: 11/28/2011 9:24:02 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Luis\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 10.34 Gb Available Physical Memory | 86.33% Memory free
41.28 Gb Paging File | 39.49 Gb Available in Paging File | 95.67% Paging File free
Paging file location(s): c:\pagefile.sys 30000 40000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.84 Gb Total Space | 531.99 Gb Free Space | 57.96% Space Free | Partition Type: NTFS
Drive F: | 917.84 Gb Total Space | 211.78 Gb Free Space | 23.07% Space Free | Partition Type: NTFS

Computer Name: LUIS | User Name: Luis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/28 09:23:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe
PRC - [2011/11/19 19:25:22 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011/11/10 10:51:28 | 000,520,040 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2011/11/10 01:04:50 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
PRC - [2011/06/17 10:02:10 | 001,000,896 | ---- | M] (Cyber Power Systems, Inc.) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/15 06:20:22 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2010/09/13 11:48:12 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
PRC - [2010/03/03 19:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
PRC - [2010/03/03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
PRC - [2007/10/02 11:23:26 | 002,482,176 | ---- | M] (DigiPortal Software, Inc.) -- C:\Program Files (x86)\DigiPortal Software\ChoiceMail\CMServer.exe
PRC - [2007/10/02 11:23:06 | 005,230,592 | ---- | M] (DigiPortal Software, Inc.) -- C:\Program Files (x86)\DigiPortal Software\ChoiceMail\ChoiceMail.exe


