[ajrelic8]

Hi, so my sister called me and said her computer has Vista 2012 virus. Can you please help me while I have her computer to fix the issue. When I try to open firefox or explorer, ask me what program I want to open with. Thanks so much for the help!

[Advertisements]

Start off with steps 1 thru 5 of

http://www.bleepingc...t-security-2012

That should get it so you can run OTL:
Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)




1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron

[RKinner]

Start off with steps 1 thru 5 of

http://www.bleepingc...t-security-2012

That should get it so you can run OTL:
Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)




1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron

[ajrelic8]

Sorry took me so long. Wasn't able to originally log onto computer. Here is OTL and OTL Extras

OTL logfile created on: 1/15/2012 5:14:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Lance\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.27 Mb Total Physical Memory | 96.21 Mb Available Physical Memory | 10.77% Memory free
2.00 Gb Paging File | 1.02 Gb Available in Paging File | 50.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.48 Gb Total Space | 65.37 Gb Free Space | 47.90% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.72 Gb Free Space | 57.25% Space Free | Partition Type: NTFS

Computer Name: LANCE-PC | User Name: Lance | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/15 17:14:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Lance\Desktop\OTL.exe
PRC - [2011/08/03 23:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccsvchst.exe
PRC - [2011/02/28 16:30:56 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/13 17:32:40 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 02:33:23 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
PRC - [2007/09/07 13:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/07 13:23:36 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/08/29 16:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/08/29 00:54:58 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/04/16 17:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/13 02:56:19 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011/10/13 02:52:53 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0590aa321a088ca816532b1578f47d9a\System.Web.ni.dll
MOD - [2011/10/13 02:52:41 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6d2f689baff5da3df134fdec0742a13c\System.Runtime.Remoting.ni.dll
MOD - [2011/10/13 02:50:23 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/13 02:49:40 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/13 02:49:22 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/13 02:47:27 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/13 02:47:06 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/02/28 16:30:56 | 001,017,304 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2007/11/29 04:30:17 | 000,233,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2758.38883__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2007/11/29 04:30:17 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2758.38936__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2007/11/29 04:30:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2758.38916__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2007/11/29 04:30:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2758.38935__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2007/11/29 04:30:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2758.38902__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2007/11/29 04:30:16 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2758.38924__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2007/11/29 04:30:16 | 000,688,128 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2758.39110__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2007/11/29 04:30:16 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2758.39136__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2007/11/29 04:30:16 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2758.39128__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2007/11/29 04:30:16 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2758.39089__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2007/11/29 04:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2758.39029__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2007/11/29 04:30:15 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2758.39163__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2007/11/29 04:29:52 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2758.38896__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:51 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2758.39097__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:51 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2758.39157__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:51 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2758.39171__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:51 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2758.39102__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2007/11/29 04:29:51 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2758.39096__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2007/11/29 04:29:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2758.39157__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2007/11/29 04:29:50 | 000,913,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2758.39130__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:50 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2758.39037__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:50 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2758.38949__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:50 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2758.38903__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:50 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2758.39116__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2007/11/29 04:29:50 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2758.39076__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:50 | 000,319,488 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2758.39023__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:50 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2758.38955__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2007/11/29 04:29:50 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2758.38943__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:50 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2758.39056__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:50 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2758.39035__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2007/11/29 04:29:50 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2758.38954__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2007/11/29 04:29:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2758.39056__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2007/11/29 04:29:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2758.39076__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2007/11/29 04:29:49 | 000,651,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2758.39091__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:49 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2758.39030__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2007/11/29 04:29:49 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2758.39029__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2007/11/29 04:29:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2758.39035__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2007/11/29 04:29:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2636.18437__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2007/11/29 04:29:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2636.18458__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2007/11/29 04:29:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2636.18458__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2007/11/29 04:29:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2636.18438__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2007/11/29 04:29:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2636.18457__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2636.18430__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2007/11/29 04:29:48 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2636.18438__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2636.18451__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2007/11/29 04:29:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2636.18459__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2636.18428__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2007/11/29 04:29:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2636.18485__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2007/11/29 04:29:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2636.18430__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2007/11/29 04:29:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2636.18459__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2636.18442__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2007/11/29 04:29:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2636.18438__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2636.18435__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2636.18438__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2007/11/29 04:29:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2636.18443__90ba9c70f846762e\DEM.OS.dll
MOD - [2007/11/29 04:29:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2636.18441__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2007/11/29 04:29:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2007/11/29 04:29:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2636.18441__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2007/11/29 04:29:48 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2007/11/29 04:29:47 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2642.27815__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2636.18443__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2636.18451__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2636.18443__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2636.18450__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2636.18440__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2636.18440__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2636.18451__90ba9c70f846762e\APM.Foundation.dll
MOD - [2007/11/29 04:29:47 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2636.18429__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2007/11/29 04:29:47 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2007/11/29 04:29:47 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2636.18437__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2007/11/29 04:29:40 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2758.39193__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2007/11/29 04:29:39 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2758.39150__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2007/11/29 04:29:39 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2758.39148__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2007/11/29 04:29:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2636.18435__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2007/11/29 04:29:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2636.18440__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2007/11/29 04:29:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2636.18433__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2007/11/29 04:29:39 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2758.38880__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2007/11/29 04:29:38 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2758.38911__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2007/11/29 04:29:38 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2758.38882__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2007/11/29 04:29:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2636.18439__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2007/11/29 04:29:38 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2636.18458__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2007/11/29 04:29:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2636.18439__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2007/11/29 04:29:37 | 001,404,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2758.38892__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2007/11/29 04:29:37 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2758.38882__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2007/11/29 04:29:37 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2758.38880__90ba9c70f846762e\AEM.Server.dll
MOD - [2007/11/29 04:29:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2007/11/29 04:29:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2758.39149__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2007/11/29 04:29:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2007/11/29 04:29:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2636.18452__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2007/08/14 03:40:54 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/03 23:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/07 13:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/08/29 16:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/03/19 13:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2011/11/14 14:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111123.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 03:34:21 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/08/21 21:53:36 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0404000.00C\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/08/21 21:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0404000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2011/08/17 20:33:36 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111207.001\IDSvix86.sys -- (IDSVix86)
DRV - [2011/08/03 23:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0404000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010/06/23 22:04:25 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\N360\0404000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0404000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0404000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0404000.00C\SYMDS.SYS -- (SymDS)
DRV - [2007/10/10 16:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/07 13:26:04 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/08/29 00:55:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/08/14 03:40:52 | 002,593,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/08/14 03:40:52 | 002,593,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/02/25 13:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/21 07:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 03:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 22:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 20:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/10/30 11:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/05 18:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/11/10 13:54:56 | 000,402,944 | ---- | M] (Belkin Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Lance\Desktop\AV\RK
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2012/01/15 19:48:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/01/15 19:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/10/21 22:01:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/02/28 16:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/26 23:26:53 | 000,000,000 | ---D | M]

[2010/06/23 22:25:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lance\AppData\Roaming\Mozilla\Extensions
[2009/02/05 17:18:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lance\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/01/15 17:08:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lance\AppData\Roaming\Mozilla\Firefox\Profiles\1p4nb2bw.default\extensions
[2010/06/23 22:36:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lance\AppData\Roaming\Mozilla\Firefox\Profiles\1p4nb2bw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/01/14 21:38:00 | 000,002,468 | ---- | M] () -- C:\Users\Lance\AppData\Roaming\Mozilla\Firefox\Profiles\1p4nb2bw.default\searchplugins\safesearch.xml
[2012/01/14 20:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/23 23:11:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/20 16:36:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/21 21:57:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/29 00:22:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/17 03:25:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/17 03:17:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/27 00:26:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/12/24 21:17:59 | 000,000,000 | ---D | M] (XFINITY Constant Guard Protection Suite) -- C:\PROGRAMDATA\WHITE SKY, INC\ID VAULT\XPCOM3
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0B54DA8-9246-4B0D-80F3-3F449062063D}: DhcpNameServer = 68.87.64.150 68.87.75.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8DB5A93-99D6-48F4-AC70-675B44CAE633}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Lance\Desktop\PICS\2005 gsxr\IMG_0589 ms fb.JPG
O24 - Desktop BackupWallPaper: C:\Users\Lance\Desktop\PICS\2005 gsxr\IMG_0589 ms fb.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2f0f5abd-9e5a-11dc-8b6b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2f0f5abd-9e5a-11dc-8b6b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Launch.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/15 17:12:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Lance\Desktop\OTL.exe
[2012/01/15 15:44:24 | 000,000,000 | ---D | C] -- C:\8242a3d2eb58a348e7a7cb
[2011/12/24 22:17:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite(16)
[2011/12/24 22:17:10 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Suite(7)
[2011/12/24 22:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller(8)
[2011/12/24 22:16:41 | 000,000,000 | ---D | C] -- C:\Users\Lance\Documents\Symantec
[2011/12/24 21:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2011/12/24 21:09:41 | 000,000,000 | ---D | C] -- C:\Users\Lance\AppData\Local\ID Vault
[2011/12/24 21:09:07 | 000,000,000 | ---D | C] -- C:\Users\Lance\AppData\Roaming\ID Vault
[2011/12/24 20:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Constant Guard Protection Suite
[2011/12/24 20:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\White Sky, Inc
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/15 18:01:02 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/01/15 17:14:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Lance\Desktop\OTL.exe
[2012/01/15 17:04:08 | 002,479,974 | ---- | M] () -- C:\Windows\System32\drivers\N360\0404000.00C\Cat.DB
[2012/01/15 16:52:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/15 16:52:14 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/15 16:51:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/15 16:51:31 | 937,431,040 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/06 02:21:57 | 000,001,356 | ---- | M] () -- C:\Users\Lance\AppData\Local\d3d9caps.dat
[2011/12/27 17:46:10 | 000,007,906 | -HS- | M] () -- C:\Users\Lance\AppData\Local\6wh86ot4081h4mq415l46044vfirj8586
[2011/12/27 17:46:10 | 000,007,906 | -HS- | M] () -- C:\ProgramData\6wh86ot4081h4mq415l46044vfirj8586
[2011/12/24 19:16:05 | 000,008,042 | -HS- | M] () -- C:\Users\Lance\AppData\Local\3m84be3o51a610
[2011/12/24 19:16:05 | 000,008,042 | -HS- | M] () -- C:\ProgramData\3m84be3o51a610
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/14 21:02:22 | 937,431,040 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/24 19:16:04 | 000,007,906 | -HS- | C] () -- C:\Users\Lance\AppData\Local\6wh86ot4081h4mq415l46044vfirj8586
[2011/12/24 19:16:04 | 000,007,906 | -HS- | C] () -- C:\ProgramData\6wh86ot4081h4mq415l46044vfirj8586
[2011/12/20 07:24:28 | 000,008,042 | -HS- | C] () -- C:\Users\Lance\AppData\Local\3m84be3o51a610
[2011/12/20 07:24:28 | 000,008,042 | -HS- | C] () -- C:\ProgramData\3m84be3o51a610
[2011/05/21 10:35:01 | 000,001,940 | ---- | C] () -- C:\Users\Lance\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2009/09/18 16:34:13 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/18 16:34:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/08/14 05:19:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/17 23:47:59 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/07/01 07:06:14 | 000,000,163 | ---- | C] () -- C:\Windows\QAWIN32.INI
[2008/06/30 18:36:37 | 000,000,304 | ---- | C] () -- C:\Windows\System32\Device_Manifest.ini
[2008/03/08 17:14:46 | 000,000,052 | ---- | C] () -- C:\Users\Lance\AppData\Roaming\favSellers.awt
[2008/03/05 10:08:37 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2008/02/20 22:42:21 | 000,022,110 | ---- | C] () -- C:\Users\Lance\AppData\Roaming\closedList.awt
[2008/02/20 22:42:21 | 000,000,005 | ---- | C] () -- C:\Users\Lance\AppData\Roaming\openList.awt
[2008/02/04 19:52:18 | 000,001,356 | ---- | C] () -- C:\Users\Lance\AppData\Local\d3d9caps.dat
[2008/01/04 16:39:51 | 000,000,784 | ---- | C] () -- C:\Users\Lance\AppData\Roaming\wklnhst.dat
[2007/12/31 23:22:17 | 000,187,392 | ---- | C] () -- C:\Users\Lance\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/29 12:02:58 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/11/29 12:02:58 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/11/29 12:02:58 | 000,145,050 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/11/29 12:02:56 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/11/29 12:02:44 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/11/29 04:37:23 | 000,000,080 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2007/11/29 04:24:45 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,320,392 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2005/07/12 14:44:42 | 000,015,872 | ---- | C] () -- C:\Windows\System32\InsDrvZD64.DLL
[2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\InsDrvZD.dll
[2003/03/14 12:24:00 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ZyDelReg.exe

< End of report >

OTL Extras logfile created on: 1/15/2012 5:14:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Lance\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.27 Mb Total Physical Memory | 96.21 Mb Available Physical Memory | 10.77% Memory free
2.00 Gb Paging File | 1.02 Gb Available in Paging File | 50.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.48 Gb Total Space | 65.37 Gb Free Space | 47.90% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.72 Gb Free Space | 57.25% Space Free | Partition Type: NTFS