========== Modules (No Company Name) ==========

MOD - [2011/02/15 06:20:22 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2011/02/15 06:20:08 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2011/02/15 06:20:02 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2011/02/15 06:19:44 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2011/02/15 06:19:30 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2011/02/15 06:19:20 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2010/07/26 23:37:16 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/25 21:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/11/19 19:25:22 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011/11/10 10:51:28 | 000,520,040 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2011/11/10 01:04:50 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2011/06/17 10:02:10 | 001,000,896 | ---- | M] (Cyber Power Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/09/13 11:48:12 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2010/03/27 16:09:22 | 001,054,568 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2010/02/12 07:09:18 | 002,227,216 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe -- (GenericMount Helper Service)
SRV - [2009/09/21 20:19:22 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/10/02 11:23:26 | 002,482,176 | ---- | M] (DigiPortal Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigiPortal Software\ChoiceMail\CMServer.exe -- (svcChoiceMail)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006/12/15 04:01:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/19 21:09:58 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011/11/19 19:25:23 | 000,252,512 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011/11/19 19:25:21 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV:64bit: - [2011/11/19 19:25:17 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/11/19 19:25:12 | 000,271,456 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011/11/17 21:11:48 | 000,561,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011/11/17 21:08:52 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/10/25 22:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/25 20:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/21 19:35:58 | 000,279,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2011/09/21 19:35:58 | 000,120,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symfw.sys -- (SYMFW)
DRV:64bit: - [2011/09/21 19:35:58 | 000,056,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2011/06/06 17:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/15 17:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/30 14:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 14:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/07/26 21:41:28 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/07/19 23:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/19 23:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/13 16:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/06/08 05:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2010/06/03 11:35:02 | 000,033,792 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir3.sys -- (hcw85cir)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/12 07:10:12 | 000,066,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2010/01/20 16:14:19 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2010/01/20 16:14:19 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2010/01/20 16:14:18 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/01/20 16:14:18 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2010/01/20 16:14:18 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/10/01 22:03:40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009/09/21 20:40:14 | 000,020,528 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV:64bit: - [2009/09/21 20:20:42 | 000,170,032 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009/09/11 16:19:08 | 001,705,600 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/17 14:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV:64bit: - [2008/01/19 19:45:40 | 000,045,104 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\v2imount.sys -- (v2imount)
DRV - [2011/11/26 07:34:26 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20111127.005\EX64.SYS -- (NAVEX15)
DRV - [2011/11/26 07:34:26 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20111127.005\ENG64.SYS -- (NAVENG)
DRV - [2011/11/17 16:04:32 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20111124.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011/11/17 10:45:58 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/11/17 10:45:58 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/26 19:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/11/17 21:13:10 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/11/28 08:59:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [ChoiceMail] C:\Program Files (x86)\DigiPortal Software\ChoiceMail\ChoiceMail.exe (DigiPortal Software, Inc.)
O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClearHistory.cmd ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBF958F2-8A6A-4D16-856E-78A57CD80E54}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/28 09:23:16 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe
[2011/11/28 09:18:02 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Luis\Desktop\aswMBR.exe
[2011/11/28 09:15:20 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Luis\Desktop\tdsskiller.exe
[2011/11/28 08:59:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/11/28 08:54:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/28 08:54:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/28 08:54:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/28 08:54:06 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/28 08:53:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/28 08:53:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/11/28 08:52:03 | 004,310,219 | R--- | C] (Swearware) -- C:\Users\Luis\Desktop\ComboFix.exe
[2011/11/28 08:42:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/28 01:56:32 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\NPE
[2011/11/28 00:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2011/11/27 21:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image Home
[2011/11/27 21:21:03 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Acronis
[2011/11/27 16:43:33 | 000,000,000 | R--D | C] -- C:\OffStart
[2011/11/26 20:08:49 | 000,000,000 | R--D | C] -- C:\Users\Luis\Documents\Scanned Documents
[2011/11/26 20:08:49 | 000,000,000 | ---D | C] -- C:\Users\Luis\Documents\Fax
[2011/11/26 19:14:04 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\EPSON
[2011/11/26 19:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2011/11/26 19:08:45 | 000,093,184 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcwiad.dll
[2011/11/26 19:07:34 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011/11/26 19:07:06 | 000,129,536 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMACA.DLL
[2011/11/26 19:07:06 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBACA.DLL
[2011/11/26 19:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON
[2011/11/26 19:06:22 | 000,000,000 | ---D | C] -- C:\epson
[2011/11/23 15:38:36 | 000,273,408 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\Pncrt.dll
[2011/11/23 15:38:36 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv43260.dll
[2011/11/23 15:38:36 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv33260.dll
[2011/11/23 15:38:36 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv23260.dll
[2011/11/23 15:38:36 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\sipr3260.dll
[2011/11/23 15:38:36 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\cook3260.dll
[2011/11/23 15:38:35 | 000,626,688 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2011/11/23 15:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2011/11/23 13:09:12 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\ATI
[2011/11/23 13:09:12 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\ATI
[2011/11/23 13:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/11/23 13:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/11/23 13:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/11/23 13:08:04 | 000,000,000 | ---D | C] -- C:\Program Files (86)
[2011/11/23 13:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/11/23 13:05:36 | 000,000,000 | ---D | C] -- C:\ATI
[2011/11/23 05:20:59 | 000,000,000 | ---D | C] -- C:\ViewSonic
[2011/11/23 05:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2011/11/23 05:04:55 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\PC_Drivers_Headquarters
[2011/11/23 05:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters Inc
[2011/11/23 04:52:09 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\GetRightToGo
[2011/11/23 00:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAvi and ConvertXtoDvd
[2011/11/23 00:39:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dvd Vlc Players
[2011/11/23 00:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware And Cleanup
[2011/11/23 00:31:47 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Symantec
[2011/11/22 06:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeroInstall.bak
[2011/11/21 23:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinAVI
[2011/11/21 20:20:29 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Nero
[2011/11/21 20:20:08 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Nero
[2011/11/21 20:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/11/21 20:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2011/11/21 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Citrix
[2011/11/21 20:14:03 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Apps
[2011/11/21 20:14:02 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Deployment
[2011/11/21 20:09:05 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Ahead
[2011/11/21 20:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/11/21 20:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011/11/21 20:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/11/21 09:43:29 | 000,000,000 | ---D | C] -- C:\Users\Luis\etpro
[2011/11/21 09:43:25 | 000,000,000 | ---D | C] -- C:\data
[2011/11/21 09:41:49 | 000,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2011/11/21 09:41:49 | 000,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/11/21 09:41:49 | 000,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/11/21 09:41:49 | 000,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/11/21 09:41:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/11/20 19:10:28 | 019,810,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imageres.dll
[2011/11/20 18:19:30 | 000,000,000 | ---D | C] -- C:\Windows\Media XP
[2011/11/20 17:54:43 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\TP
[2011/11/20 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\Luis\Documents\Roxio Projects
[2011/11/20 17:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dvd Cd Amazon Burning Programs
[2011/11/20 03:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daemon Virtual Drive
[2011/11/20 03:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Pro
[2011/11/20 02:28:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/11/20 02:24:06 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\WinAVI
[2011/11/20 02:24:06 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\WinAVI
[2011/11/20 02:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\unlocker beta
[2011/11/19 23:38:01 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Sierra
[2011/11/19 23:36:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Print Artist
[2011/11/19 23:35:59 | 000,000,000 | ---D | C] -- C:\Windows\Fonts\FONTS
[2011/11/19 23:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011/11/19 23:34:55 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbar332.dll
[2011/11/19 23:34:55 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x35.dll
[2011/11/19 23:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sierra
[2011/11/19 23:34:54 | 001,045,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet35.dll
[2011/11/19 23:34:54 | 000,407,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl35.dll
[2011/11/19 23:34:54 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msjint35.dll
[2011/11/19 23:34:54 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter35.dll
[2011/11/19 23:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra
[2011/11/19 23:33:54 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2011/11/19 23:31:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\[bleep] NFO Viewer
[2011/11/19 21:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/11/19 21:13:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrontPage Express
[2011/11/19 21:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Frontpage
[2011/11/19 21:09:58 | 000,082,816 | ---- | C] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin.sys
[2011/11/19 21:09:58 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Luis\AppData\Roaming\pcouffin.sys
[2011/11/19 21:09:57 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Vso
[2011/11/19 21:09:57 | 000,000,000 | ---D | C] -- C:\Users\Luis\Documents\PcSetup
[2011/11/19 20:58:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/11/19 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\uTorrent
[2011/11/19 19:53:18 | 000,000,000 | ---D | C] -- C:\Windows\Ulead.dat
[2011/11/19 19:52:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead Photo Express
[2011/11/19 19:46:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ulead iPhoto Express
[2011/11/19 19:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\my reminders
[2011/11/19 19:28:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2011/11/19 19:25:23 | 000,252,512 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2011/11/19 19:25:21 | 001,477,728 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm258.sys
[2011/11/19 19:25:17 | 000,943,712 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2011/11/19 19:25:12 | 000,271,456 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2011/11/19 19:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2011/11/19 19:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2011/11/19 08:58:34 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\pix
[2011/11/19 08:57:22 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\stock urls
[2011/11/19 00:41:48 | 000,154,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys
[2011/11/19 00:41:20 | 000,170,032 | ---- | C] (StorageCraft) -- C:\Windows\SysNative\drivers\symsnap.sys
[2011/11/19 00:41:07 | 000,020,528 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\vproeventmonitor.sys
[2011/11/19 00:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Ghost
[2011/11/18 23:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2011/11/18 23:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2011/11/18 21:43:47 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\DigiPortal
[2011/11/18 20:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DigiPortal Software
[2011/11/18 19:23:36 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\MigWiz
[2011/11/18 19:13:03 | 000,000,000 | R-SD | C] -- C:\Users\Luis\Documents\My Stationery
[2011/11/18 19:11:55 | 000,000,000 | ---D | C] -- C:\Users\Luis\Tracing
[2011/11/18 19:00:08 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011/11/18 19:00:08 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011/11/18 19:00:08 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/11/18 18:59:54 | 000,000,000 | ---D | C] -- C:\ProgramData\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
[2011/11/18 15:41:01 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/11/18 12:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Amazon
[2011/11/18 12:16:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2011/11/18 12:16:18 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/11/18 11:43:41 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\unseen
[2011/11/18 10:51:04 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Symantec_Corporation
[2011/11/18 10:51:04 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Symantec
[2011/11/18 10:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lock my Folder
[2011/11/18 10:41:45 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Adobe
[2011/11/18 10:32:17 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.DLL
[2011/11/18 10:32:17 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capicom.dll
[2011/11/18 10:32:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2011/11/18 10:31:46 | 000,045,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\v2imount.sys
[2011/11/18 10:31:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/11/18 10:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Future Systems Solutions
[2011/11/18 09:54:41 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\PowerPanel Personal Edition
[2011/11/18 09:54:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
[2011/11/18 09:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberPower Personal Edition
[2011/11/18 09:42:45 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Splashtop Remote Client
[2011/11/18 09:42:38 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Downloaded Installations
[2011/11/18 09:36:43 | 000,000,000 | ---D | C] -- C:\temp
[2011/11/18 09:35:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2011/11/18 09:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop
[2011/11/18 09:35:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Splashtop
[2011/11/18 09:35:07 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\{BA5F88F1-D2F2-4E27-85A3-42F74C7F2FC2}
[2011/11/18 09:34:57 | 000,000,000 | ---D | C] -- C:\Windows\Ver
[2011/11/18 09:33:23 | 000,000,000 | ---D | C] -- C:\Pics
[2011/11/18 09:31:24 | 000,000,000 | ---D | C] -- C:\DivXtoDvdMovies
[2011/11/18 09:31:07 | 000,000,000 | ---D | C] -- C:\Desktop Pics
[2011/11/18 08:44:18 | 000,000,000 | ---D | C] -- C:\Completed Movies
[2011/11/18 08:43:47 | 000,000,000 | ---D | C] -- C:\Users\Luis\Desktop\Bills
[2011/11/18 08:38:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Hauppauge
[2011/11/18 08:37:42 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2011/11/18 08:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HCW85
[2011/11/18 08:29:02 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2011/11/18 08:29:02 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2011/11/18 08:29:02 | 000,118,849 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2011/11/18 08:29:02 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2011/11/18 08:02:38 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Macromedia
[2011/11/18 08:02:34 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/18 08:02:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/11/18 08:02:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/18 08:00:25 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Malwarebytes
[2011/11/18 08:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/18 08:00:18 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/18 02:33:22 | 000,000,000 | ---D | C] -- C:\Lou Saved Files
[2011/11/18 02:29:11 | 000,000,000 | ---D | C] -- C:\Lou Music
[2011/11/18 02:18:59 | 000,000,000 | ---D | C] -- C:\LTemp On Desktop
[2011/11/18 01:35:10 | 000,000,000 | ---D | C] -- C:\Lou Videos
[2011/11/18 01:09:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\modern warfare 3
[2011/11/18 00:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011/11/18 00:13:12 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\DAEMON Tools Pro
[2011/11/18 00:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2011/11/18 00:01:51 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\vlc
[2011/11/18 00:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/11/17 23:33:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fraps
[2011/11/17 22:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/11/17 21:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CleanUp!
[2011/11/17 21:48:47 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2011/11/17 21:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2011/11/17 21:34:29 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Macrovision
[2011/11/17 21:34:04 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Sonic_Solutions
[2011/11/17 21:13:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011/11/17 21:11:54 | 000,476,720 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtsp64.sys
[2011/11/17 21:11:54 | 000,402,992 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymEFA64.sys
[2011/11/17 21:11:54 | 000,334,384 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\BHDrvx64.sys
[2011/11/17 21:11:54 | 000,279,160 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symtdi.sys
[2011/11/17 21:11:54 | 000,120,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symfw.sys
[2011/11/17 21:11:54 | 000,056,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symndisv.sys
[2011/11/17 21:11:54 | 000,044,152 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symndis.sys
[2011/11/17 21:11:54 | 000,043,640 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symids.sys
[2011/11/17 21:11:54 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtspx64.sys
[2011/11/17 21:11:48 | 000,561,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\cchpx64.sys
[2011/11/17 21:11:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1008030.006
[2011/11/17 20:45:37 | 000,000,000 | ---D | C] -- C:\Users\Luis\Documents\Symantec
[2011/11/17 20:42:55 | 000,031,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys
[2011/11/17 20:42:53 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/11/17 20:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/11/17 20:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/11/17 20:42:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2011/11/17 20:42:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security And Ghost
[2011/11/17 20:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2011/11/17 20:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2011/11/17 20:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/11/17 20:42:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/11/17 20:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011/11/17 20:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec Temporary Files
[2011/11/17 19:27:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/11/17 19:23:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/11/17 19:19:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/11/17 19:19:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/11/17 19:05:59 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/11/17 19:05:59 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/11/17 19:05:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/17 19:05:59 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/11/17 19:05:59 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/17 19:05:59 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/11/17 19:05:59 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/17 18:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/11/17 18:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/11/17 18:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2011/11/17 18:00:00 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Adobe
[2011/11/17 17:59:31 | 000,012,744 | R--- | C] (EnTech Taiwan) -- C:\Windows\SysNative\drivers\Entech64.sys
[2011/11/17 17:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Futuremark Shared
[2011/11/17 17:59:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Futuremark
[2011/11/17 17:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2011/11/17 17:59:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2011/11/17 17:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2011/11/17 17:59:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011/11/17 17:59:06 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2011/11/17 17:59:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2011/11/17 17:59:06 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2011/11/17 17:59:06 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2011/11/17 17:59:06 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2011/11/17 17:59:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2011/11/17 17:59:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2011/11/17 17:59:06 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2011/11/17 17:59:06 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2011/11/17 17:59:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2011/11/17 17:59:05 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2011/11/17 17:59:05 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2011/11/17 17:46:44 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011/11/17 17:46:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HWMonitor
[2011/11/17 17:14:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Dell
[2011/11/17 17:14:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2011/11/17 16:51:47 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011/11/17 16:51:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011/11/17 16:51:42 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011/11/17 16:51:42 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011/11/17 16:51:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011/11/17 16:51:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011/11/17 16:51:42 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011/11/17 16:51:42 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011/11/17 16:51:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011/11/17 16:51:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011/11/17 16:51:16 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/11/17 16:51:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/11/17 16:51:02 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/11/17 16:51:02 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/11/17 16:51:02 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/11/17 16:51:01 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/11/17 16:41:28 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/11/17 16:41:28 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011/11/17 16:41:28 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/11/17 16:41:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011/11/17 16:41:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/11/17 16:41:28 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/11/17 16:41:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011/11/17 16:41:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011/11/17 16:41:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011/11/17 16:41:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/11/17 16:41:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011/11/17 16:41:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/11/17 16:41:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/11/17 16:41:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/11/17 16:41:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/11/17 16:41:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011/11/17 16:41:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/11/17 16:41:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/11/17 16:41:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/11/17 16:41:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011/11/17 16:41:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\codatser
[2011/11/17 16:41:16 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/11/17 16:41:16 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/11/17 16:41:13 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/11/17 16:41:13 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/11/17 16:41:13 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/11/17 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Roxio
[2011/11/17 16:36:25 | 000,000,000 | R--D | C] -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/11/17 16:36:25 | 000,000,000 | R--D | C] -- C:\Users\Luis\Searches
[2011/11/17 16:36:25 | 000,000,000 | -H-D | C] -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/11/17 16:36:19 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Identities
[2011/11/17 16:36:15 | 000,000,000 | R--D | C] -- C:\Users\Luis\Contacts
[2011/11/17 16:36:11 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\VirtualStore
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\AppData\Local\Temporary Internet Files
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Templates
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Start Menu
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\SendTo
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Recent
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\PrintHood
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\NetHood
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Documents\My Videos
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Documents\My Pictures
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Documents\My Music
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\My Documents
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Local Settings
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\AppData\Local\History
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Cookies
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\Application Data
[2011/11/17 16:36:01 | 000,000,000 | -HSD | C] -- C:\Users\Luis\AppData\Local\Application Data
[2011/11/17 16:36:00 | 000,000,000 | --SD | C] -- C:\Users\Luis\AppData\Roaming\Microsoft
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Videos
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Saved Games
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Pictures
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Music
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Links
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Favorites
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Downloads
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Documents
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\Desktop
[2011/11/17 16:36:00 | 000,000,000 | R--D | C] -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/11/17 16:36:00 | 000,000,000 | -H-D | C] -- C:\Users\Luis\AppData
[2011/11/17 16:36:00 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Temp
[2011/11/17 16:36:00 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Local\Microsoft
[2011/11/17 16:36:00 | 000,000,000 | ---D | C] -- C:\Users\Luis\AppData\Roaming\Media Center Programs
[2011/11/03 13:03:48 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/11/03 13:03:35 | 000,000,000 | ---D | C] -- C:\Boot
[2011/11/03 13:00:33 | 000,180,736 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3xhc.sys
[2011/11/03 13:00:33 | 000,080,384 | ---- | C] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3hub.sys
[2011/11/03 13:00:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM
[2011/11/03 13:00:33 | 000,000,000 | ---D | C] -- C:\Hotfix
[2011/11/03 12:55:08 | 005,041,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2011/11/03 12:55:08 | 004,353,536 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2011/11/03 12:55:08 | 004,189,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2011/11/03 12:55:08 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2011/11/03 12:55:08 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2011/11/03 12:55:08 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2011/11/03 12:55:08 | 000,040,960 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2011/11/03 12:55:08 | 000,038,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2011/11/03 12:55:08 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2011/11/03 12:55:07 | 000,892,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2011/11/03 12:55:07 | 000,748,544 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2011/11/03 12:55:07 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2011/11/03 12:54:51 | 000,317,440 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2011/11/03 12:54:51 | 000,158,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys
[2011/11/03 12:54:51 | 000,014,848 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2011/11/03 12:54:42 | 001,919,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hcw85wdf_01005.dll
[2011/11/03 12:54:42 | 000,147,456 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcwecppp.ax
[2011/11/03 12:54:42 | 000,099,328 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcwcp.ax
[2011/11/03 12:54:42 | 000,033,792 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir3.sys
[2011/11/03 12:54:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hcw85cir.dll
[2011/11/03 12:54:37 | 000,139,776 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw85enc.ax
[2011/11/03 12:54:37 | 000,110,592 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw85prop.ax
[2011/11/03 12:54:36 | 001,705,600 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\drivers\HCW85BDA.sys
[2011/11/03 12:53:42 | 000,406,056 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\k57nd60a.sys
[2011/11/03 12:53:38 | 000,344,616 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys
[2011/11/03 12:53:38 | 000,135,720 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2011/11/03 12:53:38 | 000,021,544 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys
[2011/11/03 12:53:07 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011/11/03 12:53:06 | 002,622,056 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2011/11/03 12:53:06 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011/11/03 12:53:06 | 002,004,072 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2011/11/03 12:53:06 | 001,216,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2011/11/03 12:53:06 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2011/11/03 12:53:06 | 000,607,832 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2011/11/03 12:53:06 | 000,531,032 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2011/11/03 12:53:06 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011/11/03 12:53:06 | 000,476,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2011/11/03 12:53:06 | 000,397,400 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll
[2011/11/03 12:53:06 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011/11/03 12:53:06 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2011/11/03 12:53:06 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011/11/03 12:53:06 | 000,309,336 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll
[2011/11/03 12:53:06 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011/11/03 12:53:06 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011/11/03 12:53:06 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011/11/03 12:53:06 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011/11/03 12:53:06 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011/11/03 12:53:06 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011/11/03 12:53:06 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2011/11/03 12:53:06 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011/11/03 12:53:06 | 000,080,984 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2011/11/03 12:53:06 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011/11/03 12:53:06 | 000,073,832 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2011/11/03 12:53:05 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/11/03 12:53:05 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2011/11/03 12:53:04 | 000,168,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2011/11/03 12:53:04 | 000,000,000 | ---D | C] -- C:\Drivers
[2011/11/03 12:52:54 | 000,000,000 | ---D | C] -- C:\Minint
[2011/11/03 12:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/11/03 12:08:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011/11/03 12:06:42 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/11/03 12:06:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/11/03 10:50:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/11/03 10:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/11/03 10:48:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/11/03 10:48:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/11/03 10:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/11/03 10:47:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/11/03 10:47:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/11/03 10:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/11/03 10:42:06 | 000,000,000 | ---D | C] -- C:\dell
[2011/11/03 10:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/11/03 10:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/11/03 10:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2011/11/03 10:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2011/11/03 10:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/11/03 10:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/11/03 10:33:27 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2011/11/03 10:33:27 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2011/11/03 10:33:27 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2011/11/03 10:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2011/11/03 10:33:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/11/03 10:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011/11/03 10:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2011/11/03 10:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2011/11/03 10:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2011/11/03 10:32:42 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2011/11/03 10:32:42 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2011/11/03 10:32:42 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2011/11/03 10:32:42 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2011/11/03 10:32:42 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2011/11/03 10:32:42 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2011/11/03 10:32:41 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2011/11/03 10:32:41 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2011/11/03 10:32:36 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2011/11/03 10:32:36 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2011/11/03 10:32:35 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2011/11/03 10:32:35 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2011/11/03 10:32:35 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2011/11/03 10:32:35 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2011/11/03 10:32:35 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2011/11/03 10:32:35 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2011/11/03 10:32:35 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2011/11/03 10:32:35 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2011/11/03 10:32:35 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2011/11/03 10:32:35 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2011/11/03 10:32:34 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2011/11/03 10:32:34 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2011/11/03 10:32:34 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2011/11/03 10:32:34 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2011/11/03 10:32:34 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2011/11/03 10:32:34 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2011/11/03 10:32:33 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2011/11/03 10:32:33 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2011/11/03 10:32:33 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2011/11/03 10:32:33 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2011/11/03 10:32:33 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2011/11/03 10:32:33 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2011/11/03 10:32:33 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2011/11/03 10:32:33 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011/11/03 10:32:32 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2011/11/03 10:32:32 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2011/11/03 10:32:32 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2011/11/03 10:32:32 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2011/11/03 10:32:32 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2011/11/03 10:32:32 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2011/11/03 10:32:31 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/11/03 10:32:31 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/11/03 10:32:31 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2011/11/03 10:32:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2011/11/03 10:32:31 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2011/11/03 10:32:31 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2011/11/03 10:32:31 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2011/11/03 10:32:31 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2011/11/03 10:32:30 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2011/11/03 10:32:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011/11/03 10:32:30 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2011/11/03 10:32:30 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2011/11/03 10:32:30 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2011/11/03 10:32:30 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2011/11/03 10:32:30 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2011/11/03 10:32:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2011/11/03 10:32:24 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2011/11/03 10:32:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2011/11/03 10:32:24 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2011/11/03 10:32:24 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2011/11/03 10:32:22 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011/11/03 10:32:22 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011/11/03 10:32:21 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2011/11/03 10:32:21 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2011/11/03 10:32:21 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2011/11/03 10:32:21 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2011/11/03 10:32:20 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2011/11/03 10:32:20 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2011/11/03 10:32:19 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2011/11/03 10:32:19 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2011/11/03 10:32:19 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2011/11/03 10:32:19 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2011/11/03 10:32:18 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2011/11/03 10:32:18 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2011/11/03 10:32:17 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2011/11/03 10:32:17 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2011/11/03 10:32:16 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2011/11/03 10:32:16 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2011/11/03 10:30:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/11/03 10:30:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2011/11/03 10:29:20 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2011/11/03 10:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2011/11/03 10:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011/11/03 10:27:25 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/11/03 10:20:39 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011/11/03 10:20:39 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011/11/03 10:20:39 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011/11/03 10:20:39 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011/11/03 10:20:39 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011/11/03 10:20:39 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011/11/03 10:20:39 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011/11/03 10:20:39 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011/11/03 10:20:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011/11/03 10:20:39 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011/11/03 10:20:39 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011/11/03 10:20:39 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011/11/03 10:20:39 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011/11/03 10:19:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/11/03 10:19:30 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/11/03 10:19:05 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011/11/03 10:19:05 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011/11/03 10:16:08 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011/11/03 10:16:08 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011/11/03 10:15:58 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/11/03 10:15:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/11/03 10:15:36 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/11/03 10:15:36 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/11/03 10:15:31 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/11/03 10:15:31 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/11/03 10:15:13 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/11/03 10:15:13 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/11/03 10:15:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/11/03 10:15:13 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/11/03 10:15:13 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/11/03 10:15:12 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/11/03 10:15:12 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/11/03 10:15:07 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/11/03 10:15:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/11/03 10:15:06 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/11/03 10:15:01 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/11/03 10:15:01 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/11/03 10:15:01 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/11/03 10:14:54 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/11/03 10:14:54 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/11/03 10:14:54 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011/11/03 10:14:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011/11/03 10:14:54 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/11/03 10:14:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/11/03 10:14:46 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/11/03 10:14:35 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/11/03 10:14:35 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/11/03 10:14:34 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/11/03 10:14:34 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/11/03 10:14:29 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/11/03 10:14:29 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/11/03 10:14:29 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/11/03 10:14:28 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/11/03 10:14:28 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/11/03 10:14:28 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/11/03 10:14:28 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/11/03 10:14:21 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/11/03 10:14:21 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/11/03 10:14:16 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/11/03 10:14:16 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/11/03 10:14:09 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/11/03 10:14:09 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/11/03 10:14:09 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/11/03 10:14:09 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/11/03 10:14:09 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/11/03 10:14:09 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/11/03 10:14:09 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/11/03 10:14:09 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/11/03 10:11:24 | 000,000,000 | ---D | C] -- C:\Recovery
[2011/11/03 10:11:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2011/11/28 09:23:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe
[2011/11/28 09:18:07 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Luis\Desktop\aswMBR.exe
[2011/11/28 09:18:01 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/28 09:18:01 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/28 09:16:34 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/28 09:16:34 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/28 09:16:34 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/28 09:15:22 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Luis\Desktop\tdsskiller.exe
[2011/11/28 09:10:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/28 09:10:15 | 1059,934,206 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/28 09:09:47 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2011/11/28 08:59:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/28 08:52:08 | 004,310,219 | R--- | M] (Swearware) -- C:\Users\Luis\Desktop\ComboFix.exe
[2011/11/28 03:16:10 | 000,000,377 | ---- | M] () -- C:\Users\Luis\Desktop\geeks to go.url
[2011/11/28 03:09:56 | 001,427,318 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\Cat.DB
[2011/11/28 01:30:06 | 000,045,004 | ---- | M] () -- C:\Users\Luis\Desktop\dex ep9.torrent
[2011/11/27 23:47:02 | 000,000,724 | ---- | M] () -- C:\Windows\ULead32.ini
[2011/11/27 21:36:21 | 000,007,603 | ---- | M] () -- C:\Users\Luis\AppData\Local\Resmon.ResmonCfg
[2011/11/27 18:33:33 | 000,000,952 | ---- | M] () -- C:\Users\Luis\Desktop\ati phone number.url
[2011/11/27 11:53:32 | 000,000,573 | ---- | M] () -- C:\Users\Luis\Desktop\Dell 24 calibration.url
[2011/11/27 07:58:34 | 000,000,312 | ---- | M] () -- C:\Users\Luis\Desktop\wd 1tb daurys18.url
[2011/11/26 19:27:31 | 000,000,312 | ---- | M] () -- C:\Users\Luis\Desktop\wd 2tb mjcizme.url
[2011/11/26 18:13:08 | 000,000,360 | ---- | M] () -- C:\Users\Luis\Desktop\dell 23.url
[2011/11/23 22:27:16 | 000,003,270 | ---- | M] () -- C:\Windows\DesktopOK.ini
[2011/11/23 21:08:13 | 000,000,215 | ---- | M] () -- C:\Users\Luis\Desktop\G Maps.url
[2011/11/23 15:36:41 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Luis\AppData\Roaming\pcouffin.sys
[2011/11/23 15:36:41 | 000,007,859 | ---- | M] () -- C:\Users\Luis\AppData\Roaming\pcouffin.cat
[2011/11/23 15:36:41 | 000,001,167 | ---- | M] () -- C:\Users\Luis\AppData\Roaming\pcouffin.inf
[2011/11/22 20:27:22 | 000,000,312 | ---- | M] () -- C:\Users\Luis\Desktop\wd 2tb me.url
[2011/11/21 23:50:31 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/11/21 20:20:28 | 000,007,867 | ---- | M] () -- C:\Windows\Irremote.ini
[2011/11/21 19:06:58 | 000,000,314 | ---- | M] () -- C:\Users\Luis\Desktop\newegg.url
[2011/11/21 09:41:45 | 000,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2011/11/21 09:41:45 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/11/21 09:41:45 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/11/21 09:41:45 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/11/20 02:24:05 | 000,001,208 | ---- | M] () -- C:\Users\Luis\Desktop\WinAvi.lnk
[2011/11/19 23:53:45 | 000,384,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/19 23:47:43 | 000,000,150 | ---- | M] () -- C:\Windows\Sierra.ini
[2011/11/19 22:47:44 | 000,001,397 | ---- | M] () -- C:\Users\Luis\Desktop\NY Post.url
[2011/11/19 22:47:13 | 000,000,260 | ---- | M] () -- C:\Users\Luis\Desktop\Lottery.url
[2011/11/19 22:46:49 | 000,000,578 | ---- | M] () -- C:\Users\Luis\Desktop\Amazon Feed.url
[2011/11/19 22:46:19 | 000,001,545 | ---- | M] () -- C:\Users\Luis\Desktop\dexter.url
[2011/11/19 22:45:34 | 000,000,578 | ---- | M] () -- C:\Users\Luis\Desktop\PayPal shipping.url
[2011/11/19 22:44:57 | 000,000,298 | ---- | M] () -- C:\Users\Luis\Desktop\PayPal.url
[2011/11/19 22:44:16 | 000,000,415 | ---- | M] () -- C:\Users\Luis\Desktop\dell 8300 refurb.url
[2011/11/19 22:43:16 | 000,000,318 | ---- | M] () -- C:\Users\Luis\Desktop\My eBay.url
[2011/11/19 22:42:22 | 000,000,291 | ---- | M] () -- C:\Users\Luis\Desktop\Andale.url
[2011/11/19 22:41:40 | 000,008,662 | ---- | M] () -- C:\Users\Luis\Desktop\% Gainers.url
[2011/11/19 22:41:17 | 000,000,370 | ---- | M] () -- C:\Users\Luis\Desktop\charles clist.url
[2011/11/19 22:40:55 | 000,000,272 | ---- | M] () -- C:\Users\Luis\Desktop\kitco sil.url
[2011/11/19 22:40:35 | 000,000,440 | ---- | M] () -- C:\Users\Luis\Desktop\nel jcof.url
[2011/11/19 22:40:14 | 000,000,317 | ---- | M] () -- C:\Users\Luis\Desktop\charles ebay.url
[2011/11/19 22:39:45 | 000,001,269 | ---- | M] () -- C:\Users\Luis\Desktop\Jilgx.url
[2011/11/19 22:39:22 | 000,009,879 | ---- | M] () -- C:\Users\Luis\Desktop\jcof.url
[2011/11/19 22:38:26 | 000,074,568 | ---- | M] () -- C:\Users\Luis\Desktop\arora report.url
[2011/11/19 22:37:27 | 000,000,587 | ---- | M] () -- C:\Users\Luis\Desktop\Bloom Futures.url
[2011/11/19 22:37:03 | 000,000,251 | ---- | M] () -- C:\Users\Luis\Desktop\CraigsList.url
[2011/11/19 22:36:34 | 000,006,444 | ---- | M] () -- C:\Users\Luis\Desktop\stocks.url
[2011/11/19 22:35:08 | 000,002,062 | ---- | M] () -- C:\Users\Luis\Desktop\Weather.url
[2011/11/19 22:34:11 | 000,000,188 | ---- | M] () -- C:\Users\Luis\Desktop\Face Jess.url
[2011/11/19 22:29:02 | 000,004,047 | ---- | M] () -- C:\Users\Luis\Desktop\Slickdeals.url
[2011/11/19 21:09:58 | 000,082,816 | ---- | M] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin.sys
[2011/11/19 19:25:23 | 000,252,512 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2011/11/19 19:25:21 | 001,477,728 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm258.sys
[2011/11/19 19:25:17 | 000,943,712 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2011/11/19 19:25:12 | 000,271,456 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2011/11/19 02:22:07 | 000,001,200 | ---- | M] () -- C:\Users\Luis\Desktop\Downloads.lnk
[2011/11/19 00:29:26 | 000,005,560 | ---- | M] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2011/11/18 19:08:01 | 000,002,222 | ---- | M] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail.lnk
[2011/11/18 19:00:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_GenericMount_01009.Wdf
[2011/11/18 08:29:09 | 000,005,005 | ---- | M] () -- C:\Windows\HCWPNP.INI
[2011/11/18 08:02:34 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/18 01:24:53 | 000,000,970 | ---- | M] () -- C:\Users\Luis\Desktop\MW3.lnk
[2011/11/18 00:18:57 | 000,001,340 | ---- | M] () -- C:\Users\Luis\Desktop\explorer.lnk
[2011/11/17 23:21:15 | 000,000,428 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Luis - Full System Scan.job
[2011/11/17 22:44:03 | 000,002,444 | ---- | M] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\ClearHistory.lnk
[2011/11/17 21:11:48 | 000,561,800 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\cchpx64.sys
[2011/11/17 21:11:48 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\isolate.ini
[2011/11/17 21:08:52 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/11/17 21:08:52 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/11/17 21:08:52 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/11/17 21:08:41 | 000,009,412 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symnetv.cat
[2011/11/17 21:08:41 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNetV.inf
[2011/11/17 20:56:10 | 000,000,208 | ---- | M] () -- C:\Users\Luis\Desktop\Yahoo!.url
[2011/11/17 16:34:28 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/11/17 16:34:28 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/11/17 10:12:33 | 000,000,571 | ---- | M] () -- C:\Users\Luis\Desktop\evga 560ti 2gb.url
[2011/11/11 22:13:42 | 000,000,551 | ---- | M] () -- C:\Users\Luis\Desktop\Modern Warfare 3 Spec Ops Walkthrough GameFront.url
[2011/11/03 13:03:36 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011/11/03 12:08:18 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/11/03 12:07:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/11/03 10:51:38 | 000,000,051 | ---- | M] () -- C:\Windows\smsts.ini
[2011/11/03 10:29:08 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll

========== Files Created - No Company Name ==========

[2011/11/28 08:54:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/28 08:54:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/28 08:54:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/28 08:54:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/28 08:54:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/28 03:16:10 | 000,000,377 | ---- | C] () -- C:\Users\Luis\Desktop\geeks to go.url
[2011/11/28 01:30:06 | 000,045,004 | ---- | C] () -- C:\Users\Luis\Desktop\dex ep9.torrent
[2011/11/28 00:11:30 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\rtvcvfw32.dll
[2011/11/27 19:25:05 | 000,004,096 | -HS- | C] () -- C:\VSNAP.IDX
[2011/11/27 18:33:33 | 000,000,952 | ---- | C] () -- C:\Users\Luis\Desktop\ati phone number.url
[2011/11/27 11:53:32 | 000,000,573 | ---- | C] () -- C:\Users\Luis\Desktop\Dell 24 calibration.url
[2011/11/27 07:58:34 | 000,000,312 | ---- | C] () -- C:\Users\Luis\Desktop\wd 1tb daurys18.url
[2011/11/26 19:27:30 | 000,000,312 | ---- | C] () -- C:\Users\Luis\Desktop\wd 2tb mjcizme.url
[2011/11/26 18:13:08 | 000,000,360 | ---- | C] () -- C:\Users\Luis\Desktop\dell 23.url
[2011/11/23 21:08:13 | 000,000,215 | ---- | C] () -- C:\Users\Luis\Desktop\G Maps.url
[2011/11/23 00:38:55 | 000,000,312 | ---- | C] () -- C:\Users\Luis\Desktop\wd 2tb me.url
[2011/11/21 23:18:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/11/21 20:06:09 | 000,007,867 | ---- | C] () -- C:\Windows\Irremote.ini
[2011/11/21 19:06:57 | 000,000,314 | ---- | C] () -- C:\Users\Luis\Desktop\newegg.url
[2011/11/20 17:42:11 | 000,032,256 | ---- | C] () -- C:\Users\Luis\Documents\happy anniversary.pa
[2011/11/20 17:41:59 | 000,111,104 | ---- | C] () -- C:\Users\Luis\Documents\Dchart2.pa
[2011/11/20 17:41:59 | 000,073,728 | ---- | C] () -- C:\Users\Luis\Documents\eve 44th birthday.pa
[2011/11/20 17:41:59 | 000,046,592 | ---- | C] () -- C:\Users\Luis\Documents\birthday card.pa
[2011/11/20 17:41:59 | 000,040,960 | ---- | C] () -- C:\Users\Luis\Documents\Dchart3 extension.pa
[2011/11/20 17:41:59 | 000,039,936 | ---- | C] () -- C:\Users\Luis\Documents\Dchart.pa
[2011/11/19 23:34:55 | 000,000,150 | ---- | C] () -- C:\Windows\Sierra.ini
[2011/11/19 22:44:16 | 000,000,415 | ---- | C] () -- C:\Users\Luis\Desktop\dell 8300 refurb.url
[2011/11/19 22:29:02 | 000,004,047 | ---- | C] () -- C:\Users\Luis\Desktop\Slickdeals.url
[2011/11/19 21:09:58 | 000,007,859 | ---- | C] () -- C:\Users\Luis\AppData\Roaming\pcouffin.cat
[2011/11/19 21:09:58 | 000,001,167 | ---- | C] () -- C:\Users\Luis\AppData\Roaming\pcouffin.inf
[2011/11/19 19:53:18 | 000,000,724 | ---- | C] () -- C:\Windows\ULead32.ini
[2011/11/19 08:58:35 | 000,002,062 | ---- | C] () -- C:\Users\Luis\Desktop\Weather.url
[2011/11/19 08:58:35 | 000,000,370 | ---- | C] () -- C:\Users\Luis\Desktop\charles clist.url
[2011/11/19 08:58:35 | 000,000,318 | ---- | C] () -- C:\Users\Luis\Desktop\My eBay.url
[2011/11/19 08:58:35 | 000,000,291 | ---- | C] () -- C:\Users\Luis\Desktop\Andale.url
[2011/11/19 08:58:35 | 000,000,251 | ---- | C] () -- C:\Users\Luis\Desktop\CraigsList.url
[2011/11/19 08:58:34 | 000,074,568 | ---- | C] () -- C:\Users\Luis\Desktop\arora report.url
[2011/11/19 08:58:34 | 000,009,879 | ---- | C] () -- C:\Users\Luis\Desktop\jcof.url
[2011/11/19 08:58:34 | 000,008,662 | ---- | C] () -- C:\Users\Luis\Desktop\% Gainers.url
[2011/11/19 08:58:34 | 000,006,444 | ---- | C] () -- C:\Users\Luis\Desktop\stocks.url
[2011/11/19 08:58:34 | 000,001,269 | ---- | C] () -- C:\Users\Luis\Desktop\Jilgx.url
[2011/11/19 08:58:34 | 000,001,208 | ---- | C] () -- C:\Users\Luis\Desktop\WinAvi.lnk
[2011/11/19 08:58:34 | 000,000,870 | ---- | C] () -- C:\Users\Luis\Desktop\torrents.lnk
[2011/11/19 08:58:34 | 000,000,587 | ---- | C] () -- C:\Users\Luis\Desktop\Bloom Futures.url
[2011/11/19 08:58:34 | 000,000,551 | ---- | C] () -- C:\Users\Luis\Desktop\Modern Warfare 3 Spec Ops Walkthrough GameFront.url
[2011/11/19 08:58:34 | 000,000,440 | ---- | C] () -- C:\Users\Luis\Desktop\nel jcof.url
[2011/11/19 08:58:34 | 000,000,437 | ---- | C] () -- C:\Users\Luis\Desktop\LTemp.lnk
[2011/11/19 08:58:34 | 000,000,417 | ---- | C] () -- C:\Users\Luis\Desktop\Desktop Pics.lnk
[2011/11/19 08:58:34 | 000,000,317 | ---- | C] () -- C:\Users\Luis\Desktop\charles ebay.url
[2011/11/19 08:58:34 | 000,000,272 | ---- | C] () -- C:\Users\Luis\Desktop\kitco sil.url
[2011/11/19 08:58:34 | 000,000,212 | ---- | C] () -- C:\Users\Luis\Desktop\short feed.url
[2011/11/19 08:58:34 | 000,000,208 | ---- | C] () -- C:\Users\Luis\Desktop\buy feed.url
[2011/11/19 08:58:34 | 000,000,188 | ---- | C] () -- C:\Users\Luis\Desktop\Face Jess.url
[2011/11/19 08:57:22 | 000,001,545 | ---- | C] () -- C:\Users\Luis\Desktop\dexter.url
[2011/11/19 08:57:22 | 000,001,392 | ---- | C] () -- C:\Users\Luis\Desktop\Dad 3750 Shared.lnk
[2011/11/19 08:57:22 | 000,000,578 | ---- | C] () -- C:\Users\Luis\Desktop\Amazon Feed.url
[2011/11/19 08:57:18 | 000,001,397 | ---- | C] () -- C:\Users\Luis\Desktop\NY Post.url
[2011/11/19 08:57:18 | 000,000,578 | ---- | C] () -- C:\Users\Luis\Desktop\PayPal shipping.url
[2011/11/19 08:57:18 | 000,000,571 | ---- | C] () -- C:\Users\Luis\Desktop\evga 560ti 2gb.url
[2011/11/19 08:57:17 | 000,001,621 | ---- | C] () -- C:\Users\Luis\Desktop\JessDad Shared.lnk
[2011/11/19 08:57:17 | 000,001,343 | ---- | C] () -- C:\Users\Luis\Desktop\Amazon.url
[2011/11/19 08:57:17 | 000,000,675 | ---- | C] () -- C:\Users\Luis\Desktop\Nightmare Next Door.url
[2011/11/19 08:57:17 | 000,000,298 | ---- | C] () -- C:\Users\Luis\Desktop\PayPal.url
[2011/11/19 08:57:17 | 000,000,260 | ---- | C] () -- C:\Users\Luis\Desktop\Lottery.url
[2011/11/19 08:55:43 | 000,003,270 | ---- | C] () -- C:\Windows\DesktopOK.ini
[2011/11/18 20:16:10 | 000,002,222 | ---- | C] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail.lnk
[2011/11/18 19:00:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_GenericMount_01009.Wdf
[2011/11/18 18:51:40 | 000,001,200 | ---- | C] () -- C:\Users\Luis\Desktop\Downloads.lnk
[2011/11/18 18:40:22 | 000,005,560 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2011/11/18 12:22:14 | 000,000,794 | ---- | C] () -- C:\Users\Luis\Desktop\Amazon credit.url
[2011/11/18 10:38:34 | 000,215,144 | R--- | C] () -- C:\Windows\patchw32.dll
[2011/11/18 08:29:04 | 000,005,005 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2011/11/18 01:24:53 | 000,000,970 | ---- | C] () -- C:\Users\Luis\Desktop\MW3.lnk
[2011/11/18 00:18:05 | 000,001,340 | ---- | C] () -- C:\Users\Luis\Desktop\explorer.lnk
[2011/11/17 23:14:07 | 000,007,603 | ---- | C] () -- C:\Users\Luis\AppData\Local\Resmon.ResmonCfg
[2011/11/17 22:51:45 | 000,000,428 | ---- | C] () -- C:\Windows\tasks\Norton Internet Security - Luis - Full System Scan.job
[2011/11/17 22:44:03 | 000,002,444 | ---- | C] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\ClearHistory.lnk
[2011/11/17 22:41:46 | 000,000,049 | ---- | C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClearHistory.cmd
[2011/11/17 21:13:06 | 001,427,318 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\Cat.DB
[2011/11/17 21:11:54 | 000,009,415 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNet.cat
[2011/11/17 21:11:54 | 000,009,412 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symnetv.cat
[2011/11/17 21:11:54 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\ccHPx64.cat
[2011/11/17 21:11:54 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtsp64.cat
[2011/11/17 21:11:54 | 000,007,401 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtspx64.cat
[2011/11/17 21:11:54 | 000,007,399 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymEFA64.cat
[2011/11/17 21:11:54 | 000,007,362 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\bhdrvx64.cat
[2011/11/17 21:11:54 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymEFA.inf
[2011/11/17 21:11:54 | 000,001,836 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\ccHPx64.inf
[2011/11/17 21:11:54 | 000,001,481 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNetV.inf
[2011/11/17 21:11:54 | 000,001,479 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNet.inf
[2011/11/17 21:11:54 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtsp64.inf
[2011/11/17 21:11:54 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\srtspx64.inf
[2011/11/17 21:11:54 | 000,000,640 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\BHDrvx64.inf
[2011/11/17 21:11:48 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\isolate.ini
[2011/11/17 20:56:10 | 000,000,208 | ---- | C] () -- C:\Users\Luis\Desktop\Yahoo!.url
[2011/11/17 20:42:53 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/11/17 20:42:53 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/11/17 16:41:28 | 003,256,320 | ---- | C] () -- C:\Windows\SysWow64\camuhcat.exe
[2011/11/17 16:41:28 | 000,860,160 | ---- | C] () -- C:\Windows\SysWow64\capimvoc.dll
[2011/11/17 16:41:28 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ntefipx.dll
[2011/11/17 16:41:28 | 000,123,783 | ---- | C] () -- C:\Windows\SysWow64\setipreg32.dll
[2011/11/17 16:36:00 | 000,000,290 | ---- | C] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/17 16:36:00 | 000,000,272 | ---- | C] () -- C:\Users\Luis\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/03 13:03:36 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2011/11/03 13:03:35 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2011/11/03 13:00:33 | 000,000,028 | ---- | C] () -- C:\Windows\version
[2011/11/03 12:54:42 | 000,376,836 | ---- | C] () -- C:\Windows\SysNative\drivers\hcw85enc.rom
[2011/11/03 12:54:42 | 000,016,382 | ---- | C] () -- C:\Windows\SysNative\drivers\hcw85mlD.rom
[2011/11/03 12:08:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/11/03 12:07:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/11/03 12:06:11 | 1059,934,206 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/03 10:11:59 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini
[2011/10/25 21:21:54 | 000,066,560 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo64.dll
[2011/10/25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/25 21:21:40 | 000,066,560 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder64.dll
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/25 20:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/10/25 20:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/08/03 16:14:04 | 000,215,144 | R--- | C] () -- C:\Windows\pw32a.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\ProgramData\Temp:02A62A91

< End of report >


OTL Extras logfile created on: 11/28/2011 9:24:02 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Luis\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 10.34 Gb Available Physical Memory | 86.33% Memory free
41.28 Gb Paging File | 39.49 Gb Available in Paging File | 95.67% Paging File free
Paging file location(s): c:\pagefile.sys 30000 40000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.84 Gb Total Space | 531.99 Gb Free Space | 57.96% Space Free | Partition Type: NTFS
Drive F: | 917.84 Gb Total Space | 211.78 Gb Free Space | 23.07% Space Free | Partition Type: NTFS

Computer Name: LUIS | User Name: Luis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{4BE9F0B8-FF3D-5CAA-9BF2-CB6F3DF75D3B}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.18
"EPSON Printer and Utilities" = EPSON Printer Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BF82343-8EE6-8B76-90CF-31059B9D1842}" = CCC Help English
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{3081E111-C2BC-40DE-ABB8-7B4B30C2F140}" = Splashtop Remote Client
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{48963B63-7A10-49D6-8B08-61E6132453D0}" = ViewSonic Monitor Drivers x64
"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"{54F073B8-7E88-45FE-9648-61F77EC02E0D}" = Freedom Art Collection
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis True Image Home
"{6984B5E1-721C-4F8E-BF5A-ED5F45D90EB6}" = CyberPower PowerPanel Personal Edition 1.3.2
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{70C3CC75-9E14-D215-8FAD-5ABEAE3125D9}" = Catalyst Control Center
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EDBB857-8028-49CD-B9C9-0B4D10CD1033}" = Nero 8
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AF094932-91E6-4EF8-8AB8-1C7226DFEECB}" = HCW85 Driver Installer
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E9A1960E-7756-2299-C700-DC7CA6EDD6E4}" = Catalyst Control Center InstallProxy
"{E9D98510-A8B6-E39C-B8BA-BA9A511E040C}" = Catalyst Control Center Graphics Previews Common
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F68DF664-1C34-48B2-BE8D-AF26F6CFFE90}" = Holiday Art Collection
"{FC47C7A5-BE63-11D5-B7C9-005004566E4D}" = ViewSonic Windows 7 x64 Signed Files
"Afterburner" = MSI Afterburner 2.1.0
"ChoiceMail 4.2" = ChoiceMail 4.2
"CleanUp!" = CleanUp!
"EPSON Scanner" = EPSON Scan
"Fraps" = Fraps
"HijackThis" = HijackThis 2.0.2
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{3081E111-C2BC-40DE-ABB8-7B4B30C2F140}" = Splashtop Remote Client
"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Lock my Folder" = Lock my Folder
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"NIS" = Norton Internet Security
"Print Artist 2003" = Print Artist 2003
"SpywareBlaster_is1" = SpywareBlaster 4.4
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.7
"WinAVI All in One Converter" = WinAVI All in One Converter
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/25/2011 7:41:01 AM | Computer Name = Luis | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\Nero\Nero8\nero
photosnap\PhotoSnapViewer.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 11/25/2011 7:41:03 AM | Computer Name = Luis | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\Nero\Nero8\nero
toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 11/25/2011 7:27:46 PM | Computer Name = Luis | Source = WinMgmt | ID = 10
Description =

Error - 11/26/2011 8:29:09 AM | Computer Name = Luis | Source = WinMgmt | ID = 10
Description =

Error - 11/26/2011 9:48:29 AM | Computer Name = Luis | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 11/26/2011 9:48:54 AM | Computer Name = Luis | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\Nero\Nero8\nero
photosnap\PhotoSnap.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 11/26/2011 9:48:54 AM | Computer Name = Luis | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\Nero\Nero8\nero
photosnap\PhotoSnapViewer.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 11/26/2011 9:48:55 AM | Computer Name = Luis | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\Nero\Nero8\nero
toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 11/26/2011 7:11:37 PM | Computer Name = Luis | Source = WinMgmt | ID = 10
Description =

Error - 11/26/2011 8:12:55 PM | Computer Name = Luis | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 11/27/2011 10:41:45 PM | Computer Name = Luis | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/27/2011 10:41:47 PM | Computer Name = Luis | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/27/2011 10:49:28 PM | Computer Name = Luis | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/27/2011 10:49:30 PM | Computer Name = Luis | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/27/2011 10:49:31 PM | Computer Name = Luis | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/27/2011 10:49:33 PM | Computer Name = Luis | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/27/2011 10:49:34 PM | Computer Name = Luis | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/27/2011 11:56:30 PM | Computer Name = Luis | Source = Service Control Manager | ID = 7000
Description = The RivaTuner64 service failed to start due to the following error:
%%577

Error - 11/27/2011 11:56:31 PM | Computer Name = Luis | Source = Service Control Manager | ID = 7000
Description = The RivaTuner64 service failed to start due to the following error:
%%577

Error - 11/27/2011 11:56:32 PM | Computer Name = Luis | Source = Service Control Manager | ID = 7000
Description = The RivaTuner64 service failed to start due to the following error:
%%577


< End of report >
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Run TDSSKiller again just as before but this time change the SKIP to Quarantine or Delete for the TDSS File System detection and let it remove it. then reboot and run it again and post the log.

Uninstall Java™ 6 Update 13 - It is too old and dangerous to have on your PC. Get the latest version from Java.com



Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:OTL
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
sc config RivaTuner64 start= disabled /c

    
:Commands
[RESETHOSTS]
[EMPTYJAVA]
[EMPTYFLASH]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Nero 8 and Windows Live - Moviemaker both had install problems. Not sure they are quite ready for 64 bit systems. Something called RivaTuner64 is trying to run an invalid program. Don't see it in the install list so not sure what it is. Turning it off with OTL.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#5
louuu

louuu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 223 posts
heres the info you requested after i did all the steps you asked for. heres a few notes regarding what happened:

when i tried to uninstall java13 it didnt let me. it came up with error "internal error 2753. regutils.dll". so java13 is still in my programs and features as an installed program.

nero is running fine and working for me. i havent used windows movie maker. rivatuner was an old program that i uninstalled and no longer needed, so whatever you removed from that program is fine.

when i did the event viewer steps for logs and applications and rebooted, no check disk ran at all and my system just booted up again.

lastly, when i rebooted, norton is still finding and quarantining boot.tidserv.

below are the logs.

tdsskiller log:
---------------
11:19:37.0164 5692 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
11:19:37.0404 5692 ============================================================
11:19:37.0404 5692 Current date / time: 2011/11/28 11:19:37.0404
11:19:37.0404 5692 SystemInfo:
11:19:37.0404 5692
11:19:37.0404 5692 OS Version: 6.1.7601 ServicePack: 1.0
11:19:37.0404 5692 Product type: Workstation
11:19:37.0404 5692 ComputerName: LUIS
11:19:37.0404 5692 UserName: Luis
11:19:37.0404 5692 Windows directory: C:\Windows
11:19:37.0404 5692 System windows directory: C:\Windows
11:19:37.0404 5692 Running under WOW64
11:19:37.0404 5692 Processor architecture: Intel x64
11:19:37.0404 5692 Number of processors: 8
11:19:37.0404 5692 Page size: 0x1000
11:19:37.0404 5692 Boot type: Normal boot
11:19:37.0404 5692 ============================================================
11:19:39.0184 5692 Initialize success
11:19:44.0994 6056 ============================================================
11:19:44.0994 6056 Scan started
11:19:44.0994 6056 Mode: Manual; SigCheck; TDLFS;
11:19:44.0994 6056 ============================================================
11:19:46.0124 6056 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:19:46.0384 6056 1394ohci - ok
11:19:46.0464 6056 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:19:46.0504 6056 ACPI - ok
11:19:46.0544 6056 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:19:46.0794 6056 AcpiPmi - ok
11:19:47.0074 6056 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:19:47.0134 6056 adp94xx - ok
11:19:47.0254 6056 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:19:47.0294 6056 adpahci - ok
11:19:47.0464 6056 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:19:47.0514 6056 adpu320 - ok
11:19:47.0654 6056 afcdp (d9a76e6e541e2e61c78140b65db63e6a) C:\Windows\system32\DRIVERS\afcdp.sys
11:19:47.0754 6056 afcdp - ok
11:19:47.0814 6056 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
11:19:47.0874 6056 AFD - ok
11:19:47.0884 6056 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:19:47.0904 6056 agp440 - ok
11:19:47.0904 6056 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:19:47.0944 6056 aliide - ok
11:19:48.0004 6056 ALSysIO - ok
11:19:48.0044 6056 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:19:48.0064 6056 amdide - ok
11:19:48.0094 6056 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:19:48.0154 6056 AmdK8 - ok
11:19:48.0434 6056 amdkmdag (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
11:19:48.0644 6056 amdkmdag - ok
11:19:48.0684 6056 amdkmdap (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
11:19:48.0714 6056 amdkmdap - ok
11:19:48.0744 6056 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:19:48.0774 6056 AmdPPM - ok
11:19:48.0804 6056 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:19:48.0814 6056 amdsata - ok
11:19:48.0844 6056 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:19:48.0854 6056 amdsbs - ok
11:19:48.0864 6056 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:19:48.0884 6056 amdxata - ok
11:19:48.0934 6056 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:19:49.0064 6056 AppID - ok
11:19:49.0114 6056 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:19:49.0134 6056 arc - ok
11:19:49.0174 6056 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:19:49.0194 6056 arcsas - ok
11:19:49.0214 6056 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:19:49.0324 6056 AsyncMac - ok
11:19:49.0374 6056 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:19:49.0394 6056 atapi - ok
11:19:49.0444 6056 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
11:19:49.0484 6056 AtiHDAudioService - ok
11:19:49.0524 6056 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:19:49.0604 6056 b06bdrv - ok
11:19:49.0644 6056 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:19:49.0694 6056 b57nd60a - ok
11:19:49.0704 6056 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:19:49.0744 6056 Beep - ok
11:19:49.0834 6056 BHDrvx64 (4d7f8401eae7eaa4ef702fa6f4153269) C:\Windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys
11:19:49.0864 6056 BHDrvx64 - ok
11:19:49.0884 6056 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:19:49.0904 6056 blbdrive - ok
11:19:49.0934 6056 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:19:49.0954 6056 bowser - ok
11:19:49.0974 6056 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:19:49.0994 6056 BrFiltLo - ok
11:19:50.0024 6056 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:19:50.0054 6056 BrFiltUp - ok
11:19:50.0074 6056 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:19:50.0114 6056 Brserid - ok
11:19:50.0124 6056 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:19:50.0144 6056 BrSerWdm - ok
11:19:50.0174 6056 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:19:50.0204 6056 BrUsbMdm - ok
11:19:50.0234 6056 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:19:50.0264 6056 BrUsbSer - ok
11:19:50.0274 6056 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:19:50.0304 6056 BTHMODEM - ok
11:19:50.0334 6056 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
11:19:50.0364 6056 BTHPORT - ok
11:19:50.0384 6056 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
11:19:50.0404 6056 BTHUSB - ok
11:19:50.0424 6056 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
11:19:50.0454 6056 btwampfl - ok
11:19:50.0474 6056 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys
11:19:50.0494 6056 btwavdt - ok
11:19:50.0504 6056 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\drivers\btwrchid.sys
11:19:50.0514 6056 btwrchid - ok
11:19:50.0534 6056 catchme - ok
11:19:50.0614 6056 ccHP (a2e6ab452b9393ca8d11d28827e0e1a1) C:\Windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys
11:19:50.0654 6056 ccHP - ok
11:19:50.0784 6056 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:19:50.0934 6056 cdfs - ok
11:19:50.0964 6056 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:19:51.0004 6056 cdrom - ok
11:19:51.0034 6056 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:19:51.0054 6056 circlass - ok
11:19:51.0074 6056 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:19:51.0094 6056 CLFS - ok
11:19:51.0104 6056 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:19:51.0124 6056 CmBatt - ok
11:19:51.0134 6056 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:19:51.0144 6056 cmdide - ok
11:19:51.0154 6056 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
11:19:51.0174 6056 CNG - ok
11:19:51.0204 6056 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:19:51.0244 6056 Compbatt - ok
11:19:51.0264 6056 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:19:51.0314 6056 CompositeBus - ok
11:19:51.0334 6056 cpuz130 - ok
11:19:51.0354 6056 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
11:19:51.0384 6056 cpuz135 - ok
11:19:51.0394 6056 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:19:51.0414 6056 crcdisk - ok
11:19:51.0434 6056 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:19:51.0474 6056 DfsC - ok
11:19:51.0494 6056 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:19:51.0524 6056 discache - ok
11:19:51.0534 6056 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:19:51.0544 6056 Disk - ok
11:19:51.0574 6056 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:19:51.0584 6056 drmkaud - ok
11:19:51.0604 6056 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:19:51.0624 6056 DXGKrnl - ok
11:19:51.0704 6056 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:19:51.0794 6056 ebdrv - ok
11:19:51.0854 6056 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:19:51.0894 6056 eeCtrl - ok
11:19:51.0914 6056 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:19:51.0944 6056 elxstor - ok
11:19:51.0954 6056 ENTECH64 (12c061d9f9621be916d58191872ec281) C:\Windows\system32\DRIVERS\ENTECH64.sys
11:19:51.0974 6056 ENTECH64 - ok
11:19:52.0074 6056 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:19:52.0104 6056 EraserUtilRebootDrv - ok
11:19:52.0114 6056 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:19:52.0144 6056 ErrDev - ok
11:19:52.0174 6056 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:19:52.0224 6056 exfat - ok
11:19:52.0234 6056 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:19:52.0274 6056 fastfat - ok
11:19:52.0284 6056 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:19:52.0304 6056 fdc - ok
11:19:52.0334 6056 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:19:52.0354 6056 FileInfo - ok
11:19:52.0354 6056 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:19:52.0404 6056 Filetrace - ok
11:19:52.0414 6056 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:19:52.0424 6056 flpydisk - ok
11:19:52.0464 6056 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:19:52.0484 6056 FltMgr - ok
11:19:52.0494 6056 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:19:52.0514 6056 FsDepends - ok
11:19:52.0524 6056 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:19:52.0544 6056 Fs_Rec - ok
11:19:52.0544 6056 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:19:52.0564 6056 fvevol - ok
11:19:52.0624 6056 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:19:52.0664 6056 gagp30kx - ok
11:19:52.0704 6056 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:19:52.0734 6056 GEARAspiWDM - ok
11:19:52.0784 6056 GenericMount (9ba50351af95c9df28c8bcd382427d11) C:\Windows\system32\DRIVERS\GenericMount.sys
11:19:52.0814 6056 GenericMount - ok
11:19:52.0884 6056 HCW85BDA (6d0f56d217545e2d0addbf301b35260f) C:\Windows\system32\drivers\HCW85BDA.sys
11:19:52.0974 6056 HCW85BDA - ok
11:19:52.0994 6056 hcw85cir (c3097ddf0618315438a660ce34cab4e6) C:\Windows\system32\drivers\hcw85cir3.sys
11:19:53.0054 6056 hcw85cir - ok
11:19:53.0084 6056 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:19:53.0124 6056 HDAudBus - ok
11:19:53.0144 6056 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:19:53.0194 6056 HidBatt - ok
11:19:53.0224 6056 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:19:53.0254 6056 HidBth - ok
11:19:53.0264 6056 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:19:53.0294 6056 HidIr - ok
11:19:53.0314 6056 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:19:53.0334 6056 HidUsb - ok
11:19:53.0354 6056 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:19:53.0374 6056 HpSAMD - ok
11:19:53.0394 6056 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:19:53.0444 6056 HTTP - ok
11:19:53.0464 6056 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:19:53.0484 6056 hwpolicy - ok
11:19:53.0494 6056 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:19:53.0514 6056 i8042prt - ok
11:19:53.0564 6056 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:19:53.0604 6056 iaStorV - ok
11:19:53.0704 6056 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20111124.030\IDSvia64.sys
11:19:53.0744 6056 IDSVia64 - ok
11:19:53.0754 6056 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:19:53.0774 6056 iirsp - ok
11:19:53.0804 6056 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
11:19:53.0844 6056 Impcd - ok
11:19:53.0914 6056 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
11:19:53.0964 6056 IntcAzAudAddService - ok
11:19:54.0004 6056 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:19:54.0044 6056 IntcDAud - ok
11:19:54.0054 6056 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:19:54.0074 6056 intelide - ok
11:19:54.0124 6056 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:19:54.0164 6056 intelppm - ok
11:19:54.0174 6056 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:19:54.0214 6056 IpFilterDriver - ok
11:19:54.0254 6056 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:19:54.0294 6056 IPMIDRV - ok
11:19:54.0334 6056 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:19:54.0404 6056 IPNAT - ok
11:19:54.0434 6056 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:19:54.0494 6056 IRENUM - ok
11:19:54.0524 6056 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:19:54.0534 6056 isapnp - ok
11:19:54.0554 6056 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:19:54.0584 6056 iScsiPrt - ok
11:19:54.0634 6056 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys
11:19:54.0664 6056 k57nd60a - ok
11:19:54.0674 6056 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:19:54.0684 6056 kbdclass - ok
11:19:54.0724 6056 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:19:54.0764 6056 kbdhid - ok
11:19:54.0764 6056 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
11:19:54.0774 6056 KSecDD - ok
11:19:54.0784 6056 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
11:19:54.0804 6056 KSecPkg - ok
11:19:54.0804 6056 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:19:54.0844 6056 ksthunk - ok
11:19:54.0884 6056 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:19:54.0944 6056 lltdio - ok
11:19:54.0964 6056 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:19:54.0984 6056 LSI_FC - ok
11:19:54.0994 6056 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:19:55.0004 6056 LSI_SAS - ok
11:19:55.0024 6056 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:19:55.0034 6056 LSI_SAS2 - ok
11:19:55.0044 6056 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:19:55.0064 6056 LSI_SCSI - ok
11:19:55.0064 6056 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:19:55.0094 6056 luafv - ok
11:19:55.0104 6056 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:19:55.0124 6056 megasas - ok
11:19:55.0134 6056 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:19:55.0154 6056 MegaSR - ok
11:19:55.0184 6056 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
11:19:55.0204 6056 MEIx64 - ok
11:19:55.0214 6056 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:19:55.0244 6056 Modem - ok
11:19:55.0294 6056 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:19:55.0334 6056 monitor - ok
11:19:55.0344 6056 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:19:55.0364 6056 mouclass - ok
11:19:55.0384 6056 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:19:55.0414 6056 mouhid - ok
11:19:55.0424 6056 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:19:55.0444 6056 mountmgr - ok
11:19:55.0454 6056 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:19:55.0464 6056 mpio - ok
11:19:55.0474 6056 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:19:55.0504 6056 mpsdrv - ok
11:19:55.0534 6056 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:19:55.0584 6056 MRxDAV - ok
11:19:55.0594 6056 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:19:55.0634 6056 mrxsmb - ok
11:19:55.0694 6056 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:19:55.0724 6056 mrxsmb10 - ok
11:19:55.0744 6056 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:19:55.0764 6056 mrxsmb20 - ok
11:19:55.0784 6056 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:19:55.0804 6056 msahci - ok
11:19:55.0824 6056 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:19:55.0844 6056 msdsm - ok
11:19:55.0854 6056 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:19:55.0884 6056 Msfs - ok
11:19:55.0894 6056 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:19:55.0934 6056 mshidkmdf - ok
11:19:55.0954 6056 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:19:55.0964 6056 msisadrv - ok
11:19:55.0984 6056 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:19:56.0024 6056 MSKSSRV - ok
11:19:56.0044 6056 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:19:56.0094 6056 MSPCLOCK - ok
11:19:56.0094 6056 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:19:56.0124 6056 MSPQM - ok
11:19:56.0134 6056 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:19:56.0144 6056 MsRPC - ok
11:19:56.0154 6056 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:19:56.0164 6056 mssmbios - ok
11:19:56.0174 6056 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:19:56.0204 6056 MSTEE - ok
11:19:56.0204 6056 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:19:56.0224 6056 MTConfig - ok
11:19:56.0234 6056 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:19:56.0244 6056 Mup - ok
11:19:56.0274 6056 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:19:56.0314 6056 NativeWifiP - ok
11:19:56.0414 6056 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20111127.005\ENG64.SYS
11:19:56.0444 6056 NAVENG - ok
11:19:56.0494 6056 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20111127.005\EX64.SYS
11:19:56.0524 6056 NAVEX15 - ok
11:19:56.0584 6056 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:19:56.0624 6056 NDIS - ok
11:19:56.0644 6056 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:19:56.0674 6056 NdisCap - ok
11:19:56.0694 6056 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:19:56.0734 6056 NdisTapi - ok
11:19:56.0754 6056 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:19:56.0794 6056 Ndisuio - ok
11:19:56.0814 6056 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:19:56.0874 6056 NdisWan - ok
11:19:56.0874 6056 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:19:56.0904 6056 NDProxy - ok
11:19:56.0954 6056 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:19:56.0994 6056 NetBIOS - ok
11:19:57.0004 6056 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:19:57.0034 6056 NetBT - ok
11:19:57.0084 6056 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:19:57.0114 6056 nfrd960 - ok
11:19:57.0144 6056 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:19:57.0194 6056 Npfs - ok
11:19:57.0194 6056 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:19:57.0234 6056 nsiproxy - ok
11:19:57.0274 6056 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:19:57.0324 6056 Ntfs - ok
11:19:57.0324 6056 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:19:57.0364 6056 Null - ok
11:19:57.0394 6056 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:19:57.0454 6056 nusb3hub - ok
11:19:57.0484 6056 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:19:57.0534 6056 nusb3xhc - ok
11:19:57.0564 6056 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:19:57.0594 6056 nvraid - ok
11:19:57.0634 6056 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:19:57.0674 6056 nvstor - ok
11:19:57.0684 6056 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:19:57.0704 6056 nv_agp - ok
11:19:57.0714 6056 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:19:57.0734 6056 ohci1394 - ok
11:19:57.0754 6056 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:19:57.0774 6056 Parport - ok
11:19:57.0794 6056 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:19:57.0804 6056 partmgr - ok
11:19:57.0824 6056 PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - ok
11:19:57.0844 6056 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:19:57.0884 6056 pci - ok
11:19:57.0894 6056 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:19:57.0904 6056 pciide - ok
11:19:57.0924 6056 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:19:57.0944 6056 pcmcia - ok
11:19:57.0984 6056 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
11:19:58.0034 6056 pcouffin - ok
11:19:58.0034 6056 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:19:58.0054 6056 pcw - ok
11:19:58.0054 6056 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:19:58.0094 6056 PEAUTH - ok
11:19:58.0134 6056 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:19:58.0174 6056 PptpMiniport - ok
11:19:58.0174 6056 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:19:58.0204 6056 Processor - ok
11:19:58.0224 6056 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:19:58.0284 6056 Psched - ok
11:19:58.0304 6056 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
11:19:58.0324 6056 PxHlpa64 - ok
11:19:58.0354 6056 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:19:58.0404 6056 ql2300 - ok
11:19:58.0414 6056 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:19:58.0434 6056 ql40xx - ok
11:19:58.0434 6056 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:19:58.0454 6056 QWAVEdrv - ok
11:19:58.0494 6056 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:19:58.0524 6056 RasAcd - ok
11:19:58.0554 6056 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:19:58.0574 6056 RasAgileVpn - ok
11:19:58.0584 6056 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:19:58.0624 6056 Rasl2tp - ok
11:19:58.0634 6056 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:19:58.0684 6056 RasPppoe - ok
11:19:58.0704 6056 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:19:58.0734 6056 RasSstp - ok
11:19:58.0744 6056 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:19:58.0784 6056 rdbss - ok
11:19:58.0794 6056 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:19:58.0814 6056 rdpbus - ok
11:19:58.0824 6056 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:19:58.0854 6056 RDPCDD - ok
11:19:58.0884 6056 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:19:58.0934 6056 RDPENCDD - ok
11:19:58.0944 6056 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:19:58.0974 6056 RDPREFMP - ok
11:19:59.0004 6056 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:19:59.0034 6056 RDPWD - ok
11:19:59.0034 6056 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:19:59.0054 6056 rdyboost - ok
11:19:59.0114 6056 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:19:59.0144 6056 rspndr - ok
11:19:59.0184 6056 RTCore64 (2e887e52e45bba3c47ccd0e75fc5266f) C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
11:19:59.0204 6056 RTCore64 - ok
11:19:59.0214 6056 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:19:59.0224 6056 sbp2port - ok
11:19:59.0234 6056 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:19:59.0264 6056 scfilter - ok
11:19:59.0294 6056 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:19:59.0324 6056 secdrv - ok
11:19:59.0344 6056 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:19:59.0374 6056 Serenum - ok
11:19:59.0394 6056 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:19:59.0424 6056 Serial - ok
11:19:59.0434 6056 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:19:59.0454 6056 sermouse - ok
11:19:59.0464 6056 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:19:59.0484 6056 sffdisk - ok
11:19:59.0484 6056 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:19:59.0504 6056 sffp_mmc - ok
11:19:59.0514 6056 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:19:59.0534 6056 sffp_sd - ok
11:19:59.0544 6056 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:19:59.0554 6056 sfloppy - ok
11:19:59.0564 6056 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:19:59.0574 6056 SiSRaid2 - ok
11:19:59.0604 6056 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:19:59.0624 6056 SiSRaid4 - ok
11:19:59.0634 6056 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:19:59.0654 6056 Smb - ok
11:19:59.0694 6056 snapman (0775cb5147953cce129bc3414740d109) C:\Windows\system32\DRIVERS\snapman.sys
11:19:59.0714 6056 snapman - ok
11:19:59.0734 6056 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:19:59.0744 6056 spldr - ok
11:19:59.0794 6056 SRTSP (9e399476e5d5e0d3c8822c857a7e9a9a) C:\Windows\System32\Drivers\NISx64\1008030.006\SRTSP64.SYS
11:19:59.0834 6056 SRTSP - ok
11:19:59.0844 6056 SRTSPX (3d7717b582f0365e75071556936e5a6b) C:\Windows\system32\drivers\NISx64\1008030.006\SRTSPX64.SYS
11:19:59.0864 6056 SRTSPX - ok
11:19:59.0914 6056 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:19:59.0984 6056 srv - ok
11:19:59.0994 6056 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:20:00.0034 6056 srv2 - ok
11:20:00.0104 6056 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:20:00.0224 6056 srvnet - ok
11:20:00.0254 6056 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:20:00.0284 6056 stexstor - ok
11:20:00.0304 6056 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:20:00.0324 6056 swenum - ok
11:20:00.0344 6056 SymEFA (4f87bb5389a93778ebc363b28271a65b) C:\Windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS
11:20:00.0374 6056 SymEFA - ok
11:20:00.0414 6056 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:20:00.0434 6056 SymEvent - ok
11:20:00.0454 6056 SYMFW (b4af6633ecd674b74bd4e80788299d2a) C:\Windows\System32\Drivers\NISx64\1008030.006\SYMFW.SYS
11:20:00.0494 6056 SYMFW - ok
11:20:00.0504 6056 SymIM (212bbf5a964513980d5de9397381534f) C:\Windows\system32\DRIVERS\SymIMv.sys
11:20:00.0534 6056 SymIM - ok
11:20:00.0554 6056 SYMNDISV (d451a05f7e7b9d1f9f8fb76b2a16d786) C:\Windows\System32\Drivers\NISx64\1008030.006\SYMNDISV.SYS
11:20:00.0574 6056 SYMNDISV - ok
11:20:00.0614 6056 symsnap (2d9b2746f7dea46d1572b84a06311566) C:\Windows\system32\DRIVERS\symsnap.sys
11:20:00.0644 6056 symsnap - ok
11:20:00.0664 6056 SYMTDI (33b37cb0a74f1f4b78a665ece9184095) C:\Windows\System32\Drivers\NISx64\1008030.006\SYMTDI.SYS
11:20:00.0674 6056 SYMTDI - ok
11:20:00.0724 6056 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:20:00.0824 6056 Tcpip - ok
11:20:00.0904 6056 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:20:00.0954 6056 TCPIP6 - ok
11:20:00.0984 6056 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:20:01.0044 6056 tcpipreg - ok
11:20:01.0054 6056 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:20:01.0084 6056 TDPIPE - ok
11:20:01.0154 6056 tdrpman258 (bf7ac81df6fbe09438d9dc7188178ea9) C:\Windows\system32\DRIVERS\tdrpm258.sys
11:20:01.0214 6056 tdrpman258 - ok
11:20:01.0224 6056 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:20:01.0264 6056 TDTCP - ok
11:20:01.0264 6056 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:20:01.0294 6056 tdx - ok
11:20:01.0314 6056 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
11:20:01.0324 6056 TermDD - ok
11:20:01.0354 6056 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys
11:20:01.0384 6056 timounter - ok
11:20:01.0404 6056 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:20:01.0464 6056 tssecsrv - ok
11:20:01.0474 6056 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:20:01.0494 6056 TsUsbFlt - ok
11:20:01.0504 6056 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:20:01.0514 6056 TsUsbGD - ok
11:20:01.0534 6056 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:20:01.0574 6056 tunnel - ok
11:20:01.0574 6056 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:20:01.0594 6056 uagp35 - ok
11:20:01.0604 6056 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:20:01.0644 6056 udfs - ok
11:20:01.0664 6056 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:20:01.0684 6056 uliagpkx - ok
11:20:01.0694 6056 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:20:01.0714 6056 umbus - ok
11:20:01.0724 6056 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:20:01.0744 6056 UmPass - ok
11:20:01.0764 6056 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:20:01.0804 6056 usbccgp - ok
11:20:01.0834 6056 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:20:01.0854 6056 usbcir - ok
11:20:01.0874 6056 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:20:01.0904 6056 usbehci - ok
11:20:01.0914 6056 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:20:01.0944 6056 usbhub - ok
11:20:01.0964 6056 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:20:01.0994 6056 usbohci - ok
11:20:02.0024 6056 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:20:02.0044 6056 usbprint - ok
11:20:02.0084 6056 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:20:02.0144 6056 usbscan - ok
11:20:02.0164 6056 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:20:02.0204 6056 USBSTOR - ok
11:20:02.0224 6056 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:20:02.0244 6056 usbuhci - ok
11:20:02.0284 6056 v2imount (39583837498d6430833b03b37bcb1eff) C:\Windows\system32\DRIVERS\v2imount.sys
11:20:02.0314 6056 v2imount - ok
11:20:02.0334 6056 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:20:02.0354 6056 vdrvroot - ok
11:20:02.0374 6056 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:20:02.0394 6056 vga - ok
11:20:02.0404 6056 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:20:02.0434 6056 VgaSave - ok
11:20:02.0444 6056 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:20:02.0454 6056 vhdmp - ok
11:20:02.0464 6056 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:20:02.0474 6056 viaide - ok
11:20:02.0504 6056 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:20:02.0514 6056 volmgr - ok
11:20:02.0524 6056 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:20:02.0544 6056 volmgrx - ok
11:20:02.0554 6056 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:20:02.0574 6056 volsnap - ok
11:20:02.0624 6056 VProEventMonitor (8b7454930230db4bc4ba35a467be09aa) C:\Windows\system32\DRIVERS\vproeventmonitor.sys
11:20:02.0654 6056 VProEventMonitor - ok
11:20:02.0684 6056 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:20:02.0714 6056 vsmraid - ok
11:20:02.0724 6056 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
11:20:02.0744 6056 vwifibus - ok
11:20:02.0744 6056 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:20:02.0774 6056 WacomPen - ok
11:20:02.0774 6056 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:20:02.0804 6056 WANARP - ok
11:20:02.0804 6056 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:20:02.0844 6056 Wanarpv6 - ok
11:20:02.0884 6056 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:20:02.0904 6056 Wd - ok
11:20:02.0914 6056 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:20:02.0934 6056 Wdf01000 - ok
11:20:02.0954 6056 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:20:02.0974 6056 WfpLwf - ok
11:20:03.0034 6056 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
11:20:03.0054 6056 WimFltr - ok
11:20:03.0084 6056 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:20:03.0094 6056 WIMMount - ok
11:20:03.0104 6056 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:20:03.0134 6056 WmiAcpi - ok
11:20:03.0164 6056 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:20:03.0194 6056 ws2ifsl - ok
11:20:03.0204 6056 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:20:03.0234 6056 WudfPf - ok
11:20:03.0254 6056 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:20:03.0284 6056 WUDFRd - ok
11:20:03.0294 6056 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:20:03.0374 6056 \Device\Harddisk1\DR1 - ok
11:20:03.0374 6056 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:20:03.0434 6056 \Device\Harddisk0\DR0 - ok
11:20:03.0434 6056 Boot (0x1200) (423e438175736b4178993abd0f6df97f) \Device\Harddisk1\DR1\Partition0
11:20:03.0434 6056 \Device\Harddisk1\DR1\Partition0 - ok
11:20:03.0444 6056 Boot (0x1200) (c735155e5d132c17402be0cd69777b63) \Device\Harddisk1\DR1\Partition1
11:20:03.0444 6056 \Device\Harddisk1\DR1\Partition1 - ok
11:20:03.0454 6056 Boot (0x1200) (3814bd66e872d6024d42e842f44b8b76) \Device\Harddisk0\DR0\Partition0
11:20:03.0454 6056 \Device\Harddisk0\DR0\Partition0 - ok
11:20:03.0454 6056 Boot (0x1200) (c735155e5d132c17402be0cd69777b63) \Device\Harddisk0\DR0\Partition1
11:20:03.0454 6056 \Device\Harddisk0\DR0\Partition1 - ok
11:20:03.0454 6056 ============================================================
11:20:03.0454 6056 Scan finished
11:20:03.0454 6056 ============================================================
11:20:03.0464 5980 Detected object count: 0
11:20:03.0464 5980 Actual detected object count: 0
11:20:11.0234 4648 Deinitialize success