Computer Name: LANCE-PC | User Name: Lance | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0925C9AA-C710-4034-8207-5095352D560B}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{0CC35465-DD97-4CC5-91AB-5FD19304836F}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{2B536F63-9204-4798-A16A-1A09C0AB0025}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{2B86C42C-8124-4D13-9F35-F6B36709F913}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4432F4FF-71A9-48DB-ABB0-63CF2689DA07}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{8E3D231B-976D-4D4F-B2EC-2A49A9A37BC9}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{A8EBCC97-989A-4A4D-97CB-256957EADA6C}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{EA4BD67D-2AA1-4524-8AAF-99C19B7BB337}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"TCP Query User{1BB3809A-0FE8-4B75-89C4-80EF0CF3BF5D}C:\program files\poker.com\client.exe" = protocol=6 | dir=in | app=c:\program files\poker.com\client.exe |
"TCP Query User{1C0C996F-B364-4B36-80C5-F20079E606C5}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{305615D3-1BC8-470C-BB40-BB212857B844}C:\program files\myspace\im\myspaceim.exe" = protocol=6 | dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"TCP Query User{6F8AED1D-EF6A-49DD-B29D-D8E5B285565B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{CEDAA2D4-9014-456C-AFC3-98A9020D58D8}C:\program files\carbonpoker\client.exe" = protocol=6 | dir=in | app=c:\program files\carbonpoker\client.exe |
"TCP Query User{DDF99CE3-807B-4569-801D-9BCDAFCDC495}C:\program files\myspace\im\myspaceim.exe" = protocol=6 | dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"UDP Query User{0CA6B1CE-104F-4AA9-B5C7-CBBFF5CC03AD}C:\program files\myspace\im\myspaceim.exe" = protocol=17 | dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"UDP Query User{46C77AE5-89D6-4DEC-AF3E-0CDE3AC21233}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{5A7B19D5-8949-48C9-8E43-6DC1CAC0BDEA}C:\program files\poker.com\client.exe" = protocol=17 | dir=in | app=c:\program files\poker.com\client.exe |
"UDP Query User{5EEEB8F1-B9C9-4F5F-B806-61B852D0ED26}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7DF6B2AB-7B10-4CD0-B4E8-D5A30056F4AE}C:\program files\myspace\im\myspaceim.exe" = protocol=17 | dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"UDP Query User{9A4DE5B6-1563-443B-8CBF-BBBDE3348B9A}C:\program files\carbonpoker\client.exe" = protocol=17 | dir=in | app=c:\program files\carbonpoker\client.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C85D5D-77CA-7173-5775-AFB9CC835F33}" = CCC Help Finnish
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A331B03-B20D-D63E-7CFA-6DE03CD85972}" = CCC Help Chinese Traditional
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
"{179950A7-026A-3F96-9540-3C528A96C5C0}" = Catalyst Control Center Localization Danish
"{1882BDBB-0DFD-FAE6-77FA-E3445D821F18}" = CCC Help Norwegian
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{2452E3E3-B627-7371-F43F-68149C528556}" = CCC Help French
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 29
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{310A99AD-E8DD-CF60-CDD3-ED197E106A80}" = Catalyst Control Center Localization Russian
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36D252B0-6856-4395-4BBE-DEC2E56DCB24}" = Catalyst Control Center Localization Dutch
"{3736E75B-0FD7-F5A3-15F1-EE07B633AEE5}" = Catalyst Control Center Localization Finnish
"{393AAD92-9760-9B0D-43C1-C6C5E89EFA67}" = Catalyst Control Center Localization Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4248C264-C1BF-8414-4B16-F61FF0BC49A7}" = Catalyst Control Center Localization Spanish
"{48FC3614-221A-4272-5AFC-50EC406606FE}" = Catalyst Control Center Localization Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A2BD145-6614-B0A5-0E1A-5367A3451691}" = CCC Help Chinese Standard
"{55D070A2-9EA5-8C26-5F74-835BAC086523}" = Catalyst Control Center Localization German
"{59361F9F-A413-83EC-E269-6D34CC697878}" = CCC Help Portuguese
"{5B9A8ECB-A06B-A5AF-A7AD-B2E1A9B09AE8}" = CCC Help Korean
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{66468F4D-BC4E-470C-9093-B3B6A1BB378C}" = MSN Toolbar Platform
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6BAFE5C7-FAAE-7F8C-39C0-BA8BD7A6786F}" = Catalyst Control Center Localization Chinese Standard
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72BBAAE1-61A5-5F40-9BF3-95992B29F8A7}" = Catalyst Control Center Graphics Full Existing
"{7A97828F-C89C-C290-E11D-57A33DD523CB}" = Catalyst Control Center Localization Portuguese
"{7D3A926D-D61E-6063-1C0D-18A4365D5033}" = ccc-core-static
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E532356-3BAE-4832-A253-2F1094FE5C40}" = Catalyst Control Center Localization Norwegian
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{88937F68-8C7A-A5DC-4004-2A2E0ECCC2DB}" = Catalyst Control Center Localization Japanese
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C454737-22A5-43F6-B09F-A4B3F7BD3468}" = CCC Help Spanish
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9C769AD0-00EE-8A6A-8C2A-F51BAABCCE02}" = CCC Help Dutch
"{9E3DCAB8-285C-464F-DBCB-0052F92FEEF2}" = Catalyst Control Center Graphics Light
"{A6359CCF-215D-43D9-8366-479D231F2A72}" = Belkin Wireless USB Utility
"{A8B9FBF8-7986-6CF7-C31C-20A19E7D1717}" = ccc-utility
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{ACB4C93A-594E-E76A-3349-EEF2D6A723D6}" = Catalyst Control Center Localization Italian
"{ACDF5DEF-413F-A546-6F35-66CE215BDCCB}" = Skins
"{B2BFD108-1E93-06C5-F34E-48B92C358EDD}" = CCC Help Swedish
"{B970E87C-274D-5ADC-41BB-8C81926AF300}" = CCC Help Russian
"{C6CC1EA6-12E2-219A-F8A1-1058AB678E08}" = CCC Help Italian
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF8BA296-55D7-8B51-6C4E-4789A1D003BE}" = Catalyst Control Center Localization French
"{D62A9D43-39A4-337B-A432-1C6DB13087B8}" = CCC Help English
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{D8210D47-2F24-99C7-9183-E093FBF14D92}" = CCC Help Japanese
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DCDCFE99-36A7-6B89-8329-BAB033D99577}" = CCC Help German
"{DE623944-11D0-4CD3-17BE-FDF0F5309FD5}" = CCC Help Danish
"{E0A96F36-D546-4A2A-BDAA-2A2A578B2C0D}" = Bonjour
"{E194308F-9718-7425-BCC1-FAAF46A188CB}" = Catalyst Control Center Core Implementation
"{E314D889-0C82-9F5F-A9EE-699109226856}" = Catalyst Control Center Graphics Full New
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{EFBE2318-89B7-4A5F-8912-23DB04761C31}" = Catalyst Control Center - Branding
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"{FF61246F-8BD1-165A-5F50-B6DFECE53025}" = Catalyst Control Center Localization Korean
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"InstallShield_{E0A96F36-D546-4A2A-BDAA-2A2A578B2C0D}" = Bonjour
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"N360" = Norton Security Suite
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SynTPDeinstKey" = Dell Touchpad
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CarbonPoker" = CarbonPoker
"Poker.com" = Poker.com

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/21/2009 1:32:53 PM | Computer Name = Lance-PC | Source = EventSystem | ID = 4621
Description =

Error - 10/25/2009 6:13:52 PM | Computer Name = Lance-PC | Source = EventSystem | ID = 4621
Description =

Error - 10/31/2009 3:13:24 PM | Computer Name = Lance-PC | Source = EventSystem | ID = 4621
Description =

[ System Events ]
Error - 4/29/2008 3:25:42 PM | Computer Name = Lance-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
5, function 0. Please contact your system vendor for technical assistance.

Error - 4/29/2008 3:25:42 PM | Computer Name = Lance-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
7, function 0. Please contact your system vendor for technical assistance.

Error - 4/29/2008 3:28:33 PM | Computer Name = Lance-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 4/29/2008 6:56:31 PM | Computer Name = Lance-PC | Source = WinDefend | ID = 1008
Description = %%827 has encountered an error when taking action on spyware or other
potentially unwanted software. For more information please see the following: http://go.microsoft....r&threatid=9940

Scan
ID: {131F6403-42FD-4D27-8998-5E1E7FDF1D27} Scan Type: %%802 User: NT AUTHORITY\NETWORK
SERVICE Name: Program:Win32/PowerRegScheduler ID: 9940 Severity ID: 2 Category ID:
27 Path: file:\\?\c:\users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg
Scheduler V3.exe Action: %%811 Error Code: 0x80508017 Error description: Some actions
couldn't be applied to potentially harmful items. The items might be stored in
a read-only location. Delete the files or folders that contains the items or, for
information on removing read-only permissions from files and folders, see Help
and Support.

Error - 4/29/2008 6:58:42 PM | Computer Name = Lance-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 4/29/2008 7:00:34 PM | Computer Name = Lance-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 4/29/2008 7:00:44 PM | Computer Name = Lance-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/29/2008 7:36:43 PM | Computer Name = Lance-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:35:01 PM on 4/29/2008 was unexpected.

Error - 4/29/2008 7:39:12 PM | Computer Name = Lance-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 4/30/2008 10:35:38 AM | Computer Name = Lance-PC | Source = Service Control Manager | ID = 7011
Description =


< End of report >

[RKinner]

When you get done with the other scans do:

Uninstall
Java™ 6 Update 29 - Get the latest from java.com
Adobe Reader 8.1.2 - get the latest from adobe.com
Adobe Flash Player 10 ActiveX - get the latest from adobe.com use IE
Adobe Flash Player 10 Plugin - get the latest from adobe.com use Firefox
McAfee Security Scan Plus - foistware just uninstall. Try not to let adobe reinstall it (uncheck the option)

Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:Services
Abiosdsk

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
[2011/12/27 17:46:10 | 000,007,906 | -HS- | M] () -- C:\Users\Lance\AppData\Local\6wh86ot4081h4mq415l46044vfirj8586
[2011/12/27 17:46:10 | 000,007,906 | -HS- | M] () -- C:\ProgramData\6wh86ot4081h4mq415l46044vfirj8586
[2011/12/24 19:16:05 | 000,008,042 | -HS- | M] () -- C:\Users\Lance\AppData\Local\3m84be3o51a610
[2011/12/24 19:16:05 | 000,008,042 | -HS- | M] () -- C:\ProgramData\3m84be3o51a610

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
     
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

[ajrelic8]

ComboFix 12-01-15.01 - Lance 01/15/2012 19:50:34.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.893.326 [GMT -5:00]
Running from: c:\users\Lance\Desktop\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\$NtUninstallKB9667$
c:\windows\$NtUninstallKB9667$\2461775736\@
c:\windows\$NtUninstallKB9667$\2461775736\bckfg.tmp
c:\windows\$NtUninstallKB9667$\2461775736\cfg.ini
c:\windows\$NtUninstallKB9667$\2461775736\Desktop.ini
c:\windows\$NtUninstallKB9667$\2461775736\keywords
c:\windows\$NtUninstallKB9667$\2461775736\kwrd.dll
c:\windows\$NtUninstallKB9667$\2461775736\L\qnbwvoto
c:\windows\$NtUninstallKB9667$\2461775736\lsflt7.ver
c:\windows\$NtUninstallKB9667$\2461775736\U\00000001.@
c:\windows\$NtUninstallKB9667$\2461775736\U\00000002.@
c:\windows\$NtUninstallKB9667$\2461775736\U\00000004.@
c:\windows\$NtUninstallKB9667$\2461775736\U\80000000.@
c:\windows\$NtUninstallKB9667$\2461775736\U\80000004.@
c:\windows\$NtUninstallKB9667$\2461775736\U\80000032.@
c:\windows\$NtUninstallKB9667$\2481340309
c:\windows\Downloaded Installations\BMP
c:\windows\Downloaded Installations\BMP\{44C774BE-1389-4E84-B5DE-54D9FB4A2253}\1033.MST
c:\windows\Downloaded Installations\BMP\{44C774BE-1389-4E84-B5DE-54D9FB4A2253}\BACS.msi
.
.
((((((((((((((((((((((((( Files Created from 2011-12-16 to 2012-01-16 )))))))))))))))))))))))))))))))
.
.
2012-01-16 01:28 . 2012-01-16 01:29 -------- d-----w- c:\users\Lance\AppData\Local\temp
2012-01-16 01:28 . 2012-01-16 01:28 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-01-16 01:28 . 2012-01-16 01:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-15 23:07 . 2011-11-30 07:21 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9395E3AF-F426-4423-996E-20A432589077}\mpengine.dll
2012-01-15 22:57 . 2011-11-15 19:29 222080 ------w- c:\windows\system32\MpSigStub.exe
2012-01-15 20:44 . 2012-01-15 20:44 -------- d-----w- C:\8242a3d2eb58a348e7a7cb
2011-12-25 03:17 . 2011-12-25 03:17 -------- d-----w- c:\program files\Norton Security Suite(7)
2011-12-25 03:16 . 2011-12-25 03:16 -------- d-----w- c:\program files\NortonInstaller(8)
2011-12-25 02:09 . 2011-12-25 02:10 -------- d-----w- c:\users\Lance\AppData\Local\ID Vault
2011-12-25 02:09 . 2011-12-25 02:09 -------- d-----w- c:\programdata\IsolatedStorage
2011-12-25 02:09 . 2011-12-25 02:09 -------- d-----w- c:\users\Lance\AppData\Roaming\ID Vault
2011-12-25 01:56 . 2011-12-25 01:57 -------- d-----w- c:\program files\Constant Guard Protection Suite
2011-12-25 01:56 . 2011-12-25 01:56 -------- d-----w- c:\programdata\White Sky, Inc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-21 00:34 . 2010-08-21 00:35 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-06 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-28 857648]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-29 36864]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-04-16 184320]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-21 30192]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-12 155648]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-07 405504]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe" [2010-02-12 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-11-29 50688]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-7-20 1180952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-08-29 73728]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-16 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-06 18:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Lance\AppData\Roaming\Mozilla\Firefox\Profiles\1p4nb2bw.default\
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-15 20:29
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.4.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-01-15 20:41:25
ComboFix-quarantined-files.txt 2012-01-16 01:41
.
Pre-Run: 69,995,651,072 bytes free
Post-Run: 69,887,741,952 bytes free
.
- - End Of File - - 06E41B039D1D9EB2FA672F42ACAE8C9C