otl log:
--------
========== PROCESSES ==========
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Luis\Desktop\cmd.bat deleted successfully.
C:\Users\Luis\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Luis\Desktop\cmd.bat deleted successfully.
C:\Users\Luis\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Luis\Desktop\cmd.bat deleted successfully.
C:\Users\Luis\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Luis\Desktop\cmd.bat deleted successfully.
C:\Users\Luis\Desktop\cmd.txt deleted successfully.
< sc config RivaTuner64 start= disabled /c >
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Users\Luis\Desktop\cmd.bat deleted successfully.
C:\Users\Luis\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Luis
->Java cache emptied: 32973995 bytes

User: Public

Total Java Files Cleaned = 31.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Luis
->Flash cache emptied: 7312 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11282011_112555

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


vew logs:
---------
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/11/2011 12:05:22 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/11/2011 5:01:26 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Choice Mail service. The Service Control Manager launched process 2912 and process 3116 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.

Log: 'System' Date/Time: 28/11/2011 4:36:16 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Choice Mail service. The Service Control Manager launched process 2924 and process 2932 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.



Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/11/2011 12:06:42 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/11/2011 5:03:22 PM
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Java™ 6 Update 13 -- Internal Error 2753. regutils.dll

Log: 'Application' Date/Time: 28/11/2011 5:02:40 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 28/11/2011 5:02:15 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: VProTray.exe, version: 15.0.1.36526, time stamp: 0x4b8e6d20 Faulting module name: VProScheduler.dll, version: 15.0.1.36526, time stamp: 0x4b8e6ae9 Exception code: 0xc0000005 Fault offset: 0x00031058 Faulting process id: 0xc1c Faulting application start time: 0x01ccadef5c9c86d2 Faulting application path: C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe Faulting module path: C:\Program Files (x86)\Common Files\Symantec Shared\VProRecovery\VProScheduler.dll Report Id: b891571d-19e2-11e1-a887-180373d50d8a

Log: 'Application' Date/Time: 28/11/2011 4:37:47 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
For the Java uninstall error get REVO:

http://majorgeeks.co...ller_d5706.html (You do not need to fill out the form that shows up while you wait for the download to appear.)

(FF: Right click and Open Containing Folder,) Right click on the downloaded file and Run As Admin. Once it is installed and running it will show you a bunch of Icons of your installed programs. Find the Java one and let it uninstall it. Delete the folders:

C:\Program Files(x86)\Java
C:\Users\Luis\AppData\LocalLow\Sun\Java
and these files:
C:\Windows\SysWow64\deploytk.dll
C:\Windows\SysWow64\javaws.exe
C:\Windows\SysWow64\javaw.exe
C:\Windows\SysWow64\java.exe
If they still exist.

Turn off Hibernation
http://support.microsoft.com/kb/920730

Reboot.

Delete the file C:\Hiberfil.sys if it still exists.

Copy the following:

:Commands
[EMPTYTEMP]
[CLEARALLRESTOREPOINTS]
[Reboot]

Right click on OTL and Run As Administrator. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix. It should reboot when done.



If you are still getting tidserv then:

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

#7
louuu

louuu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 223 posts
i used revo to uninstall java13. the same error popped up but it appears that it did uninstall it. its not longer in my list of installed programs. so i now need to reinstall a more current version? if so, can you tell me where to get it.

then i ran tbe otl part and rebooted, but boot.tidserv was still found and quarantined by norton. so i continued on with avptool section.

i did all of the avptool parts you asked and rebooted and norton did not find boot.tidserv.

but in the meantime windows tried to install one single update called "Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)". it wouldnt install so i researched it online and when it asked where to find vc_red.msi i hit browse and typee in vc_red.msi in the search box and it found it in some weirdly created folder under my C drive. it was something like this "c:\430325ff2b5edd0180c9e681\". it installed and i rebooted. upon reboot it said it didnt install correctly and tried to do the whole procedure again. i did this about 5 times and rebooted 5 times and the problem is still there. did all of the work we did trying to remove boot.tidserv somehow cause something to go wrong with this problem?

the good news is that boot.tidserv has never been found again by norton! below is the log you requested and i attached the zip folder you requested. ill wait for your reply as i dont even know what this visual c install is about. thank you.

k log:
------
Status: Deleted (events: 1)
11/28/2011 1:50:14 PM Deleted Trojan program Trojan-Spy.HTML.Fraud.gen C:\Documents and Settings\Luis\AppData\Local\Microsoft\Windows Live Mail\luis.munoz\Deleted Items\55075D12-000026D6.eml High
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
I'm glad we got rid of TIDSERV. java.com should have the latest version of Java for you.

Not sure what happened to your installer. The folder you found it in is typical of those used by updates. Let's see if we can see what is wrong:

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Type with an Enter after each line:

cd  \windows\logs\cbs

copy  cbs.log  cbs.old

del  cbs.log

sfc  /scannow

findstr  /c:"[SR]"  cbs.log  >  junk.txt 




attach the file \windows\logs\cbs\junk.txt to your next reply.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#9
louuu

louuu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 223 posts
yes, im glad we got rid of that pesky tidserv. i went to java.com to install it, but im confused about something. my windows operating system is 64 bit. but it says to click on the help button and chek the version of internet explorer im running. it says if it says "64bit" then download the 64bit java. but it says if it doesnt say that then my internet explorer is 32bit and i should install the 32bit java. theres also an option to install jave for both 32bit and 64bit. which one should i install?

i did all the steps and on the last step where i was supposed to save as junk.txt, i accidentally hit junktxt without the dot. so i just changed the saved junktxt file to junk.txt and it seemed to work as it opened up as a text file which ive included below. also below is the vew file you requested. ill wait for your reply, thanks.