[ajrelic8]

20:58:56.0334 2876 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
20:58:56.0834 2876 ============================================================
20:58:56.0834 2876 Current date / time: 2012/01/15 20:58:56.0834
20:58:56.0834 2876 SystemInfo:
20:58:56.0834 2876
20:58:56.0834 2876 OS Version: 6.0.6002 ServicePack: 2.0
20:58:56.0834 2876 Product type: Workstation
20:58:56.0834 2876 ComputerName: LANCE-PC
20:58:56.0834 2876 UserName: Lance
20:58:56.0834 2876 Windows directory: C:\Windows
20:58:56.0834 2876 System windows directory: C:\Windows
20:58:56.0834 2876 Processor architecture: Intel x86
20:58:56.0834 2876 Number of processors: 2
20:58:56.0834 2876 Page size: 0x1000
20:58:56.0834 2876 Boot type: Normal boot
20:58:56.0834 2876 ============================================================
20:58:59.0376 2876 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000, SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000050
20:58:59.0704 2876 Initialize success
20:59:03.0682 3392 ============================================================
20:59:03.0682 3392 Scan started
20:59:03.0682 3392 Mode: Manual;
20:59:03.0682 3392 ============================================================
20:59:05.0382 3392 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:59:05.0398 3392 ACPI - ok
20:59:05.0492 3392 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:59:05.0523 3392 adp94xx - ok
20:59:05.0648 3392 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:59:05.0663 3392 adpahci - ok
20:59:05.0726 3392 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:59:05.0726 3392 adpu160m - ok
20:59:05.0835 3392 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:59:05.0850 3392 adpu320 - ok
20:59:06.0006 3392 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:59:06.0022 3392 AFD - ok
20:59:06.0084 3392 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
20:59:06.0100 3392 agp440 - ok
20:59:06.0162 3392 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:59:06.0178 3392 aic78xx - ok
20:59:06.0240 3392 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
20:59:06.0240 3392 aliide - ok
20:59:06.0303 3392 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
20:59:06.0303 3392 amdagp - ok
20:59:06.0350 3392 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
20:59:06.0350 3392 amdide - ok
20:59:06.0412 3392 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:59:06.0412 3392 AmdK7 - ok
20:59:06.0474 3392 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
20:59:06.0490 3392 AmdK8 - ok
20:59:06.0599 3392 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:59:06.0630 3392 arc - ok
20:59:06.0708 3392 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:59:06.0755 3392 arcsas - ok
20:59:06.0833 3392 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:59:06.0833 3392 AsyncMac - ok
20:59:06.0896 3392 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:59:06.0896 3392 atapi - ok
20:59:07.0192 3392 atikmdag (c8465ed71bf898ea71c8717f2f8a5fa3) C:\Windows\system32\DRIVERS\atikmdag.sys
20:59:07.0364 3392 atikmdag - ok
20:59:07.0442 3392 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
20:59:07.0442 3392 AtiPcie - ok
20:59:07.0644 3392 BCM43XX (6aae1042c0a572b24d2a4d6088f03392) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:59:07.0707 3392 BCM43XX - ok
20:59:07.0800 3392 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
20:59:07.0816 3392 bcm4sbxp - ok
20:59:07.0894 3392 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:59:07.0894 3392 Beep - ok
20:59:08.0159 3392 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111123.001\BHDrvx86.sys
20:59:08.0206 3392 BHDrvx86 - ok
20:59:08.0331 3392 blbdrive - ok
20:59:08.0487 3392 BLKWGU(Belkin) (ed910b63a75863a89aab65f2763d5b71) C:\Windows\system32\DRIVERS\BLKWGU.sys
20:59:08.0549 3392 BLKWGU(Belkin) - ok
20:59:08.0721 3392 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:59:08.0830 3392 bowser - ok
20:59:08.0955 3392 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:59:08.0970 3392 BrFiltLo - ok
20:59:09.0142 3392 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:59:09.0142 3392 BrFiltUp - ok
20:59:09.0251 3392 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:59:09.0267 3392 Brserid - ok
20:59:09.0329 3392 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:59:09.0345 3392 BrSerWdm - ok
20:59:09.0376 3392 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:59:09.0392 3392 BrUsbMdm - ok
20:59:09.0438 3392 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:59:09.0454 3392 BrUsbSer - ok
20:59:09.0516 3392 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:59:09.0516 3392 BTHMODEM - ok
20:59:09.0860 3392 catchme - ok
20:59:10.0031 3392 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\Windows\system32\drivers\N360\0404000.00C\ccHPx86.sys
20:59:10.0078 3392 ccHP - ok
20:59:10.0437 3392 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:59:10.0437 3392 cdfs - ok
20:59:10.0499 3392 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:59:10.0515 3392 cdrom - ok
20:59:10.0624 3392 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:59:10.0640 3392 circlass - ok
20:59:10.0764 3392 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:59:10.0780 3392 CLFS - ok
20:59:10.0889 3392 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:59:10.0905 3392 CmBatt - ok
20:59:10.0967 3392 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
20:59:10.0967 3392 cmdide - ok
20:59:11.0014 3392 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:59:11.0030 3392 Compbatt - ok
20:59:11.0076 3392 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:59:11.0092 3392 crcdisk - ok
20:59:11.0154 3392 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:59:11.0170 3392 Crusoe - ok
20:59:11.0357 3392 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:59:11.0373 3392 DfsC - ok
20:59:11.0498 3392 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:59:11.0498 3392 disk - ok
20:59:11.0638 3392 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:59:11.0638 3392 drmkaud - ok
20:59:11.0810 3392 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
20:59:11.0810 3392 DSproct - ok
20:59:11.0888 3392 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
20:59:11.0903 3392 dsunidrv - ok
20:59:11.0997 3392 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:59:12.0028 3392 DXGKrnl - ok
20:59:12.0137 3392 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
20:59:12.0153 3392 e1express - ok
20:59:12.0215 3392 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:59:12.0231 3392 E1G60 - ok
20:59:12.0324 3392 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:59:12.0340 3392 Ecache - ok
20:59:12.0480 3392 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:59:12.0496 3392 eeCtrl - ok
20:59:12.0652 3392 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:59:12.0683 3392 elxstor - ok
20:59:12.0870 3392 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:59:12.0917 3392 exfat - ok
20:59:12.0980 3392 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:59:13.0011 3392 fastfat - ok
20:59:13.0073 3392 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:59:13.0089 3392 fdc - ok
20:59:13.0198 3392 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:59:13.0214 3392 FileInfo - ok
20:59:13.0292 3392 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:59:13.0292 3392 Filetrace - ok
20:59:13.0370 3392 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:59:13.0370 3392 flpydisk - ok
20:59:13.0463 3392 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:59:13.0463 3392 FltMgr - ok
20:59:13.0572 3392 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:59:13.0572 3392 Fs_Rec - ok
20:59:13.0635 3392 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:59:13.0650 3392 gagp30kx - ok
20:59:13.0697 3392 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:59:13.0713 3392 GEARAspiWDM - ok
20:59:13.0884 3392 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:59:13.0916 3392 HDAudBus - ok
20:59:13.0978 3392 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:59:13.0978 3392 HidBth - ok
20:59:14.0025 3392 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:59:14.0025 3392 HidIr - ok
20:59:14.0118 3392 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:59:14.0118 3392 HidUsb - ok
20:59:14.0212 3392 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:59:14.0212 3392 HpCISSs - ok
20:59:14.0384 3392 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:59:14.0430 3392 HSF_DPV - ok
20:59:14.0477 3392 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:59:14.0493 3392 HSXHWAZL - ok
20:59:14.0602 3392 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:59:14.0633 3392 HTTP - ok
20:59:14.0696 3392 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:59:14.0711 3392 i2omp - ok
20:59:14.0789 3392 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:59:14.0805 3392 i8042prt - ok
20:59:14.0898 3392 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:59:14.0914 3392 iaStorV - ok
20:59:15.0210 3392 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111207.001\IDSvix86.sys
20:59:15.0242 3392 IDSVix86 - ok
20:59:15.0351 3392 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:59:15.0366 3392 iirsp - ok
20:59:15.0522 3392 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\drivers\intelide.sys
20:59:15.0522 3392 intelide - ok
20:59:15.0585 3392 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:59:15.0600 3392 intelppm - ok
20:59:15.0710 3392 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:59:15.0741 3392 IpFilterDriver - ok
20:59:15.0788 3392 IpInIp - ok
20:59:15.0850 3392 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:59:15.0866 3392 IPMIDRV - ok
20:59:15.0944 3392 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:59:15.0944 3392 IPNAT - ok
20:59:16.0068 3392 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:59:16.0100 3392 IRENUM - ok
20:59:16.0178 3392 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
20:59:16.0178 3392 isapnp - ok
20:59:16.0287 3392 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:59:16.0302 3392 iScsiPrt - ok
20:59:16.0412 3392 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:59:16.0427 3392 iteatapi - ok
20:59:16.0505 3392 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:59:16.0505 3392 iteraid - ok
20:59:16.0614 3392 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:59:16.0614 3392 kbdclass - ok
20:59:16.0677 3392 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
20:59:16.0677 3392 kbdhid - ok
20:59:16.0802 3392 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
20:59:16.0833 3392 KSecDD - ok
20:59:16.0973 3392 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:59:16.0973 3392 lltdio - ok
20:59:17.0098 3392 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:59:17.0114 3392 LSI_FC - ok
20:59:17.0176 3392 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:59:17.0176 3392 LSI_SAS - ok
20:59:17.0254 3392 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:59:17.0254 3392 LSI_SCSI - ok
20:59:17.0332 3392 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:59:17.0332 3392 luafv - ok
20:59:17.0441 3392 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:59:17.0441 3392 mdmxsdk - ok
20:59:17.0504 3392 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:59:17.0519 3392 megasas - ok
20:59:17.0597 3392 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:59:17.0597 3392 Modem - ok
20:59:17.0660 3392 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:59:17.0660 3392 monitor - ok
20:59:17.0738 3392 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:59:17.0753 3392 mouclass - ok
20:59:17.0816 3392 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:59:17.0831 3392 mouhid - ok
20:59:17.0940 3392 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:59:17.0972 3392 MountMgr - ok
20:59:18.0081 3392 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:59:18.0096 3392 mpio - ok
20:59:18.0174 3392 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:59:18.0190 3392 mpsdrv - ok
20:59:18.0346 3392 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:59:18.0346 3392 Mraid35x - ok
20:59:18.0424 3392 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:59:18.0440 3392 MRxDAV - ok
20:59:18.0549 3392 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:59:18.0564 3392 mrxsmb - ok
20:59:18.0658 3392 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:59:18.0674 3392 mrxsmb10 - ok
20:59:18.0705 3392 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:59:18.0720 3392 mrxsmb20 - ok
20:59:18.0767 3392 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
20:59:18.0767 3392 msahci - ok
20:59:18.0830 3392 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:59:18.0845 3392 msdsm - ok
20:59:18.0954 3392 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:59:18.0970 3392 Msfs - ok
20:59:19.0079 3392 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:59:19.0079 3392 msisadrv - ok
20:59:19.0235 3392 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:59:19.0251 3392 MSKSSRV - ok
20:59:19.0313 3392 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:59:19.0313 3392 MSPCLOCK - ok
20:59:19.0360 3392 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:59:19.0376 3392 MSPQM - ok
20:59:19.0454 3392 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:59:19.0469 3392 MsRPC - ok
20:59:19.0516 3392 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:59:19.0532 3392 mssmbios - ok
20:59:19.0578 3392 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:59:19.0594 3392 MSTEE - ok
20:59:19.0625 3392 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:59:19.0625 3392 Mup - ok
20:59:19.0797 3392 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:59:19.0797 3392 NativeWifiP - ok
20:59:19.0922 3392 NAVENG - ok
20:59:19.0968 3392 NAVEX15 - ok
20:59:20.0124 3392 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:59:20.0187 3392 NDIS - ok
20:59:20.0296 3392 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:59:20.0296 3392 NdisTapi - ok
20:59:20.0358 3392 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:59:20.0358 3392 Ndisuio - ok
20:59:20.0436 3392 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:59:20.0452 3392 NdisWan - ok
20:59:20.0530 3392 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:59:20.0577 3392 NDProxy - ok
20:59:20.0639 3392 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:59:20.0639 3392 NetBIOS - ok
20:59:20.0780 3392 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:59:20.0795 3392 netbt - ok
20:59:20.0967 3392 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:59:20.0982 3392 nfrd960 - ok
20:59:21.0060 3392 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:59:21.0076 3392 Npfs - ok
20:59:21.0185 3392 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:59:21.0185 3392 nsiproxy - ok
20:59:21.0372 3392 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:59:21.0435 3392 Ntfs - ok
20:59:21.0466 3392 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:59:21.0482 3392 ntrigdigi - ok
20:59:21.0513 3392 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:59:21.0528 3392 Null - ok
20:59:21.0591 3392 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:59:21.0606 3392 nvraid - ok
20:59:21.0653 3392 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:59:21.0669 3392 nvstor - ok
20:59:21.0731 3392 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
20:59:21.0747 3392 nv_agp - ok
20:59:21.0778 3392 NwlnkFlt - ok
20:59:21.0809 3392 NwlnkFwd - ok
20:59:21.0872 3392 ODWGU(Ativa) - ok
20:59:21.0965 3392 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
20:59:21.0981 3392 OEM02Dev - ok
20:59:22.0043 3392 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
20:59:22.0043 3392 OEM02Vfx - ok
20:59:22.0121 3392 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:59:22.0121 3392 ohci1394 - ok
20:59:22.0215 3392 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:59:22.0230 3392 Parport - ok
20:59:22.0293 3392 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:59:22.0308 3392 partmgr - ok
20:59:22.0355 3392 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:59:22.0355 3392 Parvdm - ok
20:59:22.0433 3392 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:59:22.0449 3392 pci - ok
20:59:22.0511 3392 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:59:22.0511 3392 pciide - ok
20:59:22.0589 3392 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:59:22.0605 3392 pcmcia - ok
20:59:22.0698 3392 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:59:22.0761 3392 PEAUTH - ok
20:59:23.0073 3392 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:59:23.0088 3392 PptpMiniport - ok
20:59:23.0166 3392 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:59:23.0166 3392 Processor - ok
20:59:23.0291 3392 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:59:23.0307 3392 PSched - ok
20:59:23.0400 3392 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
20:59:23.0400 3392 PxHelp20 - ok
20:59:23.0619 3392 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:59:23.0666 3392 ql2300 - ok
20:59:23.0744 3392 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:59:23.0759 3392 ql40xx - ok
20:59:23.0837 3392 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:59:23.0853 3392 QWAVEdrv - ok
20:59:24.0071 3392 R300 (c8465ed71bf898ea71c8717f2f8a5fa3) C:\Windows\system32\DRIVERS\atikmdag.sys
20:59:24.0180 3392 R300 - ok
20:59:24.0290 3392 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:59:24.0290 3392 RasAcd - ok
20:59:24.0383 3392 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:59:24.0383 3392 Rasl2tp - ok
20:59:24.0492 3392 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:59:24.0508 3392 RasPppoe - ok
20:59:24.0570 3392 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:59:24.0570 3392 RasSstp - ok
20:59:24.0648 3392 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:59:24.0664 3392 rdbss - ok
20:59:24.0851 3392 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:59:24.0851 3392 RDPCDD - ok
20:59:24.0976 3392 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
20:59:24.0992 3392 rdpdr - ok
20:59:25.0038 3392 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:59:25.0054 3392 RDPENCDD - ok
20:59:25.0194 3392 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:59:25.0226 3392 RDPWD - ok
20:59:25.0319 3392 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:59:25.0335 3392 rimmptsk - ok
20:59:25.0397 3392 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:59:25.0397 3392 rimsptsk - ok
20:59:25.0460 3392 RimUsb (92d33f76769a028ddc54a863eb7de4a2) C:\Windows\system32\Drivers\RimUsb.sys
20:59:25.0475 3392 RimUsb - ok
20:59:25.0553 3392 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
20:59:25.0553 3392 RimVSerPort - ok
20:59:25.0600 3392 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:59:25.0616 3392 rismxdp - ok
20:59:25.0662 3392 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
20:59:25.0678 3392 ROOTMODEM - ok
20:59:25.0865 3392 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:59:25.0881 3392 rspndr - ok
20:59:26.0006 3392 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:59:26.0021 3392 sbp2port - ok
20:59:26.0177 3392 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:59:26.0177 3392 sdbus - ok
20:59:26.0302 3392 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:59:26.0318 3392 secdrv - ok
20:59:26.0411 3392 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:59:26.0427 3392 Serenum - ok
20:59:26.0489 3392 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:59:26.0489 3392 Serial - ok
20:59:26.0583 3392 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:59:26.0583 3392 sermouse - ok
20:59:26.0786 3392 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
20:59:26.0786 3392 sffdisk - ok
20:59:26.0864 3392 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
20:59:26.0864 3392 sffp_mmc - ok
20:59:26.0957 3392 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:59:27.0020 3392 sffp_sd - ok
20:59:27.0066 3392 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
20:59:27.0082 3392 sfloppy - ok
20:59:27.0222 3392 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
20:59:27.0222 3392 sisagp - ok
20:59:27.0269 3392 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:59:27.0269 3392 SiSRaid2 - ok
20:59:27.0347 3392 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:59:27.0378 3392 SiSRaid4 - ok
20:59:27.0503 3392 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:59:27.0519 3392 Smb - ok
20:59:27.0628 3392 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:59:27.0644 3392 spldr - ok
20:59:27.0909 3392 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0404000.00C\SRTSP.SYS
20:59:27.0924 3392 SRTSP - ok
20:59:28.0034 3392 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0404000.00C\SRTSPX.SYS
20:59:28.0034 3392 SRTSPX - ok
20:59:28.0143 3392 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:59:28.0158 3392 srv - ok
20:59:28.0283 3392 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:59:28.0299 3392 srv2 - ok
20:59:28.0439 3392 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:59:28.0455 3392 srvnet - ok
20:59:28.0595 3392 STHDA (5af135b2e2097d4494b9067ce84e2665) C:\Windows\system32\drivers\stwrt.sys
20:59:28.0626 3392 STHDA - ok
20:59:28.0751 3392 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:59:28.0751 3392 swenum - ok
20:59:28.0938 3392 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:59:28.0954 3392 Symc8xx - ok
20:59:29.0094 3392 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0404000.00C\SYMDS.SYS
20:59:29.0126 3392 SymDS - ok
20:59:29.0219 3392 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\Windows\system32\drivers\N360\0404000.00C\SYMEFA.SYS
20:59:29.0235 3392 SymEFA - ok
20:59:29.0313 3392 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS
20:59:29.0328 3392 SymEvent - ok
20:59:29.0453 3392 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0404000.00C\Ironx86.SYS
20:59:29.0469 3392 SymIRON - ok
20:59:29.0547 3392 SYMTDIv (b501d61792d8355eae7eb4f7449a9d99) C:\Windows\System32\Drivers\N360\0404000.00C\SYMTDIV.SYS
20:59:29.0578 3392 SYMTDIv - ok
20:59:29.0656 3392 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:59:29.0672 3392 Sym_hi - ok
20:59:29.0734 3392 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:59:29.0765 3392 Sym_u3 - ok
20:59:29.0843 3392 SynTP (dd17b63f26430e179ef6bdef5ac735bd) C:\Windows\system32\DRIVERS\SynTP.sys
20:59:29.0859 3392 SynTP - ok
20:59:30.0093 3392 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
20:59:30.0155 3392 Tcpip - ok
20:59:30.0249 3392 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
20:59:30.0280 3392 Tcpip6 - ok
20:59:30.0342 3392 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:59:30.0342 3392 tcpipreg - ok
20:59:30.0420 3392 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:59:30.0436 3392 TDPIPE - ok
20:59:30.0545 3392 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:59:30.0545 3392 TDTCP - ok
20:59:30.0592 3392 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:59:30.0608 3392 tdx - ok
20:59:30.0686 3392 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:59:30.0701 3392 TermDD - ok
20:59:30.0873 3392 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:59:30.0888 3392 tssecsrv - ok
20:59:30.0998 3392 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:59:31.0013 3392 tunmp - ok
20:59:31.0076 3392 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:59:31.0091 3392 tunnel - ok
20:59:31.0232 3392 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:59:31.0247 3392 uagp35 - ok
20:59:31.0356 3392 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:59:31.0372 3392 udfs - ok
20:59:31.0481 3392 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
20:59:31.0497 3392 uliagpkx - ok
20:59:31.0575 3392 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:59:31.0590 3392 uliahci - ok
20:59:31.0653 3392 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:59:31.0668 3392 UlSata - ok
20:59:31.0778 3392 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:59:31.0809 3392 ulsata2 - ok
20:59:31.0934 3392 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:59:31.0949 3392 umbus - ok
20:59:32.0214 3392 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:59:32.0214 3392 usbccgp - ok
20:59:32.0292 3392 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:59:32.0308 3392 usbcir - ok
20:59:32.0402 3392 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:59:32.0402 3392 usbehci - ok
20:59:32.0480 3392 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:59:32.0511 3392 usbhub - ok
20:59:32.0558 3392 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:59:32.0573 3392 usbohci - ok
20:59:32.0620 3392 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
20:59:32.0636 3392 usbprint - ok
20:59:32.0682 3392 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:59:32.0698 3392 USBSTOR - ok
20:59:32.0792 3392 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:59:32.0792 3392 usbuhci - ok
20:59:32.0932 3392 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:59:32.0948 3392 vga - ok
20:59:33.0010 3392 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:59:33.0010 3392 VgaSave - ok
20:59:33.0088 3392 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
20:59:33.0088 3392 viaagp - ok
20:59:33.0135 3392 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:59:33.0150 3392 ViaC7 - ok
20:59:33.0228 3392 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
20:59:33.0228 3392 viaide - ok
20:59:33.0306 3392 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:59:33.0306 3392 volmgr - ok
20:59:33.0447 3392 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:59:33.0462 3392 volmgrx - ok
20:59:33.0525 3392 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:59:33.0540 3392 volsnap - ok
20:59:33.0603 3392 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:59:33.0634 3392 vsmraid - ok
20:59:33.0774 3392 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:59:33.0774 3392 WacomPen - ok
20:59:33.0837 3392 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:59:33.0852 3392 Wanarp - ok
20:59:33.0915 3392 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:59:33.0915 3392 Wanarpv6 - ok
20:59:34.0055 3392 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:59:34.0071 3392 Wd - ok
20:59:34.0211 3392 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:59:34.0242 3392 Wdf01000 - ok
20:59:34.0476 3392 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:59:34.0508 3392 winachsf - ok
20:59:34.0757 3392 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:59:34.0757 3392 WmiAcpi - ok
20:59:34.0991 3392 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:59:35.0007 3392 WpdUsb - ok
20:59:35.0163 3392 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:59:35.0163 3392 ws2ifsl - ok
20:59:35.0334 3392 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:59:35.0334 3392 WUDFRd - ok
20:59:35.0444 3392 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
20:59:35.0444 3392 XAudio - ok
20:59:35.0584 3392 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:59:35.0678 3392 \Device\Harddisk0\DR0 - ok
20:59:35.0724 3392 Boot (0x1200) (9a639a9baf486104b7709209e58fe2a9) \Device\Harddisk0\DR0\Partition0
20:59:35.0724 3392 \Device\Harddisk0\DR0\Partition0 - ok
20:59:35.0756 3392 Boot (0x1200) (fc635af393932971da261b6ae33b6781) \Device\Harddisk0\DR0\Partition1
20:59:35.0756 3392 \Device\Harddisk0\DR0\Partition1 - ok
20:59:35.0771 3392 ============================================================
20:59:35.0771 3392 Scan finished
20:59:35.0771 3392 ============================================================
20:59:35.0880 1588 Detected object count: 0
20:59:35.0880 1588 Actual detected object count: 0

[ajrelic8]

aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-15 21:05:45
-----------------------------
21:05:45.538 OS Version: Windows 6.0.6002 Service Pack 2
21:05:45.538 Number of processors: 2 586 0x6801
21:05:45.538 ComputerName: LANCE-PC UserName: Lance
21:05:57.207 Initialize success
21:06:25.295 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:06:25.311 Disk 0 Vendor: SAMSUNG_HM160HI HH100-11 Size: 152627MB BusType: 3
21:06:25.342 Disk 0 MBR read successfully
21:06:25.373 Disk 0 MBR scan
21:06:25.389 Disk 0 Windows VISTA default MBR code
21:06:25.420 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
21:06:25.467 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 145408
21:06:25.514 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 139755 MB offset 21116928
21:06:25.545 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 307335168
21:06:25.685 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 307337216
21:06:25.732 Disk 0 scanning sectors +312578048
21:06:25.857 Disk 0 scanning C:\Windows\system32\drivers
21:06:41.644 Service scanning
21:06:57.291 Modules scanning
21:07:13.218 Scan finished successfully
21:08:28.125 Disk 0 MBR has been saved successfully to "C:\Users\Lance\Desktop\MBR.dat"
21:08:28.187 The log file has been saved successfully to "C:\Users\Lance\Desktop\aswMBR.txt"


Did not have to hit the fix button

[ajrelic8]

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.15.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Lance :: LANCE-PC [administrator]

Protection: Enabled

1/15/2012 9:19:19 PM
mbam-log-2012-01-15 (21-19-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193930
Time elapsed: 16 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

[ajrelic8]

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 15/01/2012 10:54:36 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/01/2012 3:43:01 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: BHDrvx86 SymIRON

Log: 'System' Date/Time: 16/01/2012 3:43:00 AM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Bonjour Service service hung on starting.

Log: 'System' Date/Time: 16/01/2012 3:40:57 AM
Type: Error Category: 0
Event: 15021 Source: Microsoft-Windows-HttpEvent
An error occured while using SSL configuration for socket address 0.0.0.0:4482. The error status code is contained within the returned data.

Log: 'System' Date/Time: 16/01/2012 3:40:44 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 10:30:30 PM on 1/15/2012 was unexpected.

Log: 'System' Date/Time: 16/01/2012 2:53:44 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

Log: 'System' Date/Time: 16/01/2012 2:51:14 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: BHDrvx86 SymIRON

Log: 'System' Date/Time: 16/01/2012 2:51:13 AM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Bonjour Service service hung on starting.

Log: 'System' Date/Time: 16/01/2012 2:48:52 AM
Type: Error Category: 0
Event: 15021 Source: Microsoft-Windows-HttpEvent
An error occured while using SSL configuration for socket address 0.0.0.0:4482. The error status code is contained within the returned data.