junk.txt:
---------
2011-11-28 22:26:08, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:08, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:09, Info CSI 0000000c [SR] Verify complete
2011-11-28 22:26:09, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:09, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:12, Info CSI 00000010 [SR] Verify complete
2011-11-28 22:26:12, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:12, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:15, Info CSI 00000014 [SR] Verify complete
2011-11-28 22:26:15, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:15, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:18, Info CSI 00000018 [SR] Verify complete
2011-11-28 22:26:18, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:18, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:21, Info CSI 0000001c [SR] Verify complete
2011-11-28 22:26:21, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:21, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:22, Info CSI 00000020 [SR] Verify complete
2011-11-28 22:26:22, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:22, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:22, Info CSI 00000024 [SR] Verify complete
2011-11-28 22:26:23, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:23, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:26, Info CSI 00000029 [SR] Verify complete
2011-11-28 22:26:27, Info CSI 0000002a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:27, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:31, Info CSI 0000002f [SR] Verify complete
2011-11-28 22:26:31, Info CSI 00000030 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:31, Info CSI 00000031 [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:33, Info CSI 00000034 [SR] Verify complete
2011-11-28 22:26:33, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:33, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:36, Info CSI 00000039 [SR] Verify complete
2011-11-28 22:26:36, Info CSI 0000003a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:36, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:40, Info CSI 0000003d [SR] Verify complete
2011-11-28 22:26:40, Info CSI 0000003e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:40, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:45, Info CSI 00000064 [SR] Verify complete
2011-11-28 22:26:45, Info CSI 00000065 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:45, Info CSI 00000066 [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:50, Info CSI 00000068 [SR] Verify complete
2011-11-28 22:26:50, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:50, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:53, Info CSI 0000006c [SR] Verify complete
2011-11-28 22:26:53, Info CSI 0000006d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:53, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
2011-11-28 22:26:57, Info CSI 00000070 [SR] Verify complete
2011-11-28 22:26:57, Info CSI 00000071 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:26:57, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:00, Info CSI 00000074 [SR] Verify complete
2011-11-28 22:27:00, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:00, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:04, Info CSI 0000007a [SR] Verify complete
2011-11-28 22:27:05, Info CSI 0000007b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:05, Info CSI 0000007c [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:11, Info CSI 0000009d [SR] Verify complete
2011-11-28 22:27:11, Info CSI 0000009e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:11, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:16, Info CSI 000000a1 [SR] Verify complete
2011-11-28 22:27:16, Info CSI 000000a2 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:16, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:24, Info CSI 000000a7 [SR] Verify complete
2011-11-28 22:27:24, Info CSI 000000a8 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:24, Info CSI 000000a9 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:26, Info CSI 000000ab [SR] Verify complete
2011-11-28 22:27:26, Info CSI 000000ac [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:26, Info CSI 000000ad [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:26, Info CSI 000000af [SR] Verify complete
2011-11-28 22:27:27, Info CSI 000000b0 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:27, Info CSI 000000b1 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:28, Info CSI 000000b3 [SR] Verify complete
2011-11-28 22:27:28, Info CSI 000000b4 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:28, Info CSI 000000b5 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:34, Info CSI 000000c8 [SR] Verify complete
2011-11-28 22:27:34, Info CSI 000000c9 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:34, Info CSI 000000ca [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:36, Info CSI 000000cc [SR] Verify complete
2011-11-28 22:27:36, Info CSI 000000cd [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:36, Info CSI 000000ce [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:36, Info CSI 000000d0 [SR] Verify complete
2011-11-28 22:27:37, Info CSI 000000d1 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:37, Info CSI 000000d2 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:39, Info CSI 000000d4 [SR] Verify complete
2011-11-28 22:27:39, Info CSI 000000d5 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:39, Info CSI 000000d6 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:42, Info CSI 000000d8 [SR] Verify complete
2011-11-28 22:27:42, Info CSI 000000d9 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:42, Info CSI 000000da [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:48, Info CSI 000000dd [SR] Verify complete
2011-11-28 22:27:48, Info CSI 000000de [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:48, Info CSI 000000df [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:50, Info CSI 000000e1 [SR] Verify complete
2011-11-28 22:27:51, Info CSI 000000e2 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:51, Info CSI 000000e3 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:52, Info CSI 000000e5 [SR] Verify complete
2011-11-28 22:27:52, Info CSI 000000e6 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:52, Info CSI 000000e7 [SR] Beginning Verify and Repair transaction
2011-11-28 22:27:56, Info CSI 000000e9 [SR] Verify complete
2011-11-28 22:27:56, Info CSI 000000ea [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:27:56, Info CSI 000000eb [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:00, Info CSI 000000ed [SR] Verify complete
2011-11-28 22:28:00, Info CSI 000000ee [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:00, Info CSI 000000ef [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:05, Info CSI 000000f1 [SR] Verify complete
2011-11-28 22:28:05, Info CSI 000000f2 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:05, Info CSI 000000f3 [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:12, Info CSI 0000010b [SR] Verify complete
2011-11-28 22:28:12, Info CSI 0000010c [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:12, Info CSI 0000010d [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:16, Info CSI 0000010f [SR] Verify complete
2011-11-28 22:28:16, Info CSI 00000110 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:16, Info CSI 00000111 [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:27, Info CSI 00000113 [SR] Verify complete
2011-11-28 22:28:27, Info CSI 00000114 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:27, Info CSI 00000115 [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:34, Info CSI 00000118 [SR] Verify complete
2011-11-28 22:28:34, Info CSI 00000119 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:34, Info CSI 0000011a [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:40, Info CSI 0000011c [SR] Verify complete
2011-11-28 22:28:40, Info CSI 0000011d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:40, Info CSI 0000011e [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:44, Info CSI 00000120 [SR] Verify complete
2011-11-28 22:28:44, Info CSI 00000121 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:44, Info CSI 00000122 [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:48, Info CSI 00000124 [SR] Verify complete
2011-11-28 22:28:48, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:48, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:50, Info CSI 0000012a [SR] Verify complete
2011-11-28 22:28:51, Info CSI 0000012b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:51, Info CSI 0000012c [SR] Beginning Verify and Repair transaction
2011-11-28 22:28:53, Info CSI 0000012e [SR] Verify complete
2011-11-28 22:28:54, Info CSI 0000012f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:28:54, Info CSI 00000130 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:03, Info CSI 00000132 [SR] Verify complete
2011-11-28 22:29:04, Info CSI 00000133 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:04, Info CSI 00000134 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:09, Info CSI 00000137 [SR] Verify complete
2011-11-28 22:29:09, Info CSI 00000138 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:09, Info CSI 00000139 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:12, Info CSI 0000013c [SR] Verify complete
2011-11-28 22:29:12, Info CSI 0000013d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:12, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:18, Info CSI 00000140 [SR] Verify complete
2011-11-28 22:29:18, Info CSI 00000141 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:18, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:22, Info CSI 00000145 [SR] Verify complete
2011-11-28 22:29:22, Info CSI 00000146 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:22, Info CSI 00000147 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:26, Info CSI 00000149 [SR] Verify complete
2011-11-28 22:29:26, Info CSI 0000014a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:26, Info CSI 0000014b [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:30, Info CSI 0000014d [SR] Verify complete
2011-11-28 22:29:30, Info CSI 0000014e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:30, Info CSI 0000014f [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:34, Info CSI 00000152 [SR] Verify complete
2011-11-28 22:29:34, Info CSI 00000153 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:34, Info CSI 00000154 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:39, Info CSI 00000156 [SR] Verify complete
2011-11-28 22:29:39, Info CSI 00000157 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:39, Info CSI 00000158 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:41, Info CSI 0000015a [SR] Verify complete
2011-11-28 22:29:41, Info CSI 0000015b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:41, Info CSI 0000015c [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:45, Info CSI 0000015f [SR] Verify complete
2011-11-28 22:29:45, Info CSI 00000160 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:45, Info CSI 00000161 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:50, Info CSI 00000164 [SR] Verify complete
2011-11-28 22:29:50, Info CSI 00000165 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:50, Info CSI 00000166 [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:54, Info CSI 00000169 [SR] Verify complete
2011-11-28 22:29:54, Info CSI 0000016a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:54, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2011-11-28 22:29:58, Info CSI 0000016e [SR] Verify complete
2011-11-28 22:29:59, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:29:59, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:01, Info CSI 00000172 [SR] Verify complete
2011-11-28 22:30:02, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:02, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:03, Info CSI 00000176 [SR] Verify complete
2011-11-28 22:30:03, Info CSI 00000177 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:03, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:06, Info CSI 0000017a [SR] Verify complete
2011-11-28 22:30:06, Info CSI 0000017b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:06, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:08, Info CSI 0000017e [SR] Verify complete
2011-11-28 22:30:09, Info CSI 0000017f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:09, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:12, Info CSI 00000182 [SR] Verify complete
2011-11-28 22:30:12, Info CSI 00000183 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:12, Info CSI 00000184 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:14, Info CSI 00000186 [SR] Verify complete
2011-11-28 22:30:14, Info CSI 00000187 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:14, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:17, Info CSI 0000018a [SR] Verify complete
2011-11-28 22:30:17, Info CSI 0000018b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:17, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:26, Info CSI 0000018e [SR] Verify complete
2011-11-28 22:30:26, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:26, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:38, Info CSI 00000192 [SR] Verify complete
2011-11-28 22:30:38, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:38, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:40, Info CSI 00000196 [SR] Verify complete
2011-11-28 22:30:40, Info CSI 00000197 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:40, Info CSI 00000198 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:43, Info CSI 0000019a [SR] Verify complete
2011-11-28 22:30:43, Info CSI 0000019b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:43, Info CSI 0000019c [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:44, Info CSI 0000019e [SR] Verify complete
2011-11-28 22:30:44, Info CSI 0000019f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:44, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:46, Info CSI 000001a2 [SR] Verify complete
2011-11-28 22:30:46, Info CSI 000001a3 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:46, Info CSI 000001a4 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:49, Info CSI 000001a6 [SR] Verify complete
2011-11-28 22:30:49, Info CSI 000001a7 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:49, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:53, Info CSI 000001b0 [SR] Verify complete
2011-11-28 22:30:53, Info CSI 000001b1 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:53, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:55, Info CSI 000001b4 [SR] Verify complete
2011-11-28 22:30:55, Info CSI 000001b5 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:55, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:57, Info CSI 000001b8 [SR] Verify complete
2011-11-28 22:30:57, Info CSI 000001b9 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:30:57, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
2011-11-28 22:30:59, Info CSI 000001bc [SR] Verify complete
2011-11-28 22:31:00, Info CSI 000001bd [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:00, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:03, Info CSI 000001c0 [SR] Verify complete
2011-11-28 22:31:03, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:03, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:07, Info CSI 000001c5 [SR] Verify complete
2011-11-28 22:31:07, Info CSI 000001c6 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:07, Info CSI 000001c7 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:08, Info CSI 000001c9 [SR] Verify complete
2011-11-28 22:31:09, Info CSI 000001ca [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:09, Info CSI 000001cb [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:10, Info CSI 000001cd [SR] Verify complete
2011-11-28 22:31:10, Info CSI 000001ce [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:10, Info CSI 000001cf [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:18, Info CSI 000001d4 [SR] Verify complete
2011-11-28 22:31:18, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:18, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:24, Info CSI 000001db [SR] Verify complete
2011-11-28 22:31:24, Info CSI 000001dc [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:24, Info CSI 000001dd [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:28, Info CSI 000001e0 [SR] Verify complete
2011-11-28 22:31:29, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:29, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:33, Info CSI 000001ed [SR] Verify complete
2011-11-28 22:31:33, Info CSI 000001ee [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:33, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:38, Info CSI 000001f5 [SR] Verify complete
2011-11-28 22:31:38, Info CSI 000001f6 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:38, Info CSI 000001f7 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:41, Info CSI 000001f9 [SR] Verify complete
2011-11-28 22:31:41, Info CSI 000001fa [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:41, Info CSI 000001fb [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:44, Info CSI 000001ff [SR] Verify complete
2011-11-28 22:31:44, Info CSI 00000200 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:44, Info CSI 00000201 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:46, Info CSI 00000206 [SR] Verify complete
2011-11-28 22:31:46, Info CSI 00000207 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:46, Info CSI 00000208 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:50, Info CSI 0000022a [SR] Verify complete
2011-11-28 22:31:50, Info CSI 0000022b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:50, Info CSI 0000022c [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:53, Info CSI 0000022e [SR] Verify complete
2011-11-28 22:31:53, Info CSI 0000022f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:53, Info CSI 00000230 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:55, Info CSI 00000232 [SR] Verify complete
2011-11-28 22:31:56, Info CSI 00000233 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:56, Info CSI 00000234 [SR] Beginning Verify and Repair transaction
2011-11-28 22:31:58, Info CSI 00000242 [SR] Verify complete
2011-11-28 22:31:58, Info CSI 00000243 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:31:58, Info CSI 00000244 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:02, Info CSI 00000246 [SR] Verify complete
2011-11-28 22:32:02, Info CSI 00000247 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:02, Info CSI 00000248 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:06, Info CSI 00000256 [SR] Verify complete
2011-11-28 22:32:06, Info CSI 00000257 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:06, Info CSI 00000258 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:07, Info CSI 0000025a [SR] Verify complete
2011-11-28 22:32:07, Info CSI 0000025b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:07, Info CSI 0000025c [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:09, Info CSI 0000025e [SR] Verify complete
2011-11-28 22:32:09, Info CSI 0000025f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:09, Info CSI 00000260 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:13, Info CSI 00000262 [SR] Verify complete
2011-11-28 22:32:13, Info CSI 00000263 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:13, Info CSI 00000264 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:14, Info CSI 00000266 [SR] Verify complete
2011-11-28 22:32:14, Info CSI 00000267 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:14, Info CSI 00000268 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:17, Info CSI 0000026a [SR] Verify complete
2011-11-28 22:32:18, Info CSI 0000026b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:18, Info CSI 0000026c [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:20, Info CSI 0000026e [SR] Verify complete
2011-11-28 22:32:20, Info CSI 0000026f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:20, Info CSI 00000270 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:25, Info CSI 00000272 [SR] Verify complete
2011-11-28 22:32:25, Info CSI 00000273 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:25, Info CSI 00000274 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:29, Info CSI 0000028e [SR] Verify complete
2011-11-28 22:32:29, Info CSI 0000028f [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:29, Info CSI 00000290 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:40, Info CSI 00000292 [SR] Verify complete
2011-11-28 22:32:40, Info CSI 00000293 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:40, Info CSI 00000294 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:44, Info CSI 00000296 [SR] Verify complete
2011-11-28 22:32:44, Info CSI 00000297 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:44, Info CSI 00000298 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:46, Info CSI 0000029b [SR] Verify complete
2011-11-28 22:32:46, Info CSI 0000029c [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:46, Info CSI 0000029d [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:48, Info CSI 000002a0 [SR] Verify complete
2011-11-28 22:32:48, Info CSI 000002a1 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:48, Info CSI 000002a2 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:50, Info CSI 000002a4 [SR] Verify complete
2011-11-28 22:32:50, Info CSI 000002a5 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:50, Info CSI 000002a6 [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:55, Info CSI 000002a8 [SR] Verify complete
2011-11-28 22:32:55, Info CSI 000002a9 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:55, Info CSI 000002aa [SR] Beginning Verify and Repair transaction
2011-11-28 22:32:58, Info CSI 000002ad [SR] Verify complete
2011-11-28 22:32:58, Info CSI 000002ae [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:32:58, Info CSI 000002af [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:01, Info CSI 000002b1 [SR] Verify complete
2011-11-28 22:33:01, Info CSI 000002b2 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:33:01, Info CSI 000002b3 [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:04, Info CSI 000002b5 [SR] Verify complete
2011-11-28 22:33:04, Info CSI 000002b6 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:33:04, Info CSI 000002b7 [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:07, Info CSI 000002b9 [SR] Verify complete
2011-11-28 22:33:07, Info CSI 000002ba [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:33:07, Info CSI 000002bb [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:11, Info CSI 000002be [SR] Verify complete
2011-11-28 22:33:11, Info CSI 000002bf [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:33:11, Info CSI 000002c0 [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:15, Info CSI 000002c2 [SR] Verify complete
2011-11-28 22:33:16, Info CSI 000002c3 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:33:16, Info CSI 000002c4 [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:18, Info CSI 000002c6 [SR] Verify complete
2011-11-28 22:33:18, Info CSI 000002c7 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:33:18, Info CSI 000002c8 [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:20, Info CSI 000002ca [SR] Verify complete
2011-11-28 22:33:20, Info CSI 000002cb [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 22:33:20, Info CSI 000002cc [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:23, Info CSI 000002ce [SR] Verify complete
2011-11-28 22:33:23, Info CSI 000002cf [SR] Verifying 41 (0x0000000000000029) components
2011-11-28 22:33:23, Info CSI 000002d0 [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:24, Info CSI 000002d2 [SR] Verify complete
2011-11-28 22:33:24, Info CSI 000002d3 [SR] Repairing 0 components
2011-11-28 22:33:24, Info CSI 000002d4 [SR] Beginning Verify and Repair transaction
2011-11-28 22:33:24, Info CSI 000002d6 [SR] Repair complete

vew file:
---------
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/11/2011 11:02:36 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/11/2011 3:24:16 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {7D1933CB-86F6-4A98-8628-01BE94C9A575} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/11/2011 3:23:22 AM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Choice Mail service. The Service Control Manager launched process 3060 and process 1868 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
If you go to Java.com with the 64 bit IE it will offer you the 64 bit Java. If you go with the regular IE you get the 32 bit Java. You should probably get them both if you use both versions of IE.

Have no idea what Choice Mail is but it is giving a warning:

'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/11/2011 3:23:22 AM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
The Service Control Manager launched process 3060 and process 1868 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.


Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.
  • 0

Advertisements


#11
louuu

louuu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 223 posts
i only installed java 32bit because it said win7 64bit uses 32bit explorer browswer unless i specifically tell it to use 64bit explorer and ive never done that. so i did install the 32bit java successfully.

choicemail is my spam email eliminator. ive been using it for years with no issues, so its ok.

here are the texts you requested. i havent rebooted or anything and wont do so until you tell me to. thank you.

procexp:
--------
Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 97.46 0 K 24 K
procexp64.exe 4596 1.39 27,132 K 46,688 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
dwm.exe 2136 0.25 38,520 K 37,184 K Desktop Window Manager Microsoft Corporation
Interrupts n/a 0.22 0 K 0 K Hardware Interrupts and DPCs
Core Temp.exe 2616 0.15 10,532 K 2,504 K CPU temperature and system information utility
csrss.exe 852 0.10 6,740 K 11,504 K Client Server Runtime Process Microsoft Corporation
System 4 0.10 108 K 304 K
SRService.exe 2900 0.08 1,840 K 5,168 K Splashtop® Streamer Service Splashtop Inc.
explorer.exe 2196 0.07 46,984 K 76,528 K Windows Explorer Microsoft Corporation
ccSvcHst.exe 2444 0.06 32,436 K 8,880 K Symantec Service Framework Symantec Corporation
MSIAfterburner.exe 2608 0.04 4,032 K 2,480 K MSIAfterburner
iexplore.exe 1388 0.01 83,044 K 81,532 K Internet Explorer Microsoft Corporation
ccSvcHst.exe 3844 0.01 23,844 K 4,792 K Symantec Service Framework Symantec Corporation
lsm.exe 160 0.01 3,104 K 4,828 K Local Session Manager Service Microsoft Corporation
wlmail.exe 5748 0.01 112,528 K 75,360 K Windows Live Mail Microsoft Corporation
svchost.exe 1540 0.01 9,856 K 17,388 K Host Process for Windows Services Microsoft Corporation
ADVWindowsClientService.exe 3160 < 0.01 39,248 K 37,864 K Amazon Unbox Video Service Amazon.com
ppped.exe 2744 < 0.01 4,396 K 8,416 K PowerPanel Personal Edition Service Cyber Power Systems, Inc.
VProTray.exe 4388 < 0.01 15,036 K 24,564 K Tray Application Symantec Corporation
svchost.exe 1548 < 0.01 18,804 K 19,028 K Host Process for Windows Services Microsoft Corporation
ChoiceMail.exe 4312 < 0.01 13,588 K 13,944 K DigiPortal Software, Inc.
svchost.exe 1452 < 0.01 12,608 K 19,248 K Host Process for Windows Services Microsoft Corporation
lsass.exe 684 < 0.01 5,400 K 12,224 K Local Security Authority Process Microsoft Corporation
wlcomm.exe 5660 < 0.01 19,136 K 12,092 K Windows Live Communications Platform Microsoft Corporation
CMServer.exe 1868 < 0.01 36,468 K 39,476 K DigiPortal Software, Inc.
svchost.exe 1308 < 0.01 28,176 K 42,212 K Host Process for Windows Services Microsoft Corporation
SSUService.exe 2936 < 0.01 2,072 K 5,652 K Splashtop Software Updater Service Splashtop Inc.
svchost.exe 3764 < 0.01 13,508 K 16,180 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1280 < 0.01 208,544 K 213,520 K Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 4772 < 0.01 46,192 K 25,808 K Microsoft Windows Search Indexer Microsoft Corporation
CMServer.exe 3060 < 0.01 3,432 K 1,176 K DigiPortal Software, Inc.
csrss.exe 756 < 0.01 2,848 K 5,192 K Client Server Runtime Process Microsoft Corporation
wmpnetwk.exe 4452 < 0.01 12,228 K 11,000 K Windows Media Player Network Sharing Service Microsoft Corporation
ChoiceMail.exe 4296 < 0.01 4,388 K 11,264 K DigiPortal Software, Inc.
svchost.exe 1732 < 0.01 11,960 K 13,080 K Host Process for Windows Services Microsoft Corporation
WUDFHost.exe 5032 2,748 K 6,932 K Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation
wuauclt.exe 4608 3,204 K 10,824 K Windows Update Microsoft Corporation
WmiPrvSE.exe 2276 3,396 K 7,056 K WMI Provider Host Microsoft Corporation
winlogon.exe 608 3,848 K 8,180 K Windows Logon Application Microsoft Corporation
wininit.exe 828 2,068 K 5,040 K Windows Start-Up Application Microsoft Corporation
VProSvc.exe 2376 34,388 K 4,876 K Service Module Symantec Corporation
taskhost.exe 2228 8,492 K 9,636 K Host Process for Windows Tasks Microsoft Corporation
taskeng.exe 2548 3,344 K 7,488 K Task Scheduler Engine Microsoft Corporation
SymSnapServicex64.exe 3268 6,416 K 12,056 K Symantec Snapshot Service Symantec
svchost.exe 1116 6,224 K 10,340 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1036 5,976 K 11,088 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1248 19,872 K 23,256 K Host Process for Windows Services Microsoft Corporation
svchost.exe 4852 2,504 K 6,180 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2020 2,136 K 5,024 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2976 2,456 K 6,028 K Host Process for Windows Services Microsoft Corporation
spoolsv.exe 1688 7,296 K 13,188 K Spooler SubSystem App Microsoft Corporation
smss.exe 492 732 K 1,396 K Windows Session Manager Microsoft Corporation
services.exe 768 6,748 K 11,152 K Services and Controller app Microsoft Corporation
schedul2.exe 1900 3,032 K 6,320 K Acronis Scheduler 2 Acronis
procexp.exe 4892 2,256 K 6,832 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
NBService.exe 2144 3,404 K 9,052 K Nero BackItUp Nero AG
msiexec.exe 3176 4,856 K 13,800 K Windows® installer Microsoft Corporation
iexplore.exe 4688 10,416 K 25,780 K Internet Explorer Microsoft Corporation
E_S40RPB.EXE 1304 2,032 K 4,008 K EPSON Status Monitor 3 SEIKO EPSON CORPORATION
audiodg.exe 2112 19,160 K 19,348 K Windows Audio Device Graph Isolation Microsoft Corporation
atiesrxx.exe 1184 2,304 K 5,052 K AMD External Events Service Module AMD
atieclxx.exe 1656 3,388 K 7,456 K AMD External Events Client Module AMD
armsvc.exe 1932 1,328 K 4,012 K Adobe Acrobat Update Service Adobe Systems Incorporated
afcdpsrv.exe 2000 1,952 K 5,372 K File Level CDP Manager Service Acronis