Log: 'System' Date/Time: 16/01/2012 2:44:06 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/01/2012 3:41:18 AM
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 16/01/2012 3:41:18 AM
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 16/01/2012 2:47:21 AM
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 16/01/2012 2:47:21 AM
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 16/01/2012 2:45:02 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/01/2012 2:45:00 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv.dll

[ajrelic8]

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 15/01/2012 10:58:08 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/01/2012 3:51:35 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\WLEXTENSION.DLL> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:34 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\WINDOWSLIVEAPP.XAP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:32 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\SEARCHAPPEXTENSION.DLL> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:32 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\SEARCHAPP.XAP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:25 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\MSNAPP.XAP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:24 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\HIGHLANDER.XAP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:20 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\FIRSTRUN.XAP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:15 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\CHAMELEON.XAP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:14 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\APPMGR.XAP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 16/01/2012 3:51:12 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\LANCE\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPLICATIONS\APPMGR.DLL> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[ajrelic8]

Copy of log from runfix

========== PROCESSES ==========
All processes killed
========== SERVICES/DRIVERS ==========
Error: No service named Abiosdsk was found to stop!
Service\Driver key Abiosdsk not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
C:\Program Files\Dell\BAE\BAE.dll moved successfully.
C:\Users\Lance\AppData\Local\6wh86ot4081h4mq415l46044vfirj8586 moved successfully.
C:\ProgramData\6wh86ot4081h4mq415l46044vfirj8586 moved successfully.
C:\Users\Lance\AppData\Local\3m84be3o51a610 moved successfully.
C:\ProgramData\3m84be3o51a610 moved successfully.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Lance\Desktop\cmd.bat deleted successfully.
C:\Users\Lance\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Lance\Desktop\cmd.bat deleted successfully.
C:\Users\Lance\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Lance\Desktop\cmd.bat deleted successfully.
C:\Users\Lance\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Lance\Desktop\cmd.bat deleted successfully.
C:\Users\Lance\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 5164 bytes

User: Lance
->Flash cache emptied: 2663153 bytes

User: Public

User: TEMP

Total Flash Files Cleaned = 3.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Guest
->Java cache emptied: 0 bytes

User: Lance
->Java cache emptied: 95527313 bytes

User: Public

User: TEMP

Total Java Files Cleaned = 91.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 01152012_233655

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[RKinner]

The following boot-start or system-start driver(s) failed to load: BHDrvx86 SymIRON

The infection damaged Norton Security Suite. We are going to need to reinstall it.

Download and save the norton removal tool
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
Uninstall Norton Security Suite (If you can find a way to do that. Perhaps in All Programs under Norton or Symantec there may be an uninstall option. If not just go on.
Run the Norton Removal tool.
Then follow the instructions: Reinstalling Norton Security Suite after running the Norton Removal Tool:
https://www-secure.s...n=1&pvid=f-home

Alternatively you can install the free Avast instead. Less load on the CPU and just as good or better in my opinion.
http://www.avast.com...ivirus-download

Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

We usually see this when the PC is running too hot. Make sure the PC is on a hard surface and that the vents are not blocked.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a report option. Click on it and copy and paste the report (even if it says nothing found).

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron

[ajrelic8]

QuickScan 32-bit v0.9.9.103
---------------------------
Scan date: Mon Jan 16 15:02:01 2012
Machine ID: 7ACC6DF5



No infection found.
-------------------



Processes
---------
Catalyst Control Centre 3524 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Catalyst Control Centre 1268 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Cyberlink PowerCinema 864 C:\Program Files\Dell\MediaDirect\PCMService.exe
Digital Line Detection 3060 C:\Program Files\Digital Line Detect\DLG.exe
Firefox 4816 C:\Program Files\Mozilla Firefox\firefox.exe
Google Desktop 1564 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
IDT Audio 2840 C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
Live! Cam Console Auto Launcher 3408 C:\Windows\OEM02Mon.exe
Malwarebytes Anti-Malware 2108 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Microsoft Search Client Server 5404 C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
Microsoft® Windows Mobile® Device Cente 3528 C:\Windows\WindowsMobile\wmdc.exe
Microsoft® Windows® Operating System 1276 C:\Windows\explorer.exe
Microsoft® Windows® Operating System 4064 C:\Windows\System32\taskeng.exe
MSN® Toolbar 2332 C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
QuickSet 2928 C:\Program Files\Dell\QuickSet\quickset.exe
QuickTime 2656 C:\Program Files\QuickTime\qttask.exe
SupportSoft sprtcmd 2932 C:\Program Files\Dell Support Center\bin\sprtcmd.exe
Windows® Internet Explorer 2588 C:\Program Files\Internet Explorer\iexplore.exe
Windows® Internet Explorer 5408 C:\Program Files\Internet Explorer\iexplore.exe
(verified) GoogleToolbarNotifier 2772 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(verified) Microsoft® Windows® Operating System 2808 C:\Program Files\Windows Media Player\wmpnscfg.exe
(verified) Microsoft® Windows® Operating System 780 C:\Windows\ehome\ehmsas.exe
(verified) Microsoft® Windows® Operating System 4008 C:\Windows\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System 2268 C:\Windows\System32\dwm.exe


Network activity
----------------
Process firefox.exe (4816) connected on port 80 (HTTP) --> 72.14.204.113
Process firefox.exe (4816) connected on port 80 (HTTP) --> 72.14.204.113
Process firefox.exe (4816) connected on port 80 (HTTP) --> 74.125.93.138



Autoruns and critical files
---------------------------
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
CLIStart.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
ComcastAntispy.exe C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
Constant Guard™ Protection Suite C:\Program Files\Constant Guard Protection Suite\IDVault.exe
Cyberlink PowerCinema C:\Program Files\Dell\MediaDirect\PCMService.exe
Default Manager C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
Dell Webcam Manager C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
Digital Line Detection C:\Program Files\Digital Line Detect\DLG.exe
FileHippo.com Update Checker C:\Program Files\FileHippo.com\UpdateChecker.exe
GID Desktop Application C:\Program Files\SFT\GuardedID\gidd.exe
Google Desktop C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
Google Desktop c:\Program Files\Google\Google Desktop Search\googledesktopnetwork3.dll
IDT Audio C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
Live! Cam Console Auto Launcher C:\Windows\OEM02Mon.exe
Macrovision FLEXnet Connect C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
Malwarebytes Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Microsoft® Windows Mobile® Device Cente C:\Windows\WindowsMobile\wmdc.exe
Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll
Microsoft® Windows® Operating System C:\Windows\system32\Mystify.scr
MSN® Toolbar C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
QuickSet C:\Program Files\Dell\QuickSet\quickset.exe
QuickTime C:\Program Files\QuickTime\qttask.exe
SupportSoft sprtcmd C:\Program Files\Dell Support Center\bin\sprtcmd.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Windows® Internet Explorer c:\windows\system32\webcheck.dll
(verified) GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(verified) Microsoft® Windows® Operating System C:\Program Files\Windows Media Player\wmpnscfg.exe
(verified) Microsoft® Windows® Operating System C:\Windows\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe


Browser plugins
---------------
dtx Dynamic Link Library c:\program files\xfin_portal\comcastdx.dll
AUX BHO c:\program files\xfin_portal\auxi\comcastau.dll
BitDefender QuickScan C:\Users\Lance\AppData\Roaming\Mozilla\Firefox\Profiles\1p4nb2bw.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
CGPS c:\program files\constant guard protection suite\nativebho.dll
DTX Toolbar C:\Users\Lance\AppData\Roaming\Mozilla\Firefox\Profiles\1p4nb2bw.default\extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f}\components\dtTransparency.dll
Google Toolbar for IE c:\program files\google\googletoolbar1.dll
Google Updater C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
Java Deployment Toolkit 6.0.290.11 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
Macrovision FLEXnet Connect C:\Windows\Downloaded Program Files\isusweb.dll
Microsoft Search Enhancement Pack C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
Microsoft® Windows Live ID C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
MSN® Toolbar c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
QuickTime Plug-in 7.0.4 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.0.4 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.0.4 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.0.4 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.0.4 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.0.4 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.0.4 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
Shockwave for Director C:\Windows\system32\Adobe\Director\np32dsw.dll
Windows Presentation Foundation c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\Windows\system32\ieframe.dll
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe
(verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


Missing files
-------------
File not found: c:\program files\java\jre6\bin\jp2ssv.dll
--> HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InprocServer32\"(default)"