specy:
------
Summary
Operating System
MS Windows 7 Home Premium 64-bit SP1
CPU
Intel Core i7 2600 @ 3.40GHz 34 °C
Sandy Bridge 32nm Technology
RAM
12.0 GB Dual-Channel DDR3 @ 665MHz (9-9-9-24)
Motherboard
Dell Inc. 0Y2MRG (CPU 1) 32 °C
Graphics
WESTINGHOUSE ([email protected])
VP2130 SERIES ([email protected])
AMD Radeon HD 6800 Series (ATI) 53 °C
Hard Drives
977GB Seagate ST31000524AS ATA Device (SATA) 29 °C
977GB Seagate ST31000524AS ATA Device (SATA) 32 °C
Optical Drives
PLDS DVD+-RW DH-16ABS ATA Device
Audio
Realtek High Definition Audio
Operating System
MS Windows 7 Home Premium 64-bit SP1
Installation Date: 17 November 2011, 16:35
Windows Security Center
User Account Control (UAC) Disabled
Firewall Disabled
Antivirus Disabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Windows Defender
Windows Defender Disabled
Environment Variables
USERPROFILE C:\Users\Luis
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Luis\AppData\Local\Temp
TMP C:\Users\Luis\AppData\Local\Temp
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files (x86)\AMD APP\bin\x86_64
C:\Program Files (x86)\AMD APP\bin\x86
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared
C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared
C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared
C:\Program Files (x86)\Roxio\OEM\AudioCore
C:\Program Files (x86)\Common Files\Acronis\SnapAPI
C:\Program Files (86)\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS 8
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
PROCESSOR_REVISION 2a07
windows_tracing_logfile C:\BVTBin\Tests\installpackage\csilogfile.log
windows_tracing_flags 3
EMC_AUTOPLAY C:\Program Files (x86)\Common Files\Roxio Shared\OEM\
RCAUTOPLAY C:\Program Files (x86)\Roxio\OEM\Roxio Central 5\
BURN_AUTOPLAY C:\Program Files (x86)\Roxio\OEM\Roxio Burn\
AMDAPPSDKROOT C:\Program Files (x86)\AMD APP\
Power Profile
Active power scheme Home/Office Desk
Hibernation Disabled
Power Shutdown Enabled
Power Suspend Enabled
Turn Off Monitor after: (On AC Power) 20 min
Turn Off Hard Disk after: (On AC Power) Never
Suspend after: (On AC Power) Never
Screen saver Enabled
Uptime
Current Session
Current Time 11/28/2011 11:52:57 PM
Current Uptime 5421 sec (0 d, 01 h, 30 m, 21 s)
Last Boot Time 11/28/2011 10:22:36 PM
TimeZone
TimeZone GMT -5 Hours
Language English
Country United States
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
Norton Internet Security - Luis - Full System Scan 11/29/2011 8:00 PM;At 8:00 PM every Tue of every week, starting 11/17/2011
Process List
advwindowsclientservice.exe
Process ID 3160
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
Memory Usage 37 MB
Peak Memory Usage 39 MB
afcdpsrv.exe
Process ID 2000
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
Memory Usage 5.25 MB
Peak Memory Usage 5.30 MB
armsvc.exe
Process ID 1932
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Memory Usage 3.92 MB
Peak Memory Usage 3.97 MB
atieclxx.exe
Process ID 1656
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atieclxx.exe
Memory Usage 7.28 MB
Peak Memory Usage 7.31 MB
atiesrxx.exe
Process ID 1184
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atiesrxx.exe
Memory Usage 4.93 MB
Peak Memory Usage 4.96 MB
audiodg.exe
Process ID 2112
ccsvchst.exe
Process ID 3844
User Luis
Domain LUIS
Path C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
Memory Usage 5.42 MB
Peak Memory Usage 32 MB
ccsvchst.exe
Process ID 2444
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
Memory Usage 34 MB
Peak Memory Usage 149 MB
choicemail.exe
Process ID 4296
User Luis
Domain LUIS
Path C:\Program Files (x86)\DigiPortal Software\ChoiceMail\ChoiceMail.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
choicemail.exe
Process ID 4312
User Luis
Domain LUIS
Path C:\Program Files (x86)\DigiPortal Software\ChoiceMail\ChoiceMail.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
cmserver.exe
Process ID 3060
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\DigiPortal Software\ChoiceMail\CMServer.exe
Memory Usage 1.15 MB
Peak Memory Usage 3.15 MB
cmserver.exe
Process ID 1868
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\DigiPortal Software\ChoiceMail\CMServer.exe
Memory Usage 39 MB
Peak Memory Usage 40 MB
core temp.exe
Process ID 2616
User Luis
Domain LUIS
Path C:\Program Files\Core Temp\Core Temp.exe
Memory Usage 2.43 MB
Peak Memory Usage 15 MB
csrss.exe
Process ID 756
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 5.08 MB
Peak Memory Usage 5.08 MB
csrss.exe
Process ID 852
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 11 MB
Peak Memory Usage 13 MB
dwm.exe
Process ID 2136
User Luis
Domain LUIS
Path C:\Windows\system32\Dwm.exe
Memory Usage 37 MB
Peak Memory Usage 42 MB
e_s40rpb.exe
Process ID 1304
User SYSTEM
Domain NT AUTHORITY
Path C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
Memory Usage 3.91 MB
Peak Memory Usage 3.95 MB
explorer.exe
Process ID 2196
User Luis
Domain LUIS
Path C:\Windows\Explorer.EXE
Memory Usage 75 MB
Peak Memory Usage 79 MB
iexplore.exe
Process ID 1388
User Luis
Domain LUIS
Path C:\Program Files (x86)\Internet Explorer\iexplore.exe
Memory Usage 77 MB
Peak Memory Usage 86 MB
iexplore.exe
Process ID 4688
User Luis
Domain LUIS
Path C:\Program Files (x86)\Internet Explorer\iexplore.exe
Memory Usage 27 MB
Peak Memory Usage 29 MB
iexplore.exe
Process ID 1324
User Luis
Domain LUIS
Path C:\Program Files (x86)\Internet Explorer\iexplore.exe
Memory Usage 64 MB
Peak Memory Usage 80 MB
lsass.exe
Process ID 684
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
lsm.exe
Process ID 160
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.73 MB
Peak Memory Usage 4.74 MB
msiafterburner.exe
Process ID 2608
User Luis
Domain LUIS
Path C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Memory Usage 2.42 MB
Peak Memory Usage 27 MB
msiexec.exe
Process ID 3176
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\msiexec.exe
Memory Usage 14 MB
Peak Memory Usage 20 MB
nbservice.exe
Process ID 2144
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Memory Usage 8.84 MB
Peak Memory Usage 8.87 MB
ppped.exe
Process ID 2744
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
Memory Usage 8.22 MB
Peak Memory Usage 9.23 MB
schedul2.exe
Process ID 1900
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
Memory Usage 6.17 MB
Peak Memory Usage 6.20 MB
searchfilterhost.exe
Process ID 6136
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 9.95 MB
Peak Memory Usage 9.95 MB
searchindexer.exe
Process ID 4772
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 26 MB
Peak Memory Usage 26 MB
searchprotocolhost.exe
Process ID 6112
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
searchprotocolhost.exe
Process ID 3320
User Luis
Domain LUIS
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 7.82 MB
Peak Memory Usage 7.82 MB
services.exe
Process ID 768
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
smss.exe
Process ID 492
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.36 MB
Peak Memory Usage 1.41 MB
speccy64.exe
Process ID 2272
User Luis
Domain LUIS
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 25 MB
Peak Memory Usage 25 MB
spoolsv.exe
Process ID 1688
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
srservice.exe
Process ID 2900
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
Memory Usage 5.08 MB
Peak Memory Usage 5.21 MB
ssuservice.exe
Process ID 2936
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
Memory Usage 5.52 MB
Peak Memory Usage 6.17 MB
svchost.exe
Process ID 1280
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 208 MB
Peak Memory Usage 241 MB
svchost.exe
Process ID 1308
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 40 MB
Peak Memory Usage 47 MB
svchost.exe
Process ID 4852
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.04 MB
Peak Memory Usage 6.06 MB
svchost.exe
Process ID 1548
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 20 MB
svchost.exe
Process ID 3764
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 1732
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 68 MB
svchost.exe
Process ID 2020
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.91 MB
Peak Memory Usage 4.94 MB
svchost.exe
Process ID 1540
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 1452
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 2976
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.89 MB
Peak Memory Usage 5.94 MB
svchost.exe
Process ID 1036
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 1116
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 1248
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 23 MB
Peak Memory Usage 23 MB
symsnapservicex64.exe
Process ID 3268
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
system
Process ID 4
system idle process
Process ID 0
taskeng.exe
Process ID 2548
User Luis
Domain LUIS
Path C:\Windows\system32\taskeng.exe
Memory Usage 7.31 MB
Peak Memory Usage 7.39 MB
taskhost.exe
Process ID 2228
User Luis
Domain LUIS
Path C:\Windows\system32\taskhost.exe
Memory Usage 9.41 MB
Peak Memory Usage 9.43 MB
vprosvc.exe
Process ID 2376
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
Memory Usage 4.78 MB
Peak Memory Usage 37 MB
vprotray.exe
Process ID 4388
User Luis
Domain LUIS
Path C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
Memory Usage 24 MB
Peak Memory Usage 24 MB
wininit.exe
Process ID 828
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 4.92 MB
Peak Memory Usage 4.99 MB
winlogon.exe
Process ID 608
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 7.99 MB
Peak Memory Usage 9.20 MB
wlcomm.exe
Process ID 5660
User Luis
Domain LUIS
Path C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
Memory Usage 12 MB
Peak Memory Usage 14 MB
wlmail.exe
Process ID 5748
User Luis
Domain LUIS
Path C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
Memory Usage 74 MB
Peak Memory Usage 87 MB
wmiprvse.exe
Process ID 1576
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 9.43 MB
Peak Memory Usage 9.45 MB
wmiprvse.exe
Process ID 2276
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 7.07 MB
Peak Memory Usage 7.08 MB
wmpnetwk.exe
Process ID 4452
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 11 MB
Peak Memory Usage 28 MB
wuauclt.exe
Process ID 4608
User Luis
Domain LUIS
Path C:\Windows\system32\wuauclt.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
wudfhost.exe
Process ID 5032
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\WUDFHost.exe
Memory Usage 6.77 MB
Peak Memory Usage 6.78 MB
Hotfixes
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/29/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
System Folders
Path for burning CD C:\Users\Luis\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\Luis\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Luis\Desktop
Physical Desktop C:\Users\Luis\Desktop
User Favorites C:\Users\Luis\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\Luis\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\Luis\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\Luis\AppData\Local
Windows directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Power Button
Motherboard resources
System board
Intel® Core™ i7-2600 CPU @ 3.40GHz
Intel® Core™ i7-2600 CPU @ 3.40GHz
Intel® Core™ i7-2600 CPU @ 3.40GHz
Intel® Core™ i7-2600 CPU @ 3.40GHz
Intel® Core™ i7-2600 CPU @ 3.40GHz
Intel® Core™ i7-2600 CPU @ 3.40GHz
Intel® Core™ i7-2600 CPU @ 3.40GHz
Intel® Core™ i7-2600 CPU @ 3.40GHz
ACPI Fixed Feature Button
PCI bus
2nd generation Intel® Core™ processor family DRAM Controller - 0100
Intel® Management Engine Interface
Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 1 - 1C10
Intel® 6 Series/C200 Series Chipset Family SMBus Controller - 1C22
System board
System board
Motherboard resources
High precision event timer
2nd generation Intel® Core™ processor family PCI Express Controller - 0101
AMD Radeon HD 6800 Series
ViewSonic VP2130 SERIES
Generic PnP Monitor
High Definition Audio Controller
AMD High Definition Audio Device
Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
USB Root Hub
Generic USB Hub
Generic USB Hub
USB Input Device
HID Keyboard Device
USB Input Device
HID-compliant mouse
HID-compliant consumer control device
HID-compliant device
HID-compliant device
HID-compliant device
HID-compliant device
High Definition Audio Controller
Realtek High Definition Audio
Intel® Display Audio
Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 2 - 1C12
Renesas Electronics USB 3.0 Host Controller
Renesas Electronics USB 3.0 Root Hub
Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 4 - 1C16
Broadcom NetLink ™ Gigabit Ethernet
Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 5 - 1C18
Hauppauge WinTV HVR-1250 (Model 79xxx, Hybrid ATSC/QAM)
Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
USB Root Hub
Generic USB Hub
Generic USB Hub
USB Input Device
CyberPower Battery Backup
USB Mass Storage Device
Generic- SD/MMC USB Device
Generic- Compact Flash USB Device
Generic- SM/xD-Picture USB Device
Generic- MS/MS-Pro USB Device
Intel® H67 Express Chipset Family LPC Interface Controller - 1C4A
Motherboard resources
Programmable interrupt controller
Direct memory access controller
System timer
System CMOS/real time clock
System speaker
Motherboard resources
Numeric data processor
Intel® 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C02
ATA Channel 3
ATA Channel 4
ATA Channel 0
ST31000524AS ATA Device
ATA Channel 1
ST31000524AS ATA Device
ATA Channel 2
PLDS DVD+-RW DH-16ABS ATA Device
Services
Running Acronis Nonstop Backup service
Running Acronis Scheduler2 Service
Running Adobe Acrobat Update Service
Running Amazon Unbox Video Service
Running AMD External Events Utility
Running Application Experience
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bluetooth Support Service
Running Choice Mail
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running EPSON V3 Service4(01)
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running HomeGroup Listener
Running HomeGroup Provider
Running Human Interface Device Access
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running Multimedia Class Scheduler
Running Nero BackItUp Scheduler 3
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Norton Ghost
Running Norton Internet Security
Running Peer Name Resolution Protocol
Running Peer Networking Grouping
Running Peer Networking Identity Manager
Running Plug and Play
Running Portable Device Enumerator Service
Running Power
Running PowerPanel Personal Edition Service
Running Print Spooler
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Splashtop Software Updater Service
Running Splashtop® Remote Service
Running SSDP Discovery
Running Superfetch
Running SymSnapService
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running UPnP Device Host
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Connect Now - Config Registrar
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows installer
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Search
Running Windows Update
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Application Identity
Stopped Application Information
Stopped Application Layer Gateway Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Credential Manager
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Extensible Authentication Protocol
Stopped Fax
Stopped GenericMount Helper Service
Stopped Health Key and Certificate Management
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped LiveUpdate
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped NMIndexingService
Stopped Parental Controls
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Program Compatibility Assistant Service
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Roxio Hard Drive Watcher 12
Stopped RoxMediaDB12OEM
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped stllssvr
Stopped Symantec SymSnap VSS Provider
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Defender
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WLAN AutoConfig
Stopped WMI Performance Adapter
Stopped WWAN AutoConfig
CPU
Intel Core i7 2600
Cores 4
Threads 8
Name Intel Core i7 2600
Code Name Sandy Bridge
Package Socket 1155 LGA
Technology 32nm
Specification Intel® Core™ i7-2600 CPU @ 3.40GHz
Family 6
Extended Family 6
Model A
Extended Model 2A
Stepping 7
Revision D2
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, Intel 64
Virtualization Supported, Enabled
Hyperthreading Supported, Enabled
Fan Speed 906 RPM
Bus Speed 99.8 MHz
Stock Core Speed 3400 MHz
Stock Bus Speed 100 MHz
Average Temperature 34 °C
Caches
L1 Data Cache Size 4 x 32 KBytes
L1 Instructions Cache Size 4 x 32 KBytes
L2 Unified Cache Size 4 x 256 KBytes
L3 Unified Cache Size 8192 KBytes
Core 0
Core Speed 1596.6 MHz
Multiplier x 16.0
Bus Speed 99.8 MHz
Temperature 35 °C
Thread 1
APIC ID 0
Thread 2
APIC ID 1
Core 1
Core Speed 1596.6 MHz
Multiplier x 16.0
Bus Speed 99.8 MHz
Temperature 29 °C
Thread 1
APIC ID 2
Thread 2
APIC ID 3
Core 2
Core Speed 1596.6 MHz
Multiplier x 16.0
Bus Speed 99.8 MHz
Temperature 35 °C
Thread 1
APIC ID 4
Thread 2
APIC ID 5
Core 3
Core Speed 1596.6 MHz
Multiplier x 16.0
Bus Speed 99.8 MHz
Temperature 37 °C
Thread 1
APIC ID 6
Thread 2
APIC ID 7
RAM
Memory slots
Total memory slots 4
Used memory slots 4
Free memory slots 0
Memory
Type DDR3
Size 12288 MBytes
Channels # Dual
DRAM Frequency 665.3 MHz
CAS# Latency (CL) 9 clocks
RAS# to CAS# Delay (tRCD) 9 clocks
RAS# Precharge (tRP) 9 clocks
Cycle Time (tRAS) 24 clocks
Command Rate (CR) 2T
Physical Memory
Memory Usage 19 %
Total Physical 12 GB
Available Physical 9.68 GB
Total Virtual 41 GB
Available Virtual 39 GB
SPD
Number Of SPD Modules 4
Slot #1
Type DDR3
Size 2048 MBytes
Manufacturer Nanya Technology
Max Bandwidth PC3-10700 (667 MHz)
Part Number NT2GC64B88B0NF-CG
Serial Number 1B02D815
Week/year 30 / 11
SPD Ext. EPP
JEDEC #4
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
Slot #2
Type DDR3
Size 4096 MBytes
Manufacturer Samsung
Max Bandwidth PC3-10700 (667 MHz)
Part Number M378B5273CH0-CH9
Serial Number 65101B93
Week/year 03 / 11
SPD Ext. EPP
JEDEC #4
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
Slot #3
Type DDR3
Size 2048 MBytes
Manufacturer Nanya Technology
Max Bandwidth PC3-10700 (667 MHz)
Part Number NT2GC64B88B0NF-CG
Serial Number 8752D81E
Week/year 30 / 11
SPD Ext. EPP
JEDEC #4
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
Slot #4
Type DDR3
Size 4096 MBytes
Manufacturer Samsung
Max Bandwidth PC3-10700 (667 MHz)
Part Number M378B5273CH0-CH9
Serial Number 65101ACA
Week/year 03 / 11
SPD Ext. EPP
JEDEC #4
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
Motherboard
Manufacturer Dell Inc.
Model 0Y2MRG (CPU 1)
Chipset Vendor Intel
Chipset Model Sandy Bridge
Chipset Revision 09
Southbridge Vendor Intel
Southbridge Model H67
Southbridge Revision B3
System Temperature 32 °C
BIOS
Brand Dell Inc.
Version A04
Date 06/20/2011
Voltage
CPU CORE 0.912 V
MEMORY CONTROLLER 1.500 V
+3.3V 2.748 V
+5V 2.762 V
+12V 10.896 V
-12V -8.880 V
-5V -8.880 V
+5V HIGH THRESHOLD 2.782 V
CMOS BATTERY 1.572 V
PCI Data
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Bus Width Unknown
Slot Designation PCIE1
Slot Number 0
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE2
Slot Number 1
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Bus Width Unknown
Slot Designation PCIE3
Slot Number 2
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Bus Width Unknown
Slot Designation PCIE4
Slot Number 3
Graphics
Monitor
Name WESTINGHOUSE on AMD Radeon HD 6800 Series
Current Resolution 1152x648 pixels
Work Resolution 1152x648 pixels
State enabled, output devices support
Monitor Width 1152
Monitor Height 648
Monitor BPP 32 bits per pixel
Monitor Frequency 59 Hz
Device \\.\DISPLAY1\Monitor0
Name VP2130 SERIES on AMD Radeon HD 6800 Series
Current Resolution 1024x768 pixels
Work Resolution 1024x738 pixels
State enabled, primary, output devices support
Monitor Width 1024
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 75 Hz
Device \\.\DISPLAY2\Monitor0
AMD Radeon HD 6800 Series
GPU Barts
Device ID 1002-6738
Subvendor ATI (1002)
Current Performance Level Level 1
Voltage 0.950 V
Technology 41 nm
Die Size 40 nm˛
Release Date Oct 22, 2010
DirectX Support 11.0
OpenGL Support 5.0
Bios Core Clock 100.00
Bios Mem Clock 150.00
Temperature 53 °C
Core Voltage 0.950 V
BIOS Version 113-C2220100-106
ROPs 32
Shaders 1120 unified
Memory Type GDDR5
Bus Width 64x4 (256 bit)
Pixel Fillrate 9.6 GPixels/s
Texture Fillrate 0.0 GTexels/s
Bandwidth 134.4 GB/s
Noise Level Moderate
Max Power Draw 151 Watts
Count of performance levels : 1
Level 1
OpenGL
Version 4.1.11251 Compatibility Profile Context
Vendor ATI Technologies Inc.
Renderer AMD Radeon HD 6800 Series
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 8
GL_MAX_TEXTURE_SIZE 16384
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_AMDX_debug_output
GL_AMDX_vertex_shader_tessellator
GL_AMD_conservative_depth
GL_AMD_debug_output
GL_AMD_depth_clamp_separate
GL_AMD_draw_buffers_blend
GL_AMD_multi_draw_indirect
GL_AMD_name_gen_delete
GL_AMD_performance_monitor
GL_AMD_pinned_memory
GL_AMD_sample_positions
GL_AMD_seamless_cubemap_per_texture
GL_AMD_shader_stencil_export
GL_AMD_shader_trace
GL_AMD_texture_cube_map_array
GL_AMD_texture_texture4
GL_AMD_transform_feedback3_lines_triangles
GL_AMD_vertex_shader_tessellator
GL_ARB_ES2_compatibility
GL_ARB_blend_func_extended
GL_ARB_color_buffer_float
GL_ARB_compressed_texture_pixel_storage
GL_ARB_copy_buffer
GL_ARB_depth_buffer_float
GL_ARB_depth_clamp
GL_ARB_depth_texture
GL_ARB_draw_buffers
GL_ARB_draw_buffers_blend
GL_ARB_draw_elements_base_vertex
GL_ARB_draw_indirect
GL_ARB_draw_instanced
GL_ARB_explicit_attrib_location
GL_ARB_fragment_coord_conventions
GL_ARB_fragment_program
GL_ARB_fragment_program_shadow
GL_ARB_fragment_shader
GL_ARB_framebuffer_object
GL_ARB_framebuffer_sRGB
GL_ARB_geometry_shader4
GL_ARB_get_program_binary
GL_ARB_gpu_shader5
GL_ARB_gpu_shader_fp64
GL_ARB_half_float_pixel
GL_ARB_half_float_vertex
GL_ARB_imaging
GL_ARB_instanced_arrays
GL_ARB_map_buffer_range
GL_ARB_multisample
GL_ARB_multitexture
GL_ARB_occlusion_query
GL_ARB_occlusion_query2
GL_ARB_pixel_buffer_object
GL_ARB_point_parameters
GL_ARB_point_sprite
GL_ARB_provoking_vertex
GL_ARB_sample_shading
GL_ARB_sampler_objects
GL_ARB_seamless_cube_map
GL_ARB_separate_shader_objects
GL_ARB_shader_bit_encoding
GL_ARB_shader_objects
GL_ARB_shader_precision
GL_ARB_shader_stencil_export
GL_ARB_shader_subroutine
GL_ARB_shader_texture_lod
GL_ARB_shading_language_100
GL_ARB_shadow
GL_ARB_shadow_ambient
GL_ARB_sync
GL_ARB_tessellation_shader
GL_ARB_texture_border_clamp
GL_ARB_texture_buffer_object
GL_ARB_texture_buffer_object_rgb32
GL_ARB_texture_compression
GL_ARB_texture_compression_bptc
GL_ARB_texture_compression_rgtc
GL_ARB_texture_cube_map
GL_ARB_texture_cube_map_array
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_crossbar
GL_ARB_texture_env_dot3
GL_ARB_texture_float
GL_ARB_texture_gather
GL_ARB_texture_mirrored_repeat
GL_ARB_texture_multisample
GL_ARB_texture_non_power_of_two
GL_ARB_texture_query_lod
GL_ARB_texture_rectangle
GL_ARB_texture_rg
GL_ARB_texture_rgb10_a2ui
GL_ARB_texture_snorm
GL_ARB_timer_query
GL_ARB_transform_feedback2
GL_ARB_transform_feedback3
GL_ARB_transpose_matrix
GL_ARB_uniform_buffer_object
GL_ARB_vertex_array_bgra
GL_ARB_vertex_array_object
GL_ARB_vertex_attrib_64bit
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_vertex_shader
GL_ARB_vertex_type_2_10_10_10_rev
GL_ARB_viewport_array
GL_ARB_window_pos
GL_ATI_draw_buffers
GL_ATI_envmap_bumpmap
GL_ATI_fragment_shader
GL_ATI_meminfo
GL_ATI_separate_stencil
GL_ATI_texture_compression_3dc
GL_ATI_texture_env_combine3
GL_ATI_texture_float
GL_ATI_texture_mirror_once
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_bindable_uniform
GL_EXT_blend_color
GL_EXT_blend_equation_separate
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_compiled_vertex_array
GL_EXT_copy_buffer
GL_EXT_copy_texture
GL_EXT_direct_state_access
GL_EXT_draw_buffers2
GL_EXT_draw_instanced
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_framebuffer_blit
GL_EXT_framebuffer_multisample
GL_EXT_framebuffer_object
GL_EXT_framebuffer_sRGB
GL_EXT_geometry_shader4
GL_EXT_gpu_program_parameters
GL_EXT_gpu_shader4
GL_EXT_histogram
GL_EXT_multi_draw_arrays
GL_EXT_packed_depth_stencil
GL_EXT_packed_float
GL_EXT_packed_pixels
GL_EXT_pixel_buffer_object
GL_EXT_point_parameters
GL_EXT_provoking_vertex
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_specular_color
GL_EXT_shader_image_load_store
GL_EXT_shadow_funcs
GL_EXT_stencil_wrap
GL_EXT_subtexture
GL_EXT_texgen_reflection
GL_EXT_texture3D
GL_EXT_texture_array
GL_EXT_texture_buffer_object
GL_EXT_texture_compression_bptc
GL_EXT_texture_compression_latc
GL_EXT_texture_compression_rgtc
GL_EXT_texture_compression_s3tc
GL_EXT_texture_cube_map
GL_EXT_texture_edge_clamp
GL_EXT_texture_env_add
GL_EXT_texture_env_combine
GL_EXT_texture_env_dot3
GL_EXT_texture_filter_anisotropic
GL_EXT_texture_integer
GL_EXT_texture_lod
GL_EXT_texture_lod_bias
GL_EXT_texture_mirror_clamp
GL_EXT_texture_object
GL_EXT_texture_rectangle
GL_EXT_texture_sRGB
GL_EXT_texture_shared_exponent
GL_EXT_texture_snorm
GL_EXT_texture_swizzle
GL_EXT_timer_query
GL_EXT_transform_feedback
GL_EXT_vertex_array
GL_EXT_vertex_array_bgra
GL_EXT_vertex_attrib_64bit
GL_IBM_texture_mirrored_repeat
GL_KTX_buffer_region
GL_NV_blend_square
GL_NV_conditional_render
GL_NV_copy_depth_to_color
GL_NV_explicit_multisample
GL_NV_float_buffer
GL_NV_half_float
GL_NV_primitive_restart
GL_NV_texgen_reflection
GL_NV_texture_barrier
GL_SGIS_generate_mipmap
GL_SGIS_texture_edge_clamp
GL_SGIS_texture_lod
GL_SUN_multi_draw_arrays
GL_WIN_swap_hint
WGL_EXT_swap_control
GLU Extensions
GL_EXT_bgra
Hard Drives
ST31000524AS ATA Device
Manufacturer Seagate
Form Factor 3.5"
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
LBA Size 48-bit LBA
Power On Count 42 times
Power On Time 3.0 days
Speed, Expressed in Revolutions Per Minute (rpm) 7200
Features S.M.A.R.T., AAM, NCQ
Transfer Mode SATA III
Interface SATA
Capacity 977GB
Real size 1,000,204,886,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 119 (099 worst) Data 000D2F2654
03 Spin-Up Time 100 (100) Data 0000000000
04 Start/Stop Count 100 (100) Data 0000000072
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 100 (253) Data 0000096EF2
09 Power-On Hours (POH) 100 (100) Data 0000000049
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 000000002A
B7 SATA Downshift Error Count 100 (100) Data 0000000000
B8 End-to-End error / IOEDC 100 (100) Data 0000000000
BB Reported Uncorrectable Errors 100 (100) Data 0000000000
BC Command Timeout 100 (099) Data 0000010002
BD High Fly Writes (WDC) 100 (100) Data 0000000000
BE Temperature Difference from 100 071 (062) Data 002417001D
C2 Temperature 029 (040) Data 000000001D
C3 Hardware ECC Recovered 042 (033) Data 000D2F2654
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
F0 Head Flying Hours 100 (253) Data 00000000FA
F1 Total LBAs Written 100 (253) Data 0084218ABA
F2 Total LBAs Read 100 (253) Data 00D6C16BD0
Temperature 29 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Disk Letter F:
File System NTFS
Volume Serial Number 2289295E
Size 918GB
Used Space 708GB (78%)
Free Space 210GB (22%)
Partition 1
Partition ID Disk #0, Partition #1
Size 13.6 GB
ST31000524AS ATA Device
Manufacturer Seagate
Form Factor 3.5"
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
LBA Size 48-bit LBA
Power On Count 42 times
Power On Time 7.4 days
Speed, Expressed in Revolutions Per Minute (rpm) 7200
Features S.M.A.R.T., AAM, NCQ
Transfer Mode SATA III
Interface SATA
Capacity 977GB
Real size 1,000,204,886,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 116 (100 worst) Data 0006F7F350
03 Spin-Up Time 100 (100) Data 0000000000
04 Start/Stop Count 100 (100) Data 000000002C
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 069 (060) Data 00007B8C45
09 Power-On Hours (POH) 100 (100) Data 00000000B2
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 000000002A
B7 SATA Downshift Error Count 100 (100) Data 0000000000
B8 End-to-End error / IOEDC 100 (100) Data 0000000000
BB Reported Uncorrectable Errors 100 (100) Data 0000000000
BC Command Timeout 100 (098) Data 0000000007
BD High Fly Writes (WDC) 100 (100) Data 0000000000
BE Temperature Difference from 100 068 (062) Data 0025170020
C2 Temperature 032 (040) Data 0000000020
C3 Hardware ECC Recovered 046 (033) Data 0006F7F350
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
F0 Head Flying Hours 100 (253) Data 0000000139
F1 Total LBAs Written 100 (253) Data 009274E7AE
F2 Total LBAs Read 100 (253) Data 00AEF39D18
Temperature 32 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #1, Partition #0
Disk Letter C:
File System NTFS
Volume Serial Number 3C684F74
Size 918GB
Used Space 378GB (42%)
Free Space 540GB (58%)
Partition 1
Partition ID Disk #1, Partition #1
Size 13.6 GB
Partition 2
Partition ID Disk #1, Partition #2
Size 1.70 MB
Optical Drives
PLDS DVD+-RW DH-16ABS ATA Device
Media Type DVD Writer
Name PLDS DVD+-RW DH-16ABS ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 2
SCSI Logical Unit 0
SCSI Port 2
SCSI Target Id 0
Status OK
Audio
Sound Cards
AMD High Definition Audio Device
Realtek High Definition Audio
Intel® Display Audio
Playback Devices
Speakers (Realtek High Definition Audio) (default)
Realtek Digital Output (Realtek High Definition Audio)
Peripherals
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC-
Comment Generic- MS/MS-Pro USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC-
Comment Generic- SD/MMC USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC-
Comment Generic- SM/xD-Picture USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC-
Comment Generic- Compact Flash USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Printers
EPSON Stylus CX3800 Series (Default Printer)
Share Name EPSON Stylus CX3800 Series
Printer Port USB001
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 360 * 360 dpi Color
Status Unknown
Driver
Driver Name EPSON Stylus CX3800 Series (v5.10)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\E_IMAI1ACA.DLL
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Broadcom NetLink ™ Gigabit Ethernet
IP Address 192.168.1.15
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 71.246.106.226
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name LUIS
DNS Name Luis
Domain Name LUIS
Remote Desktop
Console
State Active
Domain LUIS
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
Media Sharing Enabled
Adapters List
Broadcom NetLink ™ Gigabit Ethernet
IP Address 192.168.1.15
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
Users C:\Users
EPSON Stylus CX3800 Series EPSON Stylus CX3800 Series,LocalsplOnly
Current TCP Connections
ADVWindowsClientService.exe (3160)
Local 192.168.1.15:49168 ESTABLISHED Remote 207.171.166.99:80 (Querying... ) (HTTP)
C:\Program Files (x86)\Internet Explorer\iexplore.exe (1324)
Local 192.168.1.15:52010 ESTABLISHED Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 192.168.1.15:52012 ESTABLISHED Remote 74.52.165.218:80 (Querying... ) (HTTP)
Local 192.168.1.15:51981 ESTABLISHED Remote 74.125.226.238:80 (Querying... ) (HTTP)
Local 192.168.1.15:51988 ESTABLISHED Remote 74.125.226.218:80 (Querying... ) (HTTP)
Local 192.168.1.15:51990 ESTABLISHED Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 192.168.1.15:51982 ESTABLISHED Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 192.168.1.15:51992 ESTABLISHED Remote 74.125.226.218:80 (Querying... ) (HTTP)
Local 192.168.1.15:51999 ESTABLISHED Remote 23.15.7.51:80 (Querying... ) (HTTP)
Local 192.168.1.15:51978 ESTABLISHED Remote 184.27.60.20:80 (Querying... ) (HTTP)
Local 192.168.1.15:52009 ESTABLISHED Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 192.168.1.15:52001 ESTABLISHED Remote 184.27.53.115:80 (Querying... ) (HTTP)
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (3844)
Local 127.0.0.1:49166 LISTEN
Local [00:00:00:00:00:00:00:01]:49167 LISTEN
CMServer.exe (1868)
Local 0.0.0.0:25 (AMTP) LISTEN
Local 0.0.0.0:8090 LISTEN
Local 0.0.0.0:110 LISTEN
System Process
Local 127.0.0.1:5357 TIME-WAIT Remote 127.0.0.1:51949 (Querying... )
Local 192.168.1.15:51986 TIME-WAIT Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 192.168.1.15:51987 TIME-WAIT Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 192.168.1.15:51991 TIME-WAIT Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 127.0.0.1:52032 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 192.168.1.15:52028 TIME-WAIT Remote 206.46.232.10:110 (Querying... )
Local 192.168.1.15:52019 TIME-WAIT Remote 206.46.232.10:110 (Querying... )
Local 127.0.0.1:52031 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 192.168.1.15:52020 TIME-WAIT Remote 206.46.232.10:110 (Querying... )
Local 192.168.1.15:52022 TIME-WAIT Remote 206.46.232.10:110 (Querying... )
Local 192.168.1.15:52023 TIME-WAIT Remote 206.46.232.10:110 (Querying... )
Local 127.0.0.1:110 TIME-WAIT Remote 127.0.0.1:51970 (Querying... )
Local 127.0.0.1:52021 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 192.168.1.15:52025 TIME-WAIT Remote 206.46.232.10:110 (Querying... )
Local 192.168.1.15:52026 TIME-WAIT Remote 206.46.232.10:110 (Querying... )
Local 127.0.0.1:52030 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:110 TIME-WAIT Remote 127.0.0.1:51957 (Querying... )
Local 127.0.0.1:110 TIME-WAIT Remote 127.0.0.1:51959 (Querying... )
Local 127.0.0.1:110 TIME-WAIT Remote 127.0.0.1:51961 (Querying... )
Local 127.0.0.1:110 TIME-WAIT Remote 127.0.0.1:51963 (Querying... )
Local 127.0.0.1:110 TIME-WAIT Remote 127.0.0.1:51965 (Querying... )
Local 127.0.0.1:110 TIME-WAIT Remote 127.0.0.1:51967 (Querying... )
Local 192.168.1.15:52027 TIME-WAIT Remote 206.46.232.10:110 (Querying... )
Local 127.0.0.1:110 TIME-WAIT Remote 127.0.0.1:51972 (Querying... )
Local 127.0.0.1:52029 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:5357 TIME-WAIT Remote 127.0.0.1:52016 (Querying... )
Local 127.0.0.1:52024 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51950 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51951 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51952 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51953 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51954 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51955 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51956 TIME-WAIT Remote 127.0.0.1:49166 (Querying... )
Local 127.0.0.1:51958 TIME-WAIT Remote 127.0.0.1:49166 (Querying... )
Local 127.0.0.1:51960 TIME-WAIT Remote 127.0.0.1:49166 (Querying... )
Local 127.0.0.1:51962 TIME-WAIT Remote 127.0.0.1:49166 (Querying... )
Local 127.0.0.1:51964 TIME-WAIT Remote 127.0.0.1:49166 (Querying... )
Local 127.0.0.1:51966 TIME-WAIT Remote 127.0.0.1:49166 (Querying... )
Local 127.0.0.1:51968 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51969 TIME-WAIT Remote 127.0.0.1:49166 (Querying... )
Local 127.0.0.1:51971 TIME-WAIT Remote 127.0.0.1:49166 (Querying... )
Local 127.0.0.1:51973 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51974 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:51979 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:52003 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:52006 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:52014 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:52015 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:52017 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 127.0.0.1:52018 TIME-WAIT Remote 127.0.0.1:8090 (Querying... )
Local 192.168.1.15:51976 TIME-WAIT Remote 143.127.102.125:80 (Querying... ) (HTTP)
Local 192.168.1.15:51983 TIME-WAIT Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 192.168.1.15:51984 TIME-WAIT Remote 205.251.251.18:80 (Querying... ) (HTTP)
Local 192.168.1.15:51985 TIME-WAIT Remote 205.251.251.18:80 (Querying... ) (HTTP)
System Process
Local 192.168.1.15:139 (NetBIOS session service) LISTEN
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:2869 LISTEN
Local 0.0.0.0:5357 LISTEN
Local 0.0.0.0:10243 LISTEN
Local [00:00:00:00:00:00:00:01]:2869 ESTABLISHED Remote [00:00:00:00:00:00:00:01]:52013 (Querying... )
Local [00:00:00:00:00:00:00:00]:445 LISTEN
Local [00:00:00:00:00:00:00:00]:2869 LISTEN
Local [00:00:00:00:00:00:00:00]:5357 LISTEN
Local [00:00:00:00:00:00:00:00]:10243 LISTEN
lsass.exe (684)
Local 0.0.0.0:49156 LISTEN
Local [00:00:00:00:00:00:00:00]:49156 LISTEN
services.exe (768)
Local 0.0.0.0:49160 LISTEN
Local [00:00:00:00:00:00:00:00]:49160 LISTEN
spoolsv.exe (1688)
Local 0.0.0.0:49155 LISTEN
Local [00:00:00:00:00:00:00:00]:49155 LISTEN
svchost.exe (1116)
Local 0.0.0.0:135 (DCE) LISTEN
Local [00:00:00:00:00:00:00:00]:135 LISTEN
svchost.exe (1248)
Local 0.0.0.0:49153 LISTEN
Local [00:00:00:00:00:00:00:00]:49153 LISTEN
svchost.exe (1308)
Local 0.0.0.0:49154 LISTEN
Local [00:00:00:00:00:00:00:00]:49154 LISTEN
svchost.exe (1452)
Local [00:00:00:00:00:00:00:01]:52013 ESTABLISHED Remote [00:00:00:00:00:00:00:01]:2869 (Querying... )
svchost.exe (3764)
Local [00:00:00:00:00:00:00:00]:3587 LISTEN
svchost.exe (4852)
Local 0.0.0.0:49173 LISTEN
Local [00:00:00:00:00:00:00:00]:49173 LISTEN
wininit.exe (828)
Local 0.0.0.0:49152 LISTEN
Local [00:00:00:00:00:00:00:00]:49152 LISTEN
wmpnetwk.exe (4452)
Local 0.0.0.0:554 LISTEN
Local [00:00:00:00:00:00:00:00]:554 LISTEN
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Looks pretty good. How is it running now? IF slow, tell me when it is slow: bootup to login in, login to desktop, starting the browser (which one), going from one site to the next.