Scan
----
MD5: 0fc4ca031c46ce1bbdd8a7e91ed2251b C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
MD5: 033ff248550305ed52ed2d2844a8a11b C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MD5: 36b9fc05b2091a5782d4a0189fe1735c C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
MD5: 5958884544bcf23290484ff40c2f342f C:\Program Files\Bonjour\mdnsNSP.dll
MD5: cc4e72a0fa7f62175c8bb42ba2caa3d5 C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 1cd99fdb466276d79c8d47753ef4aacb C:\Program Files\CA\PPRT\bin\CACheck.dll
MD5: cf7460002344f4dd680fe4aed1994252 C:\Program Files\CA\PPRT\bin\CAHook.dll
MD5: 362529ba150768ad05dfeee9ea4b6c07 C:\Program Files\CA\PPRT\bin\CAServer.dll
MD5: 54f694c6cd3a1149ba3a8bdacc83badc C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
MD5: 1192f1b00602918614e65b27b6560745 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
MD5: f9dac844b1d370da4c984d4c22f5e696 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
MD5: ff3bf05021bfecc92db81b8257eeb026 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
MD5: 41b78b09041110541194b86364c78af7 C:\Program Files\Common Files\Roxio Shared\9.0\MPEG\RoxioMPEGDemuxer.dll
MD5: ebcde8b48fadc6479d96a56d0a432160 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
MD5: ab2b1de1c8f31efce2384b14b3dc4260 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
MD5: 3a7d576160b46c850462a2661502005d C:\Program Files\Common Files\Sonic Shared\SonicMC01\sonicamrd.ax
MD5: e2f8790a2459b7652254eeccc6487c01 C:\Program Files\Common Files\Sonic Shared\SonicMC01\sonicMP4Demux.ax
MD5: 51778fd315c9882f1cbd932743e62a72 C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
MD5: f101c848a95fdc6474a66a9d395eaaeb C:\Program Files\Common Files\System\wab32.dll
MD5: 8e87e757abbb8665c708c9adddba7dc7 C:\Program Files\Constant Guard Protection Suite\IDVault.exe
MD5: ba1dbde9c4f60bf33ea0eb5da5d69f82 C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
MD5: 65400004a86599dfe8563025755fcbdd c:\program files\constant guard protection suite\nativebho.dll
MD5: 5c5209b04b1942a534259c2ab7bb1eea C:\Program Files\Dell Support Center\bin\LIBEAY32.dll
MD5: 3917664c26b4344768c288bba6fefcb6 C:\Program Files\Dell Support Center\bin\sprtcmd.exe
MD5: 0547af400ae6b4f8646148739e0f24fa C:\Program Files\Dell Support Center\bin\sprtevent.dll
MD5: 0ab6629467d8f073b762fca1d416bf2d C:\Program Files\Dell Support Center\bin\sprtfod.dll
MD5: 1409eb2c3cb92d612e124d52ed766359 C:\Program Files\Dell Support Center\bin\sprtmessage.dll
MD5: 8e8d1251c52de0256c076caaa79af327 C:\Program Files\Dell Support Center\bin\sprtsched.dll
MD5: 777115c9cc675bd98127660712d2f784 C:\Program Files\Dell Support Center\bin\sprtsvc.exe
MD5: c5a05f589dc8d5b63ce5f4ad22f1a785 C:\Program Files\Dell Support Center\bin\sprtsync.dll
MD5: 9fec1e7096aa29823dbbf5fc88a8ed3c C:\Program Files\Dell Support Center\bin\sprtui.dll
MD5: 5fb486db877dfbb52828d77f110eba9d C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll
MD5: 01b46beece252636a678e9312e6031fd C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll
MD5: 267b3a856e9f4db1cabd4e6db71e07d2 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
MD5: dac9b43bbfa0359e252ddb0cb91dea6d C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
MD5: 066b1558b0286677d4cce0a20f01f0fe C:\Program Files\Dell\MediaDirect\Kernel\common\CLRCEngine3.dll
MD5: 92c8d754bc0d65d24cbcdb9d67c38583 C:\Program Files\Dell\MediaDirect\Kernel\Video\CLM1Splter.ax
MD5: 72ccaee0998027f2e9993cad29a71333 C:\Program Files\Dell\MediaDirect\Kernel\Video\CLM2Splter.ax
MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Program Files\Dell\MediaDirect\MFC71.DLL
MD5: 8289c20becbea1348f7ff4d08f4c4f19 C:\Program Files\Dell\MediaDirect\PCMService.exe
MD5: b4bb38a9d21ef6ac24d663997a431274 C:\Program Files\Dell\QuickSet\dadkeyb.dll
MD5: 3c14f9b3b7954ad8974e04e702e04e4c C:\Program Files\Dell\QuickSet\quickset.exe
MD5: 245f62a2aa67f4a61f10174bf1017327 C:\Program Files\DellSupport\brkrsvc.exe
MD5: 413f2d5f9d802688242c23b38f767ecb C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
MD5: cb1135906d951b574f9f2498be8f11f9 C:\Program Files\Digital Line Detect\BVRPDIAG.dll
MD5: f03ffc962e18f36a922e61f96be09925 C:\Program Files\Digital Line Detect\DLG.exe
MD5: 1e60c2b180925f84ce3f25d71d262f30 C:\Program Files\FileHippo.com\UpdateChecker.exe
MD5: 408ddd80eede47175f6844817b90213e C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
MD5: cca0000b5f9f73aca4b74d60d590ac48 C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
MD5: df5f4ecacf6df29a0738ccae7e322371 C:\Program Files\Google\Google Desktop Search\GoogleDesktopCommon.dll
MD5: 6f3ada96f3e73d4ff39d0c284d5e0c9d C:\Program Files\Google\Google Desktop Search\GoogleDesktopHyper.dll
MD5: 6434b5f02751b9140deecf4e4a3bab47 c:\Program Files\Google\Google Desktop Search\googledesktopnetwork3.dll
MD5: b3ccb67d0d6a3f653c43b840ff2ea324 C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
MD5: 59dac066b544f434f3ef8fbe52bcf6cf C:\Program Files\Google\Google Desktop Search\GoogleServices.DLL
MD5: c0d0179784c543bdf297932fafa2bb20 C:\Program Files\Google\Google Desktop Search\gzlib.dll
MD5: 358878e398ab0fb8b1ee176c2e3edf48 C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
MD5: 21dbd36987339a871211e4e0552ffb76 c:\program files\google\googletoolbar1.dll
MD5: 085940dbb5db03b0c60774d193a3b48d C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
MD5: a1659e4d08fe8d0f0bc61960d8c0369e C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 4d0bad6e0b9a5e650fe37a05f33bf288 C:\Program Files\Internet Explorer\IEShims.dll
MD5: 904e13ba41af2e353a32cf351ca53639 C:\Program Files\Internet Explorer\iexplore.exe
MD5: 1803de4a25021a4e75848bdc5698ca6d C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 1803de4a25021a4e75848bdc5698ca6d C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 1803de4a25021a4e75848bdc5698ca6d C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 1803de4a25021a4e75848bdc5698ca6d C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 1803de4a25021a4e75848bdc5698ca6d C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 1803de4a25021a4e75848bdc5698ca6d C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 1803de4a25021a4e75848bdc5698ca6d C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: ee407cac6c5fbc79af7c0aa180727e55 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
MD5: 385b9a26dbe3d97b483d977c037c4bec C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
MD5: 7760679b6854a33433deb7f49a6f4a61 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
MD5: de199f3aa9c541a349af95a5c72a71af C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
MD5: 4717cc0cc613c56c9ab3ab19bc43bb74 C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
MD5: 5d814a0da22757ffc58a57e33e169831 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll
MD5: ca7e42e0b8d117165ed553a7d681352a C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
MD5: f9e57335946fcc9cfcc180feb1879fc5 C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\srchbxex.dll
MD5: 09f3d779638216dbb6b8d4c1075d6a8f C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
MD5: 11c5fa17399ddf36886c46ea51aa2987 C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
MD5: 8973c31abbbd7b073a75680b0f831751 C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
MD5: afe9f1ee8254d366c0e183ec3c51629c C:\Program Files\Mozilla Firefox\firefox.exe
MD5: 8cf6281706f02b15ca6ba2fd9feb98e6 C:\Program Files\Mozilla Firefox\freebl3.dll
MD5: e432bd593408db3260596b068ba17b82 C:\Program Files\Mozilla Firefox\js3250.dll
MD5: c8af84c4edda7ccb6d8b746ba6a64ec1 C:\Program Files\Mozilla Firefox\MOZCPP19.dll
MD5: c8e64d76c1b0d1e009750533f5f47d58 C:\Program Files\Mozilla Firefox\MOZCRT19.dll
MD5: 9757ac748b87f3e481eeeb359b25345b C:\Program Files\Mozilla Firefox\nspr4.dll
MD5: e329055eb6f1a4a5e7b10725d091b7cd C:\Program Files\Mozilla Firefox\nss3.dll
MD5: aacdb087534ae827323d90b963cbe4b8 C:\Program Files\Mozilla Firefox\nssckbi.dll
MD5: 288bbb4fd052518f37948c426a9d1ae3 C:\Program Files\Mozilla Firefox\nssdbm3.dll
MD5: 21b7e304063f57028e6f72a6a474bd6a C:\Program Files\Mozilla Firefox\nssutil3.dll
MD5: 7d7feb7f655c9ea521e3446c34a5fcab C:\Program Files\Mozilla Firefox\plc4.dll
MD5: 7a9414f84998f7686e40b19054ffae50 C:\Program Files\Mozilla Firefox\plds4.dll
MD5: 47aff25b68ce4885fec6cfdef8febb5c C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: 0bfe041b7f5230739fb642a08deaa66a C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
MD5: f22e2c36e944d3e949a8a250e3013d8f C:\Program Files\Mozilla Firefox\smime3.dll
MD5: c19375a38388fc97891a81b3c27a474c C:\Program Files\Mozilla Firefox\softokn3.dll
MD5: b9fab7d16c732a8f18608c5242a219e3 C:\Program Files\Mozilla Firefox\sqlite3.dll
MD5: 23445ca7a84e8ca89a8fbb47ce10bce8 C:\Program Files\Mozilla Firefox\ssl3.dll
MD5: 5533d317b0d030c3237ff6484a662abd C:\Program Files\Mozilla Firefox\xpcom.dll
MD5: 79759adee2ff19d06bd2daf0acf6d857 C:\Program Files\Mozilla Firefox\xul.dll
MD5: a8d49c8b593789b6aac5f98a45df4566 C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
MD5: 69e8aecc6aa209b0638e562d646d8d87 c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
MD5: 6cf7d6119fc02fcc558866d1d5ccc182 C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\XmlLite.dll
MD5: 97309a92694663288b2343558f087124 C:\Program Files\MSN Toolbar\UIEngine\4.0.0318.1\coreclr.dll
MD5: a525f8d744c0347725a2ee917cc9e811 C:\Program Files\MSN Toolbar\UIEngine\4.0.0318.1\mscorrc.dll
MD5: f0873e44f016edd19a024470d936d1ed C:\Program Files\MSN Toolbar\UIEngine\4.0.0318.1\npctrlUI.dll
MD5: ccaae1ab648e239e57b9fa13fdbd3218 C:\Program Files\MSN Toolbar\UIEngine\4.0.0318.1\slcore.dll
MD5: a42a6a4d646e1e7f3a48ba2620e53af5 C:\Program Files\MSN Toolbar\UIEngine\4.0.0318.1\slctrl.dll
MD5: c74c7963eec07af49dce44d64819b2bf C:\Program Files\QuickTime\qttask.exe
MD5: 493c7df03d478de0f7b47d64c680c3ec C:\Program Files\SFT\GuardedID\gidd.exe
MD5: f2b4a9d0d0e1fbf6cca824ea0a76ffc0 C:\Program Files\Sigmatel\C-Major Audio\WDM\STLang.dll
MD5: 485a4912b2d639694f836451a2b30435 C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
MD5: d8b83790f45403b83d24fc63310e3bc7 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MD5: b7dc98f6f4e7611a9c0849945fb28fb9 C:\Program Files\Windows Defender\MpOav.dll
MD5: 79b61ca6d79643ea6702a39975d3308e c:\program files\xfin_portal\auxi\comcastau.dll
MD5: fc3b6c301c5627bf01f59c7d4f5325bf c:\program files\xfin_portal\comcastdx.dll
MD5: 622334a74cd916988e9c959a11ddff86 C:\Users\Lance\AppData\Local\Microsoft\Toolbar\Applications\AppMgr.dll
MD5: b334423deda9a810d1779ae2ac5fa3c3 C:\Users\Lance\AppData\Local\Microsoft\Toolbar\Applications\WLExtension.dll
MD5: 9232d0e2a87b415869b128b2e7dc7953 C:\Users\Lance\AppData\Roaming\Mozilla\Firefox\Profiles\1p4nb2bw.default\extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f}\components\dtTransparency.dll
MD5: 8aa2ee43e12639c23f7102b87d10e9a8 C:\Users\Lance\AppData\Roaming\Mozilla\Firefox\Profiles\1p4nb2bw.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: 5d9c765b672099500041a4c5a9f73ca1 C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MD5: 93d5b9634c4744fb115785081ecf9738 C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MD5: 87145a466578cf57a3b52c5e51ff3239 C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2636.18437__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MD5: e02c418cd276fad0807f0f4c8ec1b183 C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2636.18429__90ba9c70f846762e\AEM.Foundation.dll
MD5: aa62955411d24092fade47df54e9427e C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2636.18457__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MD5: 3f0206c58fe060a4c4329c013fb614cf C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2636.18438__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MD5: dbd207024084ca26e9e918b90cae9016 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2636.18458__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MD5: 22683086d8df542e67961b5ae323d992 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2636.18458__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MD5: 3f23976c7c7a52dea617810396cd67d8 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2758.39193__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MD5: 5e33a0256862ce5c357e24b36648233d C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2636.18437__90ba9c70f846762e\AEM.Server.Shared.dll
MD5: 077a95dbbf8041b89ed0b6259cc2b06f C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2758.38880__90ba9c70f846762e\AEM.Server.dll
MD5: d70b8a3bd4f6cf1be77ef90bdf8773ef C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2636.18451__90ba9c70f846762e\APM.Foundation.dll
MD5: 175220090221c13ae3bb90f4b2ec3cd8 C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MD5: a067e8bdeaf31af9cfe1eb50a114f493 C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2758.38882__90ba9c70f846762e\ATIDEMOS.dll
MD5: 74a97243ab81f912efb1e75c0233cbae C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MD5: d8fe0f9b52bb5ea4211c4f241a3653a4 C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2758.39149__90ba9c70f846762e\CCC.Implementation.dll
MD5: 88e63d919e3d447399bebd267f22001d C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2636.18440__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MD5: 7702c2968a9ed0954afaae7353315129 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2758.39030__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MD5: 80d3d05554c3ef53931f707e652db8cb C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2758.39035__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MD5: 0c0a69adc0f8e3ab68dc41b01ac430e0 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MD5: cd5779366030fe7863d7feb078a8248f C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2758.39091__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MD5: 455538ad49a8d2d7ba837b40d7f6d2ec C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2758.39089__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MD5: 80acd93d7ba588fd8db82b393ad821f9 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2636.18451__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MD5: 7179309960653af31bf421e5484ddfe8 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2758.39110__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MD5: c0423b6398a457a55b5f134f6e645693 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2758.39023__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MD5: 7e17c3b665f06d5ba58e7f75b1b46d61 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2758.39029__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MD5: 3448234d854920ee16bd265e9e1ff9f4 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MD5: 7fbc5a84db8657a73dc096f86ac08e43 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2758.39076__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MD5: e4bb1aa1e62918cabd500f7b9798f108 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2758.39076__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MD5: b5a4a014e1a80d5e5bc398ff17c9ef89 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MD5: eb5d16d788d3df8fec7fe6ebbd113185 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2758.38955__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MD5: 0d317ecc1fb1757a690324c878d7a534 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2758.39029__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MD5: 589be3da543d821bdea6f74b5d914a00 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2636.18440__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MD5: fff9ad198f96013edf0613f3358a318d C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2758.39130__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MD5: f78b16da6beca17e23191f2290b5953e C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2758.39128__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MD5: 4371468662289fe1a80ccc7490a199d9 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2642.27815__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MD5: 7c7e7c24da994af4cab9ced7072d0d5e C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2758.39136__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MD5: 16e7ab2dc1017c9ca0e4aaf18d1cd188 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2758.38949__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MD5: 442d6f24078c7838a38fd2d47aa8b81d C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2758.38954__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MD5: 850ddfa84697f5a58f7258ac26f0fbeb C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2636.18443__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MD5: 9bfa73d851b3b3f283f846fa74431e83 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2758.38903__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MD5: ac11c4c102dfc06d062ce4a6983c72a0 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2758.38924__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MD5: 3e3fe51ae6018e888528be603b07699c C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2758.39056__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MD5: 405c94dcd13c27c10e1278d26d625173 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2758.39056__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MD5: 3434c0a594da26816676b36c0c8309dc C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2636.18450__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MD5: 6bc59147de14b281e045710fe4b8ece7 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2758.38902__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MD5: 81e3e97d23e72d5a5ddf70ee514c32a2 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MD5: ad11576cf0b04500be643a1bda93a046 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2758.38943__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MD5: 078311de8c887de8242cdee3416006fb C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2758.38935__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MD5: 54855c6e74108ea2bf7fa81d5c6036a8 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2636.18443__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MD5: 4fba330956f0ac96c39c5dec67103855 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2758.38936__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MD5: 6a8ca8ed138bca21bcce9faf51470581 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2758.39037__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MD5: 1718fc4e306c27c5357eaaa1e08bcf95 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2758.39035__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MD5: f5186abc2302f4fa49d30d09b7f2ed11 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2636.18449__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MD5: d873f6770f4d4fc36be4b7bd15513052 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2758.39116__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MD5: 85edd50375fe63a5c97c2ce815a2461e C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2758.39157__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MD5: 9e3f1a6d7ef018c89e8ba333df589d2f C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2758.39157__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MD5: 205f7cd90ee9d1a130c7197aa708e404 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2636.18459__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MD5: d23c85f6be374740b574ffc553aa6ec0 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2758.39097__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MD5: 5148b4b64f08ed72e3a937599d3c3863 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2758.39096__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MD5: faea34dd31ce3190ca307d75f46ba42a C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2636.18451__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MD5: 4379927e19560d66bd6d0adb846f7176 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2758.39102__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MD5: ca86810f099302919d349ef159aa8af9 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2636.18459__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MD5: 6d7a478f5ad58ebd0acb55a9f793ac27 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2758.39163__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MD5: 33f4b7b05eba2781fd01b78dbffbc983 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2758.39171__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MD5: 4c133c93d0eecca99e2a58b9fb439051 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2636.18441__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MD5: c1c0817179a54f8292373eb98d2b8abd C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2758.38896__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MD5: de972c36bae549539674eef35b639a31 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2636.18452__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MD5: cef5480918bc362f03caf751b7969f79 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2758.38883__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MD5: bec9dada08fba9bdfbb8e2a5fbfcad42 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2636.18438__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MD5: a70cb8aff64efdcabcb01797ad908840 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2636.18442__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MD5: 80742e335b30a26b5086fbb081b64f42 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2758.38916__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MD5: 0b82eed7297bb3f610441e1f103c72d9 C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MD5: 62d5dccbbf47b76f76b41f4bdaf5a20e C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2636.18435__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MD5: 05f960a7e7f11a375deededbfdb25356 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2636.18439__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MD5: 332b40326b9275d44b37627fe0c5b69a C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MD5: 531996e4299afd26235a90e0aed44e65 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2758.38892__90ba9c70f846762e\CLI.Component.Dashboard.dll
MD5: b66e0f6ef1bcfda6e9c9f9b7e2e4922d C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2758.38880__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MD5: 9ca60adba3bfc37879dec4f6d2c7aa3f C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2636.18439__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MD5: 2ae33b385fa31f346b3f7e0a1934a36c C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2636.18437__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MD5: 469d8b960d2dfccaa56773fb9eaff9ae C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2758.38882__90ba9c70f846762e\CLI.Component.Runtime.dll
MD5: 1022d4a048ebf64c1fb9a9d63f619fe3 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2636.18458__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MD5: 11883f793e77f1c529ae9ec5b0898103 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2636.18438__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MD5: b4e10122c92d407a1f861553c9b54efc C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2758.38911__90ba9c70f846762e\CLI.Component.Wizard.dll
MD5: c57e014f1176dacdc9302cab2cd21d0c C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2636.18433__90ba9c70f846762e\CLI.Foundation.Private.dll
MD5: 2e9ba7fa80a230e6729648bbc5fa050c C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2636.18485__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MD5: 8755363fb766bb116c718819ae9d106e C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2636.18430__90ba9c70f846762e\CLI.Foundation.dll
MD5: fb21e6379376a594fc26368f62077d3a C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MD5: aa60b8ec16357fa0ba05be391e507f9d C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2636.18441__90ba9c70f846762e\DEM.Graphics.dll
MD5: cc95e5883871cdb81c8e68066f75facb C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2636.18442__90ba9c70f846762e\DEM.OS.I0602.dll
MD5: 902612009a8292e8e86d0928ad75b808 C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2636.18443__90ba9c70f846762e\DEM.OS.dll
MD5: d65dbca665afd18674ebf41781e8aeaf C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2636.18440__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MD5: 34bd4e10e09ddb93ec1d896eb53cc991 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2758.39148__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MD5: 55f1b8f8038ca76093c84273ec90e386 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2636.18435__90ba9c70f846762e\LOG.Foundation.Private.dll
MD5: 561d5bfd60d1da1527f004bc3388a026 C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2636.18428__90ba9c70f846762e\LOG.Foundation.dll
MD5: 2a69587f3836559bdeb4b3b3009d00ae C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2636.18438__90ba9c70f846762e\MOM.Foundation.dll
MD5: 67a1bd021f7d0970e8f6e11a3dd3518e C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2758.39150__90ba9c70f846762e\MOM.Implementation.dll
MD5: 863312132304d94175e888d52b7049ec C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2636.18430__90ba9c70f846762e\NEWAEM.Foundation.dll
MD5: ce45722a3393b63843de48f314cf6b3f C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MD5: d709af78422f6f0ef09cd0b79cfe743f C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MD5: 602cbe17e7858342cf99cae79fc04b16 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MD5: a9bb8332bef887a0f4adc3c88cc35bfc C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MD5: 28a295aa6abd45f4557b6c00d0f8c5b1 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MD5: 8c70a2b884ffbbae50bbd21fb962a846 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MD5: 11ebc1ef713a878a14be8d5923cd355f C:\Windows\Downloaded Program Files\isusweb.dll
MD5: 6717ae12e326dd1e39f6ee183a37dc0f C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: ee59d3cdfab2e808551084165c7887bf C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 35a936c7c029a5b705d3ffd40518d660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 23242fd6c7d4c61807e84fd3a79248c4 C:\Windows\OEM02Mon.exe
MD5: b07511c6f3bbc07b1e09e44f20ee5b8a C:\Windows\system32\Adobe\Director\np32dsw.dll
MD5: e9b9c1b98c8d6d48407e1c1203eac659 C:\Windows\system32\adsldpc.dll
MD5: ef1142512bec12f1c2c87735da1755be C:\Windows\system32\aestsrv.exe
MD5: 8c144576ed0269aef68241b1d7b02dc0 C:\Windows\system32\Ati2evxx.exe
MD5: bddf37d9d963b6ee6bf23c3ab0c2c35e C:\Windows\system32\ATIDEMGX.dll
MD5: 02282ae6181dadc9491cb6921377dd9d C:\Windows\system32\atipdlxx.dll
MD5: 067924588013f41defd40d4588798c27 C:\Windows\system32\atitmmxx.dll
MD5: 52d7ebfe9ba0599a144a2614bf6ff185 C:\Windows\system32\atiumdag.dll
MD5: 6e8f369774a36e56f07e3c8eb9ad2188 C:\Windows\system32\atiumdva.dll
MD5: b0b4c590c0cae7741da17e3dc86cc828 C:\Windows\system32\CEUTIL.dll
MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe
MD5: 93e317d7ad783d8eaee2e3500bfe889d C:\Windows\system32\credui.dll
MD5: 498961deaac558a5d85f7596cbca6dc3 C:\Windows\system32\CRYPTDLG.dll
MD5: 3dfeec45e5f22993216083fb777719d5 C:\Windows\system32\d2d1.dll
MD5: 8b02d2ecc7ef6e1f6af08459e3f741f6 C:\Windows\system32\d3d10.dll
MD5: 29e4ea31c6debe5efb384eefa4f1ef63 C:\Windows\system32\d3d10_1.dll
MD5: 556f1cbe9ba19e2ccd6f8d9af71af5c7 C:\Windows\system32\d3d10_1core.dll
MD5: 9c7094f537782a82b6a29b4a7172e180 C:\Windows\system32\d3d10core.dll
MD5: 33ebf5dcd45f878b3622ad82ab37af3a C:\Windows\system32\D3D10Warp.dll
MD5: 85e861d0b88db2b54acb0839654c09f7 C:\Windows\System32\DNSAPI.dll
MD5: 57d762f6f5974af0da2be88a3349baaa C:\Windows\System32\dnsrslvr.dll
MD5: 3911b972b55fea0478476b2e777b29fa C:\Windows\system32\drivers\afd.sys
MD5: 8b10ce1c1f9f1d47e4deb1a547a00cd4 C:\Windows\system32\drivers\agp440.sys
MD5: dc67a153fdb8105b25d05334b5e1d8e2 C:\Windows\system32\drivers\aliide.sys
MD5: 848f27e5b27c1c253f6cefdc1a5d8f21 C:\Windows\system32\drivers\amdagp.sys
MD5: 835c4c3355088298a5ebd818fa31430f C:\Windows\system32\drivers\amdide.sys
MD5: c8465ed71bf898ea71c8717f2f8a5fa3 C:\Windows\system32\DRIVERS\atikmdag.sys
MD5: 4aa1eb65481c392955939e735d27118b C:\Windows\system32\DRIVERS\AtiPcie.sys
MD5: cd4646067cc7dcba1907fa0acf7e3966 C:\Windows\system32\DRIVERS\bcm4sbxp.sys
MD5: 6aae1042c0a572b24d2a4d6088f03392 C:\Windows\system32\DRIVERS\bcmwl6.sys
MD5: ed910b63a75863a89aab65f2763d5b71 C:\Windows\system32\DRIVERS\BLKWGU.sys
MD5: 35f376253f687bde63976ccb3f2108ca C:\Windows\system32\DRIVERS\bowser.sys
MD5: e79cbb2195e965f6e3256e2c1b23fd1c C:\Windows\system32\drivers\cmdide.sys
MD5: 622c41a07ca7e6dd91770f50d532cb6c C:\Windows\System32\Drivers\dfsc.sys
MD5: dfeabb7cfffadea4a912ab95bdc3177a C:\Windows\system32\DRIVERS\dsunidrv.sys
MD5: c68ac676b0ef30cfbb1080adce49eb1f C:\Windows\System32\drivers\dxgkrnl.sys
MD5: 7505290504c8e2d172fa378cc0497bcc C:\Windows\system32\DRIVERS\e1e6032.sys
MD5: 4daca8f07537d4d7e3534bb99294aa26 C:\Windows\system32\DRIVERS\HSX_CNXT.sys
MD5: e9e589c9ab799f52e18f057635a2b362 C:\Windows\system32\DRIVERS\HSX_DPV.sys
MD5: 7845d2385f4dc7dfb3ccaf0c2fa4948e C:\Windows\system32\DRIVERS\HSXHWAZL.sys
MD5: 0084046c084d68e494f8cf36bcf08186 C:\Windows\system32\drivers\intelide.sys
MD5: ce44cc04262f28216dd4341e9e36a16f C:\Windows\system32\DRIVERS\intelppm.sys
MD5: 2f8ece2699e7e2070545e9b0960a8ed2 C:\Windows\system32\drivers\isapnp.sys
MD5: d2600cb17b7408b4a83f231dc9a11ac3 C:\Windows\system32\DRIVERS\kbdhid.sys
MD5: b7ca8cc3f978201856b6ab82f40953c3 C:\Windows\system32\drivers\mbam.sys
MD5: 1e94971c4b446ab2290deb71d01cf0c2 C:\Windows\system32\DRIVERS\mrxsmb.sys
MD5: 4fccb34d793b116423209c0f8b7a3b03 C:\Windows\system32\DRIVERS\mrxsmb10.sys
MD5: c3cb1b40ad4a0124d617a1199b0b9d7c C:\Windows\system32\DRIVERS\mrxsmb20.sys
MD5: d420bc42a637ac3cc4f411220549c0dc C:\Windows\system32\drivers\msahci.sys
MD5: 055081fd5076401c1ee1bcab08d81911 C:\Windows\system32\drivers\nv_agp.sys
MD5: 19cac780b858822055f46c58a111723c C:\Windows\system32\DRIVERS\OEM02Dev.sys
MD5: 86326062a90494bdd79ce383511d7d69 C:\Windows\system32\DRIVERS\OEM02Vfx.sys
MD5: 1636d43f10416aeb483bc6001097b26c C:\Windows\system32\drivers\pciide.sys
MD5: feffcfdc528764a04c8ed63d5fa6e711 C:\Windows\System32\Drivers\PxHelp20.sys
MD5: 0245418224cfa77bf4b41c2fe0622258 C:\Windows\system32\drivers\rdpdr.sys
MD5: d85e3fa9f5b1f29bb4ed185c450d1470 C:\Windows\system32\DRIVERS\rimmptsk.sys
MD5: db8eb01c58c9fada00c70b1775278ae0 C:\Windows\system32\DRIVERS\rimsptsk.sys
MD5: 92d33f76769a028ddc54a863eb7de4a2 C:\Windows\System32\Drivers\RimUsb.sys
MD5: 6c1f93c0760c9f79a1869d07233df39d C:\Windows\system32\DRIVERS\rixdptsk.sys
MD5: 75e8a6bfa7374aba833ae92bf41ae4e6 C:\Windows\System32\Drivers\RootMdm.sys
MD5: 96ded8b20c734ac41641ce275250e55d C:\Windows\system32\drivers\sffp_mmc.sys
MD5: c33bfbd6e9e41fcd9ffef9729e9faed6 C:\Windows\system32\DRIVERS\sfloppy.sys
MD5: 08072b2fb92477fc813271a84b3a8698 C:\Windows\system32\drivers\sisagp.sys
MD5: 41987f9fc0e61adf54f581e15029ad91 C:\Windows\System32\DRIVERS\srv.sys
MD5: ff33aff99564b1aa534f58868cbe41ef C:\Windows\System32\DRIVERS\srv2.sys
MD5: 7605c0e1d01a08f3ecd743f38b834a44 C:\Windows\System32\DRIVERS\srvnet.sys
MD5: 5af135b2e2097d4494b9067ce84e2665 C:\Windows\system32\drivers\stwrt.sys
MD5: dd17b63f26430e179ef6bdef5ac735bd C:\Windows\system32\DRIVERS\SynTP.sys
MD5: 814a1c66fbd4e1b310a517221f1456bf C:\Windows\System32\drivers\tcpip.sys
MD5: 6d72ef05921abdf59fc45c7ebfe7e8dd C:\Windows\system32\drivers\uliagpkx.sys
MD5: 325dbbacb8a36af9988ccf40eac228cc C:\Windows\system32\DRIVERS\usbuhci.sys
MD5: d5929a28bdff4367a12caf06af901971 C:\Windows\system32\drivers\viaagp.sys
MD5: f3b4762eb85a2aff4999401f14c3262b C:\Windows\system32\drivers\viaide.sys
MD5: 28dc5d626e036a75a572556f0a6eb1f6 C:\Windows\system32\DRIVERS\xaudio.exe
MD5: 5a7ff9a18ff6d7e0527fe3abf9204ef8 C:\Windows\system32\DRIVERS\xaudio.sys
MD5: 6843926aff733d46a04f9d4e1c1a6b14 C:\Windows\system32\DWrite.dll
MD5: aaae543c535ed596ecad2ab8761c2c6f C:\Windows\system32\dxgi.dll
MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\system32\Dxtmsft.dll
MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\system32\Dxtrans.dll
MD5: abaeaee763e287bdd39094c4165e1f3f C:\Windows\system32\fdproxy.dll
MD5: 8ce364388c8eca59b14b539179276d44 C:\Windows\system32\FntCache.dll
MD5: ee9d715af1b928982f417238b9914484 C:\Windows\System32\ieapfltr.dll
MD5: 691e93028b8723e05b4a637be77380dd C:\Windows\system32\ieframe.dll
MD5: 1416ab557be700fa117323b6b8f32882 C:\Windows\system32\iertutil.dll
MD5: 274e38af453fa9e079b1d5a85f5f0921 C:\Windows\system32\IEUI.dll
MD5: 82586704868e3abb382cae303b41e8b7 C:\Windows\System32\jscript9.dll
MD5: 574b473facaa0e91702b86578440b525 C:\Windows\system32\kernel32.dll
MD5: 861797d3c83a6eba05fb2c63b1a45e82 C:\Windows\system32\ksproxy.ax
MD5: d9963d39f6711e9a1c14c939c3a25605 C:\Windows\system32\MdmXSdk.dll
MD5: 1b593fbb763150bd225df266c69a9329 C:\Windows\system32\MFC42u.DLL
MD5: 5caa8398b6a769b24880c18da4185bec C:\Windows\System32\mpg2splt.ax
MD5: 56e315acfb08a177b4d01e42b9044db5 C:\Windows\system32\MPRAPI.dll
MD5: 66c0aee61d1c5c35bf1b4642a153b114 C:\Windows\system32\MSHTML.dll
MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
MD5: 330e7e99a0911898cd1ef69384220032 C:\Windows\System32\msmpeg2adec.dll
MD5: ff41e1ac301f51e16f61ad7c0f45467c C:\Windows\System32\msshsq.dll
MD5: 2310a32bb0164552a311bfa02102a3d6 C:\Windows\system32\MSVCP60.dll
MD5: 39ba737ebf8e7da1cd019fe95333fd70 C:\Windows\system32\Mystify.scr
MD5: dda770bbd7c2ed024d6f50e279d90e5b C:\Windows\system32\ntdll.dll
MD5: 862363973dcbcc31dd161ef41a69153c C:\Windows\system32\ODBC32.dll
MD5: 9586e7cb2255a8b097a7e4538202585e C:\Windows\system32\ole32.dll
MD5: dc15ab7168c0309d8f04fd95b6240422 C:\Windows\system32\OLEACC.dll
MD5: b218342214d9bba0f54ea12ba2e9278c C:\Windows\system32\OLEAUT32.dll
MD5: 8f960a1a3d9a7b829fd9dce2689030f6 C:\Windows\System32\qedit.dll
MD5: 10f13fff542fec4a2c4fa734eebe56b9 C:\Windows\system32\qmgrprxy.dll
MD5: 5f6359756dbcc901276bc2b62460fa64 C:\Windows\system32\quartz.dll
MD5: 11fbb8cb6865b7ba387095398eb91ed4 C:\Windows\system32\RAPI.dll
MD5: 3379989f06b31347792836dcf028a325 C:\Windows\system32\rapiproxystub.dll
MD5: b1e4d190cd21cc75ae38562400dd5345 C:\Windows\system32\rapistub.dll
MD5: 2dd6af8e97f59c9d39329bbc2a81f13f C:\Windows\system32\RASDLG.dll
MD5: 2ab58991862153a248779174d4e4212b C:\Windows\system32\schannel.dll
MD5: 1a58069db21d05eb2ab58ee5753ebe8d C:\Windows\system32\schedsvc.dll
MD5: 167ac31450c0c53a01fa1491e94d7678 C:\Windows\system32\SHDOCVW.dll
MD5: 33ae914c24f546aabf281ba7b138186d C:\Windows\system32\SHELL32.dll
MD5: 9176285122b7b849fec2aa1b72a8f7a8 C:\Windows\system32\SHLWAPI.dll
MD5: c7230fbee14437716701c15be02c27b8 C:\Windows\System32\shsvcs.dll
MD5: 8554097e5136c3bf9f69fe578a1b35f4 C:\Windows\System32\spoolsv.exe
MD5: 1bf5eebfd518dd7298434d8c862f825d C:\Windows\System32\srvsvc.dll
MD5: 799aa3e04879b3fed31ecea02b1caa9a C:\Windows\system32\STacSV.exe
MD5: bf47ed87eadbf5e31f7e95d7cd2369d7 C:\Windows\system32\stapi32.dll
MD5: b5950df243837d8217f4e597919b224a C:\Windows\system32\stobject.dll
MD5: bfa034aac103d8a6f591ac9364688339 C:\Windows\system32\t2embed.dll
MD5: 3d50c4b10352367d5cb20ed1f50f8da2 C:\Windows\System32\taskeng.exe
MD5: 52e129522c1775dbb8cc252e7a0655c7 C:\Windows\system32\taskschd.dll
MD5: 814638f572f497d96b17bf254113d9a4 C:\Windows\system32\urlmon.dll
MD5: 80fff14f1757b9af8be9d314fc1ae88b C:\Windows\system32\USP10.dll
MD5: 5e7a2cf7719161c5e6c0e47d67ad45ae C:\Windows\system32\VBScript.dll
MD5: 2c3b09e586bda2cc49a292be7badc589 C:\Windows\system32\wbem\wmiutils.dll
MD5: 917422e1b95a72b0328b301bacbf1b07 C:\Windows\system32\wcescommproxy.dll
MD5: 5193de33f3284c447e0d31dafbf92570 c:\windows\system32\webcheck.dll
MD5: 02f98b5c0e397ad06124d84428cf8f1a C:\Windows\system32\WININET.dll
MD5: 14ff750efe13b0c21e5a06507c3a97b1 C:\Windows\system32\WINMM.dll
MD5: 5ec8fb83f31aa2d6f421f02c3f4f4475 C:\Windows\system32\WINSPOOL.DRV
MD5: a9662bcf218bc76869a8d91635d5f93a C:\Windows\System32\Wpc.dll
MD5: 1908cc7673f72601affdca022689cedf C:\Windows\system32\XmlLite.dll
MD5: 8f97d374ad1857e1eed85a79f29a1d3d C:\Windows\WindowsMobile\rapimgr.dll
MD5: 59e19bd13c3bdb857646b9e436ba27f7 C:\Windows\WindowsMobile\wcescomm.dll
MD5: 96b3c4e20f02ca16aa1e3e425bffcc8b C:\Windows\WindowsMobile\wmdc.exe
MD5: b425b079cff251aeab63a9ee41371d1f C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\MSVCR80.dll
MD5: 35acd5ea63d75e97dd0e9a1629e582b2 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\Comctl32.dll
MD5: be3c082837866c4c291adaf163c10ea6 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MD5: b5b09091b0e33c396ceec8995515bd41 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll


No file uploaded.

Scan finished - communication took 1 sec
Total traffic - 0.01 MB sent, 1.39 KB recvd
Scanned 846 files and modules - 255 seconds

==============================================================================

[ajrelic8]

Process PID CPU Private Bytes Working Set Description Company Name
AEstSrv.exe 348 368 K 284 K Andrea filters APO access service (32-bit) Andrea Electronics Corporation
Ati2evxx.exe 1084 1,080 K 816 K ATI External Event Utility EXE Module ATI Technologies Inc.
Ati2evxx.exe 1428 1,872 K 1,260 K
audiodg.exe 1268 13,612 K 7,996 K
consent.exe 1732 4,996 K 4,320 K
consent.exe 5144 5,000 K 4,328 K
consent.exe 3948 5,004 K 5,252 K
consent.exe 3840 4,996 K 5,584 K
consent.exe 2356 5,044 K 7,452 K
csrss.exe 564 1,956 K 2,496 K
ehmsas.exe 1184 1,100 K 1,136 K Media Center Media Status Aggregator Service Microsoft Corporation
ehtray.exe 3432 1,420 K 832 K Media Center Tray Applet Microsoft Corporation
lsass.exe 700 3,364 K 3,504 K Local Security Authority Process Microsoft Corporation
lsm.exe 708 1,960 K 1,540 K
mbamgui.exe 156 2,376 K 1,196 K Malwarebytes Anti-Malware Malwarebytes Corporation
mDNSResponder.exe 368 1,568 K 988 K Bonjour Service Apple Computer, Inc.
mscorsvw.exe 4848 3,060 K 2,252 K .NET Runtime Optimization Service Microsoft Corporation
NDP35SP1-KB2657424-x86.exe 3232 3,548 K 4,924 K
PCMService.exe 1036 < 0.01 6,020 K 4,012 K CyberLink PowerCinema Resident Program CyberLink Corp.
qttask.exe 2960 960 K 908 K QuickTime Task Apple Computer, Inc.
quickset.exe 3428 9,436 K 2,928 K QuickSet Dell Inc.
RoxWatch9.exe 1964 6,412 K 1,672 K RoxSniffer9 Module Sonic Solutions
SeaPort.exe 2108 5,188 K 2,264 K Microsoft SeaPort Search Enhancement Broker Microsoft Corporation
SearchProtocolHost.exe 476 5,252 K 4,972 K
services.exe 660 2,864 K 3,316 K
SLsvc.exe 1316 6,180 K 908 K Microsoft Software Licensing Service Microsoft Corporation
smss.exe 432 292 K 200 K
spoolsv.exe 1864 5,952 K 1,724 K Spooler SubSystem App Microsoft Corporation
sprtcmd.exe 3340 15,320 K 1,580 K SupportSoft, Inc.
sprtsvc.exe 2148 3,936 K 716 K SupportSoft Agent Service SupportSoft, Inc.
stacsv.exe 2184 8,244 K 1,648 K STacSV Module IDT, Inc.
sttray.exe 3324 4,288 K 1,540 K Sigmatel Audio system tray application IDT, Inc.
svchost.exe 1300 2,300 K 1,588 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1372 7,976 K 3,332 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1560 21,776 K 7,252 K Host Process for Windows Services Microsoft Corporation
svchost.exe 444 2,156 K 632 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1752 1,696 K 668 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2664 4,124 K 648 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2720 1,448 K 3,228 K Host Process for Windows Services Microsoft Corporation
svchost.exe 3472 3,592 K 1,116 K Host Process for Windows Services Microsoft Corporation
svchost.exe 4140 1,540 K 1,032 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1188 37,140 K 19,128 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1928 20,796 K 6,192 K Host Process for Windows Services Microsoft Corporation
svchost.exe 936 3,660 K 3,156 K Host Process for Windows Services Microsoft Corporation
svchost.exe 876 2,860 K 2,664 K Host Process for Windows Services Microsoft Corporation
System Idle Process 0 0 K 24 K
taskeng.exe 3536 1,928 K 2,300 K
taskeng.exe 4124 1,288 K 1,520 K
TrustedInstaller.exe 5848 38,304 K 38,284 K Windows Modules Installer Microsoft Corporation
UpdateChecker.exe 4368 18,764 K 21,616 K
wininit.exe 616 1,348 K 788 K
winlogon.exe 740 2,028 K 1,664 K
wlanext.exe 1764 2,004 K 1,244 K
WLIDSVC.EXE 2744 4,796 K 1,832 K
WLIDSVCM.EXE 3400 848 K 584 K
wmdc.exe 2120 1,724 K 1,204 K Windows Mobile Device Center Microsoft Corporation
WmiPrvSE.exe 3988 3,168 K 1,552 K
wmpnetwk.exe 3736 0.68 4,248 K 2,704 K Windows Media Player Network Sharing Service Microsoft Corporation
wmpnscfg.exe 3460 1,696 K 1,784 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
wuauclt.exe 4812 6,064 K 3,432 K
XAudio.exe 2836 760 K 520 K Modem Audio Service Conexant Systems, Inc.
GoogleToolbarNotifier.exe 3380 < 0.01 3,700 K 1,052 K GoogleToolbarNotifier Google Inc.
SymNRT.exe 4640 < 0.01 7,736 K 10,344 K
DLG.exe 2456 < 0.01 2,072 K 1,032 K Digital Line Detection Avanquest Software
CCC.exe 1164 < 0.01 34,676 K 6,720 K Catalyst Control Centre: Host application ATI Technologies Inc.
taskeng.exe 2416 < 0.01 9,528 K 3,620 K Task Scheduler Engine Microsoft Corporation
MOM.exe 3584 < 0.01 23,520 K 2,356 K Catalyst Control Center: Monitoring program ATI Technologies Inc.
SynTPEnh.exe 3072 < 0.01 2,192 K 2,140 K
dllhost.exe 3756 < 0.01 232 K 224 K COM Surrogate Microsoft Corporation
explorer.exe 2480 2.74 23,204 K 22,032 K Windows Explorer Microsoft Corporation
csrss.exe 628 0.68 1,568 K 3,140 K
firefox.exe 1792 0.68 68,884 K 71,888 K Firefox Mozilla Corporation
mbamservice.exe 4720 2.05 95,984 K 32,828 K Malwarebytes Anti-Malware Malwarebytes Corporation
MpCmdRun.exe 3820 1,308 K 1,472 K
OEM02Mon.exe 1120 0.68 2,480 K 1,332 K Live! Cam Console Auto Launcher Creative Technology Ltd.
SearchFilterHost.exe 6080 2,824 K 4,480 K
System 4 1.37 0 K 5,332 K
msiexec.exe 3644 6.85 2,104 K 5,444 K
mswinext.exe 1952 1.37 31,104 K 20,296 K MSN® Toolbar Microsoft Corp.
svchost.exe 1148 3.42 49,976 K 40,412 K Host Process for Windows Services Microsoft Corporation
Interrupts n/a 2.05 0 K 0 K Hardware Interrupts and DPCs
svchost.exe 1096 15,092 K 6,504 K Host Process for Windows Services Microsoft Corporation
svchost.exe 984 2.05 66,400 K 26,068 K Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 2800 0.68 33,032 K 12,212 K Microsoft Windows Search Indexer Microsoft Corporation
msiexec.exe 4216 8.22 3,428 K 9,684 K
dwm.exe 2448 6.16 36,964 K 29,108 K Desktop Window Manager Microsoft Corporation
HotFixInstaller.exe 5612 7.53 2,928 K 6,280 K
GoogleDesktop.exe 3376 33.56 17,636 K 13,992 K Google Desktop Google
procexp.exe 5460 19.18 18,900 K 27,316 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
RacAgent.exe 5172 3,672 K 3,180 K

[RKinner]

Can't read the process Explorer log. You forgot to: Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top.