Ron
  • 0

#13
louuu

louuu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 223 posts
the only problem im continuing to have is the one i listed after i said boot.tidserv finally stopped. i just rebooted and its still a problem. ive attached a jpg pic of what im seeing so you can see how the same update seems to be installing, but upon reboot it tries to do the same install all over again. the problem is copied/pasted below from my earlier post. thanks and ill wait for your reply.

ps - you had asked me how its running now, slow etc... it has never actually been slow. its always ran well. the problem was just boot.tidserv. now after boot.tidserv is gone, this windows install error has shown up. thats why i was wondering if something we did to fix boot.tidserve might of done something to my system that is related to this new problem that just happened to arrive as boot.tidserv left. thanks again.

copy/paste below

but in the meantime windows tried to install one single update called "Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)". it wouldnt install so i researched it online and when it asked where to find vc_red.msi i hit browse and typee in vc_red.msi in the search box and it found it in some weirdly created folder under my C drive. it was something like this "c:\430325ff2b5edd0180c9e681\". it installed and i rebooted. upon reboot it said it didnt install correctly and tried to do the whole procedure again. i did this about 5 times and rebooted 5 times and the problem is still there. did all of the work we did trying to remove boot.tidserv somehow cause something to go wrong with this problem?

Attached Thumbnails

  • pic.JPG

Edited by louuu, 28 November 2011 - 11:43 PM.

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Try the windows update troubleshooter:

http://windows.micro...-troubleshooter
  • 0

#15
louuu

louuu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 223 posts
UNBELIEVABLE! boot.tidserv is back. after i ran the windows update troubleshooter, it said it fixed a few files. so i tried installing that update again and rebooted. well the update still doesnt work, but norton found and quarantined again boot.tidserv. i even tried rebooting a 2nd time and norton still found it again. i dont understand how this has come back after not being present for the last 10 bootups. should i re-do the avptool section that you had me do which seemed to get rid of it before? ill wait for your reply, thanks and sorry this boot.tidserv is causing so much trouble.

Edited by louuu, 29 November 2011 - 12:07 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP