Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP slow and Firefox issues


  • Please log in to reply

#1
VICFROMBAYVILLE

VICFROMBAYVILLE

    Member

  • Member
  • PipPip
  • 16 posts
This laptop is behaving poorly. Need to clean it up and get rid of multiple virus software.
My wife now uses this computer primarily for email (Hotmail, Gmail, Comcast.net), Quicken2012, Microsoft Office, Picasa. Thanks in advance for your help.

OTL .....

OTL logfile created on: 1/20/2012 10:25:41 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Victor Lido\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.42 Mb Total Physical Memory | 373.87 Mb Available Physical Memory | 36.86% Memory free
2.39 Gb Paging File | 1.81 Gb Available in Paging File | 75.80% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.34 Gb Total Space | 19.32 Gb Free Space | 25.99% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 442.84 Gb Free Space | 95.08% Space Free | Partition Type: NTFS

Computer Name: GOLDIE | User Name: Victor Lido | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/20 10:02:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Victor Lido\Desktop\OTL.exe
PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/30 10:40:21 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/01 11:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 11:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 11:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/05/04 16:04:38 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2011/05/04 16:04:32 | 000,325,344 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2009/11/23 18:53:58 | 004,781,352 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/11/23 18:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/11/23 18:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2009/11/23 18:53:56 | 001,823,528 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/04/29 14:22:37 | 000,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/23 17:53:16 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2005/04/28 22:08:34 | 000,675,840 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\Toshiba\E-KEY\CeEKey.exe
PRC - [2005/04/18 13:33:42 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
PRC - [2005/03/08 17:27:50 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Accessibility\FnKeyHook.exe
PRC - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/12/28 18:02:46 | 000,270,336 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2004/12/28 18:02:28 | 000,036,864 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2004/10/15 13:27:56 | 000,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004/10/15 13:27:38 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/10/15 13:23:12 | 000,245,760 | ---- | M] (Intel) -- C:\Program Files\Intel\Wireless\Bin\1XConfig.exe
PRC - [2004/08/27 23:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004/08/27 23:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003/12/17 12:50:22 | 000,040,960 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\COMPAQ\Easy Access Button Support\STARTEAK.exe
PRC - [2003/09/29 21:41:32 | 000,040,960 | ---- | M] (Tablet Driver) -- C:\WINDOWS\system32\drivers\WtSrv.exe
PRC - [2003/04/07 14:38:56 | 000,090,112 | ---- | M] (Compaq) -- C:\Compaq\EAKDRV\EAUSBKBD.exe
PRC - [2003/04/03 17:29:04 | 000,434,176 | ---- | M] (HP Company) -- C:\Program Files\COMPAQ\Easy Access Button Support\CPQEADM.exe
PRC - [2003/04/01 19:50:14 | 000,122,880 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\COMPAQ\Easy Access Button Support\BttnServ.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/20 04:47:33 | 001,681,408 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12012000\algo.dll
MOD - [2012/01/12 08:25:34 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a86c12788293105a0d9fda1bc90c90bc\Microsoft.VisualBasic.ni.dll
MOD - [2012/01/12 08:13:47 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll
MOD - [2012/01/12 08:13:27 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
MOD - [2012/01/12 07:55:28 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/14 05:07:05 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MOD - [2011/10/14 05:07:01 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/14 05:06:34 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/14 05:06:27 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011/10/14 05:04:40 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/14 05:04:28 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/14 05:04:15 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/14 05:03:58 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
MOD - [2011/10/14 05:01:56 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/14 05:01:28 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/01 11:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 11:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 11:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 11:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/05/22 12:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/05/04 16:04:54 | 002,896,608 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2011/05/04 16:04:50 | 000,027,360 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2011/05/04 16:04:32 | 000,325,344 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/03/22 17:59:46 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2008/01/23 17:53:16 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
MOD - [2008/01/23 17:53:16 | 000,362,376 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll
MOD - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
MOD - [2005/04/25 13:51:32 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TPeculiarity.dll
MOD - [2005/04/20 17:59:06 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TCtrlIO.dll
MOD - [2005/04/01 17:39:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\EKECioCtl.dll
MOD - [2005/04/01 17:37:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\EBLib.DLL
MOD - [2004/10/15 13:23:18 | 000,073,728 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL
MOD - [2002/07/04 09:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\Software Suite\PhotoImpression 5\Share\PIHook.dll
MOD - [1998/12/20 16:35:36 | 000,024,576 | ---- | M] () -- C:\Program Files\COMPAQ\Easy Access Button Support\BttnSeps.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- -- (Net Driver HPZ12)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/06/01 11:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 16:04:38 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2009/11/23 18:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/11/23 18:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/04/29 14:22:37 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2008/01/23 17:53:16 | 001,251,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/01/25 12:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/27 23:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2003/09/29 21:41:32 | 000,040,960 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\WINDOWS\system32\drivers\WtSrv.exe -- (WinTabService)


========== Driver Services (SafeList) ==========

DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/10/07 03:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 03:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC)
DRV - [2009/10/07 03:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/08/27 17:06:32 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009/05/20 13:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/04/29 14:22:35 | 000,008,864 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2009/03/30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/25 05:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/10/11 21:00:42 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/11 20:59:12 | 001,920,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/02/16 13:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/01/25 12:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/10 08:08:33 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/06/02 02:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/04/28 18:26:48 | 000,037,248 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2005/04/27 12:53:06 | 000,074,112 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2005/04/19 12:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/15 15:46:04 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/04/12 18:19:42 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/03/30 14:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005/03/24 18:36:54 | 000,008,192 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2005/03/09 11:14:34 | 000,008,704 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2005/03/08 22:33:26 | 000,098,560 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/01/13 12:04:18 | 000,057,984 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2005/01/06 15:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/21 13:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004/12/15 19:30:14 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2004/11/16 00:51:54 | 000,050,048 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2004/10/29 20:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/10/15 13:20:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/10/04 12:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/08/12 10:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/07/31 09:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EPIOMngr.sys -- (SerTVOutCtlr)
DRV - [2004/07/30 17:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr)
DRV - [2004/07/30 17:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EKIOMngr.sys -- (SrvcEKIOMngr)
DRV - [2004/07/08 19:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2004/05/08 22:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/09/19 17:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/03/05 04:17:36 | 000,023,202 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TClass2k.sys -- (TClass2k)
DRV - [2003/03/05 02:00:44 | 000,011,090 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UCTblHid.sys -- (UCTblHid)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/11/08 04:50:00 | 000,014,156 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LCcfltr.sys -- (LCcfltr)
DRV - [2002/10/16 15:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2002/08/26 16:29:42 | 000,023,387 | ---- | M] (Magic Control Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\u2s2kxp.sys -- (U2SP) USB to Serial Converter Driver(Philips)
DRV - [2001/12/19 11:45:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\VCdRom.sys -- (vcdrom)
DRV - [2000/06/13 00:32:02 | 000,015,370 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Tablet2k.sys -- (Tablet2k)
DRV - [1999/10/30 03:35:08 | 000,024,348 | R--- | M] (Compaq Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EAWDMFD.sys -- (EAWDMFD)
DRV - [1999/08/30 07:19:12 | 000,034,916 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.2.3
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.9
FF - prefs.js..extensions.enabledItems: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08}:6.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Victor Lido\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Victor Lido\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Victor Lido\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Victor Lido\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011/04/24 13:50:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/30 10:43:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/30 10:00:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/21 08:38:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/09 11:42:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Victor Lido\Application Data\Move Networks [2010/02/27 17:32:05 | 000,000,000 | ---D | M]

[2011/01/10 17:42:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Victor Lido\Application Data\Mozilla\Extensions
[2012/01/19 16:39:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Victor Lido\Application Data\Mozilla\Firefox\Profiles\u0uhk80n.default\extensions
[2011/01/13 09:05:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Victor Lido\Application Data\Mozilla\Firefox\Profiles\u0uhk80n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/21 08:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\VICTOR LIDO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0UHK80N.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\VICTOR LIDO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0UHK80N.DEFAULT\EXTENSIONS\{BAEBEF65-9289-47C5-8524-C345CC5D860D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\VICTOR LIDO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0UHK80N.DEFAULT\EXTENSIONS\{FCAB6FDD-5585-425B-95C1-5ED856F3FD08}.XPI
[2011/12/21 08:37:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/21 08:37:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/21 08:37:48 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Victor Lido\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Victor Lido\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Google Gadget Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll
CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Victor Lido\Application Data\Move Networks\plugins\npqmp071705000014.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: WPI Application Detector (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: Freemake Video Converter = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Poppit = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2009/08/05 16:02:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\STARTEAK.exe (Compaq Computer Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide File not found
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TOSHIBA Accessibility] C:\Program Files\Toshiba\Accessibility\FnKeyHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TPNF] C:\Program Files\Toshiba\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [USB2Check] C:\WINDOWS\System32\PCLECoInst.dll (Pinnacle Systems)
O4 - HKCU..\Run: [QuickenScheduledUpdates] C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...0/uploader2.cab (UploadListView Class)
O16 - DPF: {6B9A6E3B-0307-47A7-82B1-F2D215973CAF} https://accounting.q...29/qboimax6.cab (QuickBooks Online Edition Import Utilities Class v6)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} https://accounting.q...129/qboax10.cab (QuickBooks Online Edition Utilities Class v10)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.3.16.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08943FFE-17CE-417E-8C4B-59984357E80A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C216AB3-537A-4993-8C26-C37E7FD7A18C}: NameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Program Files\Intel\Wireless\Bin\LgNotify.dll) - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Coffee Bean.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Coffee Bean.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/14 23:53:50 | 000,000,027 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{c60e4bc3-d22c-11db-a91d-0013ce4d5a8a}\Shell - "" = AutoRun
O33 - MountPoints2\{c60e4bc3-d22c-11db-a91d-0013ce4d5a8a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c60e4bc3-d22c-11db-a91d-0013ce4d5a8a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/20 10:02:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Victor Lido\Desktop\OTL.exe
[2012/01/12 12:49:39 | 004,200,024 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf400.dll
[2012/01/12 12:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Quicken 2012
[2012/01/12 12:48:31 | 000,000,000 | ---D | C] -- C:\Program Files\Quicken
[2012/01/07 13:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2012/01/07 12:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Victor Lido\Application Data\Memeo
[2012/01/07 12:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Victor Lido\Application Data\Seagate
[2012/01/07 12:46:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2012/01/07 12:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate Dashboard
[2012/01/07 12:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest
[2012/01/07 12:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Memeo
[2012/01/07 12:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2012/01/07 12:44:46 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2012/01/07 12:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Victor Lido\Local Settings\Application Data\temp
[2012/01/07 12:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/12/30 10:04:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/12/30 10:04:46 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/12/30 10:04:44 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/12/30 10:04:25 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/12/30 10:04:21 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/12/30 10:04:15 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/12/30 10:04:04 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/12/30 10:04:04 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/12/30 10:03:59 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/12/30 10:00:34 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/12/30 10:00:30 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/12/30 09:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/30 09:58:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

========== Files - Modified Within 30 Days ==========

[2012/01/20 10:22:52 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/20 10:20:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/20 10:20:32 | 1063,768,064 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/20 10:07:11 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-465358544-1033300905-706428009-1006.job
[2012/01/20 10:07:11 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-465358544-1033300905-706428009-1006.job
[2012/01/20 10:02:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Victor Lido\Desktop\OTL.exe
[2012/01/20 10:02:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-465358544-1033300905-706428009-1006UA.job
[2012/01/20 09:51:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/19 11:51:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/19 08:02:00 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-465358544-1033300905-706428009-1006Core.job
[2012/01/14 14:54:44 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Victor Lido\Desktop\LOG
[2012/01/13 16:34:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/12 17:16:01 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Victor Lido\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/12 12:49:36 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Quicken Home & Business 2012.lnk
[2012/01/12 12:49:36 | 000,000,236 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Free Credit Report and Score.url
[2012/01/12 12:49:16 | 000,000,120 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2012/01/12 11:31:51 | 000,524,452 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/12 11:31:51 | 000,101,230 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/12 08:21:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/09 11:42:10 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/01/08 11:41:27 | 000,000,372 | ---- | M] () -- C:\WINDOWS\System32\configuration.xml
[2012/01/07 12:46:00 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Dashboard.lnk
[2012/01/02 10:30:52 | 000,002,692 | ---- | M] () -- C:\WINDOWS\winzip32.ini
[2011/12/31 11:13:03 | 000,368,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/30 10:04:50 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/30 10:04:09 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

========== Files Created - No Company Name ==========

[2012/01/13 15:27:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Desktop\LOG
[2012/01/12 17:16:01 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/12 12:49:36 | 000,001,565 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Quicken Home & Business 2012.lnk
[2012/01/12 12:49:36 | 000,000,236 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Free Credit Report and Score.url
[2012/01/09 11:42:10 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/01/09 11:42:10 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/01/08 11:41:27 | 000,000,372 | ---- | C] () -- C:\WINDOWS\System32\configuration.xml
[2012/01/07 12:46:00 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Dashboard.lnk
[2011/12/30 10:04:50 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/07/21 14:04:08 | 000,110,098 | ---- | C] () -- C:\WINDOWS\hpoins08.dat.temp
[2011/07/21 14:04:07 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat.temp
[2011/07/20 07:58:34 | 000,108,789 | ---- | C] () -- C:\WINDOWS\hpoins08.dat
[2011/07/20 07:58:33 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat
[2011/06/22 09:39:09 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2011/06/22 08:23:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\EPR220.ini
[2011/06/22 07:47:59 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011/06/22 07:47:59 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011/06/22 07:47:59 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011/06/22 07:47:59 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011/06/22 07:47:59 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011/06/22 07:47:59 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011/06/22 07:47:59 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011/06/22 07:47:59 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011/06/22 07:47:59 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011/06/22 07:47:59 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011/06/22 07:47:59 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011/06/22 07:47:59 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011/06/22 07:47:59 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011/06/22 07:47:59 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011/06/22 07:47:59 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011/06/22 07:47:59 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011/06/20 07:50:54 | 000,274,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/03 06:36:17 | 000,000,028 | ---- | C] () -- C:\WINDOWS\EX31_51_71.ini
[2011/05/18 17:05:37 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/04/28 17:54:19 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/24 14:02:18 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/04/10 15:00:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\Reboot.exe
[2011/04/10 15:00:06 | 000,000,470 | ---- | C] () -- C:\WINDOWS\ikey.ini
[2011/04/10 14:59:48 | 000,040,960 | R--- | C] () -- C:\WINDOWS\LoadDll.dll
[2011/03/20 09:37:23 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2011/01/09 12:00:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/01/02 11:07:11 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2010/12/01 14:19:52 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Blank Sheet Music.INI
[2010/11/19 10:59:02 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2010/06/15 16:42:17 | 000,013,234 | ---- | C] () -- C:\WINDOWS\System32\Pen_Tablet.dat
[2010/04/05 09:53:04 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010/01/06 12:21:51 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2009/12/21 15:40:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhotoNow.INI
[2009/12/21 08:43:44 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Application Data\setup_ldm.iss
[2009/12/11 20:38:37 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2009/12/11 18:58:19 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2009/11/06 12:49:48 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/07/03 13:45:51 | 000,000,354 | ---- | C] () -- C:\WINDOWS\Ripper.INI
[2009/06/26 05:45:15 | 000,799,088 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
[2009/04/29 14:22:41 | 000,112,128 | RH-- | C] () -- C:\WINDOWS\CdaC14BA.DLL
[2009/04/29 14:22:41 | 000,030,720 | RH-- | C] () -- C:\WINDOWS\CdaC13BA.EXE
[2009/04/29 14:22:36 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2009/04/26 17:13:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 16:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/06/23 09:19:43 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Application Data\WavCodec.wff
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/02/24 13:40:00 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/11/24 10:27:48 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/11/24 10:16:52 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/10/24 10:53:59 | 000,000,726 | ---- | C] () -- C:\WINDOWS\PODW.INI
[2007/10/24 10:53:57 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\RASTY.DLL
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/22 10:32:36 | 000,000,923 | ---- | C] () -- C:\WINDOWS\posteriza.INI
[2007/03/08 15:30:07 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2007/03/08 14:42:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MTSTACK.INI
[2007/03/05 12:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/25 12:31:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/12/16 08:29:01 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/15 12:41:36 | 000,000,012 | ---- | C] () -- C:\WINDOWS\Recorder.dat
[2006/10/18 08:02:14 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/14 16:40:01 | 000,077,588 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2006/07/11 07:58:51 | 000,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2006/07/06 14:52:30 | 000,000,473 | ---- | C] () -- C:\WINDOWS\SS74demo.ini
[2006/07/06 14:13:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\STAFF32.INI
[2006/05/22 15:14:09 | 000,002,692 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2006/03/31 16:51:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\qfnonl.ini
[2006/03/31 16:47:20 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2006/03/29 10:30:08 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2006/03/29 10:30:08 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/03/29 09:07:54 | 000,001,394 | ---- | C] () -- C:\WINDOWS\EReg011.dat
[2006/03/23 08:25:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSBrow.INI
[2006/03/22 16:31:55 | 000,007,835 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2006/03/08 08:45:18 | 000,000,412 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2006/01/19 11:18:22 | 000,026,072 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Application Data\Comma Separated Values (Windows).ADR
[2006/01/13 16:52:55 | 000,000,088 | ---- | C] () -- C:\WINDOWS\gbsaver.ini
[2005/12/26 14:22:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2005/12/26 11:38:01 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2005/12/26 11:32:56 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2005/12/26 11:31:41 | 000,000,196 | ---- | C] () -- C:\WINDOWS\EPSON RX500 Installer.ini
[2005/12/19 15:02:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/15 21:44:17 | 000,159,743 | ---- | C] () -- C:\WINDOWS\Google Pack Screensaver Uninstaller.exe
[2005/12/15 21:33:25 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Cleanup.exe
[2005/11/30 11:27:53 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005/11/30 11:27:40 | 000,007,222 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/11/30 10:37:55 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/11/29 14:18:36 | 000,000,064 | ---- | C] () -- C:\WINDOWS\QBWCD.INI
[2005/11/29 14:18:34 | 000,006,838 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2005/11/29 12:21:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2005/11/21 20:59:54 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2005/11/16 09:15:04 | 000,164,112 | ---- | C] () -- C:\WINDOWS\System32\awmpi.dll
[2005/09/30 00:28:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/09/30 00:22:23 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/09/30 00:22:23 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/09/30 00:22:23 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/09/30 00:22:23 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/09/30 00:22:23 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/09/30 00:22:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/18 19:44:57 | 000,000,415 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2005/08/18 19:40:26 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/08/18 19:40:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/08/18 19:40:26 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/08/18 19:40:26 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/08/18 19:39:38 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/08/18 19:39:38 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxhweq.dat
[2005/08/18 19:39:38 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxeq.dat
[2005/05/13 16:59:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/05/13 01:44:54 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2005/05/13 01:06:59 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/13 01:06:50 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005/05/13 01:06:50 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/05/13 00:37:53 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2005/05/13 00:31:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2005/05/13 00:21:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\InstDrvr.exe
[2005/05/13 00:21:52 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/05/13 00:11:11 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2005/05/12 23:52:03 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2005/05/12 22:13:44 | 000,000,482 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/12 22:09:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/05/12 22:05:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/05/12 22:03:51 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/05/12 21:47:16 | 000,000,347 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/12 21:43:54 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/05/12 21:43:49 | 000,524,452 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/05/12 21:43:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/05/12 21:43:49 | 000,101,230 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/05/12 21:43:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/05/12 21:43:47 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/05/12 21:43:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/05/12 21:43:44 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/05/12 21:43:37 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/05/12 21:43:36 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/05/12 21:43:22 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/05/12 21:43:16 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/05/12 14:59:53 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/05/12 14:58:58 | 000,368,896 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/04/25 13:51:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005/04/20 17:59:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/04/01 17:39:56 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2005/04/01 17:37:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
[2005/04/01 17:37:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll
[2004/12/03 15:07:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/12/02 17:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/08/12 10:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/07/20 19:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/02/10 01:51:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\UCMfg.exe
[2004/01/15 16:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2002/10/29 21:53:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\PcHook.DLL
[2002/07/24 05:04:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\lhtool.exe
[2002/01/14 21:36:28 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\MP2enc.dll
[2001/10/08 21:54:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ucinst32.dll
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/09/13 21:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[1996/08/20 18:37:20 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\Machnm1.exe
[1996/02/01 12:25:42 | 000,943,616 | ---- | C] () -- C:\WINDOWS\System32\dfolder.dll
[1995/07/11 09:50:00 | 000,001,024 | -H-- | C] () -- C:\WINDOWS\System32\msfxmod.dll

========== LOP Check ==========

[2007/07/27 09:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D
[2006/12/15 12:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Audible
[2011/12/30 09:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/07 16:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2008/10/11 13:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPH Shepherds Staff
[2010/12/18 09:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2011/06/22 07:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/01/06 12:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2010/12/01 09:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MakeMusic
[2012/01/07 13:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2005/08/18 19:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/07/20 06:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/06/08 15:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2011/06/20 09:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/04/05 08:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/08/20 14:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Startup Manager
[2011/04/10 16:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/19 10:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/01/08 11:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2010/04/24 08:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/22 10:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/02/28 14:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Acoustica
[2006/08/30 16:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\AOMrec
[2011/04/29 13:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Audacity
[2007/03/08 15:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Autodesk
[2010/04/12 09:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\BITS
[2008/07/04 12:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Canneverbe_Limited
[2009/07/07 06:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\CiscoCAA
[2010/11/19 10:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\CoffeeCup Software
[2009/02/20 08:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\ComcastToolbar
[2011/06/13 13:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Dropbox
[2011/07/21 16:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\ElevatedDiagnostics
[2006/08/21 12:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\EPSON
[2006/06/23 10:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\FileMaker
[2011/06/21 05:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\FileZilla
[2009/12/11 18:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\FlashGetBHO
[2009/11/04 17:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\FLV Extract
[2010/12/18 10:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\GetRightToGo
[2010/08/16 05:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\GlarySoft
[2011/04/11 18:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\gtk-2.0
[2011/04/23 20:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\HandBrake
[2011/09/01 20:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Image Zone Express
[2008/10/10 16:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\InfraRecorder
[2005/05/13 00:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\InterTrust
[2005/11/22 16:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\InterVideo
[2009/02/04 10:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\iPodder
[2005/12/16 09:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Leadertech
[2010/12/01 10:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\MakeMusic
[2012/01/08 12:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Memeo
[2009/12/18 11:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Moyea
[2010/12/01 13:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\MusE
[2008/07/17 14:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\NCH Swift Sound
[2009/08/19 19:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\OfficeUpdate12
[2008/04/24 16:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Orbit
[2007/03/08 15:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\pdf995
[2011/06/15 17:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\SanDisk
[2010/08/23 08:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Scribus
[2012/01/07 12:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Seagate
[2006/04/05 13:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Seven Zip
[2007/02/02 15:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\SmartDraw
[2009/11/18 12:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\TeamViewer
[2005/11/30 11:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Thunderbird
[2005/05/13 01:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\toshiba
[2011/04/02 06:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Uniblue
[2009/07/20 11:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Windows Desktop Search
[2009/07/28 08:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Windows Search
[2010/06/08 15:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\WTouch
[2010/03/10 10:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\XnView

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC77041F
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:91E29860
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DBEDD28

< End of report >
  • 0

Advertisements


#2
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Welcome to GeeksToGo VICFROMBAYVILLE,

Not really seeing much in the way of infection in this log. Let's check a little more, then decide.


To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"



To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

OTL should have created a second, Extras.txt log, in the same location as OTL.exe. Please locate and post that.

-------

Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

Note - If Gmer shows it has located infection once it's opening scan completes, do not click the Scan button. We don't want hidden malware settings to cause any problems. Instead, just click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

-----------

Download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • If you can have an open Internet connection, and allow it to download the latest Avast engine detections.
  • {i}If avast! antivirus is already installed, just do the next step.{/i}
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

  • 0

#3
VICFROMBAYVILLE

VICFROMBAYVILLE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
reran OTL - it generated new log file but no index file
attached are log file and index file text
downloaded Gmer and scan - unexpected system reboot occurred during run
rebooted in safe mode and again as normal then stopped further try of Gmer
Results....

OTL logfile created on: 1/25/2012 9:54:15 AM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Victor Lido\Desktop\GeeksToGo
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.42 Mb Total Physical Memory | 458.35 Mb Available Physical Memory | 45.18% Memory free
2.39 Gb Paging File | 1.88 Gb Available in Paging File | 78.64% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.34 Gb Total Space | 18.19 Gb Free Space | 24.46% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 442.42 Gb Free Space | 94.99% Space Free | Partition Type: NTFS

Computer Name: GOLDIE | User Name: Victor Lido | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2012/01/20 10:02:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Victor Lido\Desktop\GeeksToGo\OTL.exe
PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/01 11:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/05/04 16:04:38 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/11/23 18:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/11/23 18:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/04/29 14:22:37 | 000,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/23 17:53:16 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/08/27 23:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003/09/29 21:41:32 | 000,040,960 | ---- | M] (Tablet Driver) -- C:\WINDOWS\system32\drivers\WtSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/25 04:18:21 | 001,684,480 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12012500\algo.dll
MOD - [2012/01/24 16:54:00 | 001,684,480 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12012401\algo.dll
MOD - [2012/01/12 08:13:47 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll
MOD - [2012/01/12 08:13:27 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
MOD - [2011/10/14 05:07:05 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MOD - [2011/10/14 05:07:01 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/14 05:06:34 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/14 05:04:40 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/14 05:04:28 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/14 05:04:15 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/14 05:01:56 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/14 05:01:28 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/22 12:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008/01/23 17:53:16 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
MOD - [2008/01/23 17:53:16 | 000,362,376 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll
MOD - [2005/10/07 15:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
MOD - [2002/07/04 09:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\Software Suite\PhotoImpression 5\Share\PIHook.dll
MOD - [1997/09/26 05:30:00 | 000,025,088 | ---- | M] () -- C:\Program Files\WinZip\WZSHLEXT.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- -- (Net Driver HPZ12)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/06/01 11:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 16:04:38 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2009/11/23 18:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/11/23 18:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/04/29 14:22:37 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2008/01/23 17:53:16 | 001,251,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/01/25 12:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/27 23:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2003/09/29 21:41:32 | 000,040,960 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\WINDOWS\system32\drivers\WtSrv.exe -- (WinTabService)


========== Driver Services (SafeList) ==========

DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/10/07 03:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 03:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC)
DRV - [2009/10/07 03:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/08/27 17:06:32 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009/05/20 13:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/04/29 14:22:35 | 000,008,864 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2009/03/30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/25 05:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/10/11 21:00:42 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/11 20:59:12 | 001,920,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/02/16 13:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/01/25 12:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/10 08:08:33 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/06/02 02:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/04/28 18:26:48 | 000,037,248 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2005/04/27 12:53:06 | 000,074,112 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2005/04/19 12:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/15 15:46:04 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/04/12 18:19:42 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/03/30 14:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005/03/24 18:36:54 | 000,008,192 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2005/03/09 11:14:34 | 000,008,704 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2005/03/08 22:33:26 | 000,098,560 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/01/13 12:04:18 | 000,057,984 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2005/01/06 15:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/21 13:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004/12/15 19:30:14 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2004/11/16 00:51:54 | 000,050,048 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2004/10/29 20:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/10/15 13:20:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/10/04 12:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/08/12 10:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/07/31 09:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EPIOMngr.sys -- (SerTVOutCtlr)
DRV - [2004/07/30 17:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr)
DRV - [2004/07/30 17:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EKIOMngr.sys -- (SrvcEKIOMngr)
DRV - [2004/07/08 19:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2004/05/08 22:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/09/19 17:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/03/05 04:17:36 | 000,023,202 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TClass2k.sys -- (TClass2k)
DRV - [2003/03/05 02:00:44 | 000,011,090 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UCTblHid.sys -- (UCTblHid)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/11/08 04:50:00 | 000,014,156 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LCcfltr.sys -- (LCcfltr)
DRV - [2002/10/16 15:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2002/08/26 16:29:42 | 000,023,387 | ---- | M] (Magic Control Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\u2s2kxp.sys -- (U2SP) USB to Serial Converter Driver(Philips)
DRV - [2001/12/19 11:45:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\VCdRom.sys -- (vcdrom)
DRV - [2000/06/13 00:32:02 | 000,015,370 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Tablet2k.sys -- (Tablet2k)
DRV - [1999/10/30 03:35:08 | 000,024,348 | R--- | M] (Compaq Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EAWDMFD.sys -- (EAWDMFD)
DRV - [1999/08/30 07:19:12 | 000,034,916 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.2.3
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.9
FF - prefs.js..extensions.enabledItems: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08}:6.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Victor Lido\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Victor Lido\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Victor Lido\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Victor Lido\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011/04/24 13:50:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/30 10:43:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/30 10:00:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/20 12:46:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/09 11:42:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Victor Lido\Application Data\Move Networks [2010/02/27 17:32:05 | 000,000,000 | ---D | M]

[2011/01/10 17:42:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Victor Lido\Application Data\Mozilla\Extensions
[2012/01/19 16:39:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Victor Lido\Application Data\Mozilla\Firefox\Profiles\u0uhk80n.default\extensions
[2011/01/13 09:05:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Victor Lido\Application Data\Mozilla\Firefox\Profiles\u0uhk80n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/21 08:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\VICTOR LIDO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0UHK80N.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\VICTOR LIDO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0UHK80N.DEFAULT\EXTENSIONS\{BAEBEF65-9289-47C5-8524-C345CC5D860D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\VICTOR LIDO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0UHK80N.DEFAULT\EXTENSIONS\{FCAB6FDD-5585-425B-95C1-5ED856F3FD08}.XPI
[2012/01/20 12:46:22 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/20 12:46:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/20 12:46:17 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Victor Lido\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Victor Lido\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Google Gadget Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll
CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Victor Lido\Application Data\Move Networks\plugins\npqmp071705000014.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: WPI Application Detector (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: Freemake Video Converter = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Poppit = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2009/08/05 16:02:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\STARTEAK.exe (Compaq Computer Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide File not found
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TOSHIBA Accessibility] C:\Program Files\Toshiba\Accessibility\FnKeyHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TPNF] C:\Program Files\Toshiba\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [USB2Check] C:\WINDOWS\System32\PCLECoInst.dll (Pinnacle Systems)
O4 - HKCU..\Run: [QuickenScheduledUpdates] C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...0/uploader2.cab (UploadListView Class)
O16 - DPF: {6B9A6E3B-0307-47A7-82B1-F2D215973CAF} https://accounting.q...29/qboimax6.cab (QuickBooks Online Edition Import Utilities Class v6)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} https://accounting.q...129/qboax10.cab (QuickBooks Online Edition Utilities Class v10)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.3.16.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08943FFE-17CE-417E-8C4B-59984357E80A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C216AB3-537A-4993-8C26-C37E7FD7A18C}: NameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Program Files\Intel\Wireless\Bin\LgNotify.dll) - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Coffee Bean.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Coffee Bean.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/14 23:53:50 | 000,000,027 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{c60e4bc3-d22c-11db-a91d-0013ce4d5a8a}\Shell - "" = AutoRun
O33 - MountPoints2\{c60e4bc3-d22c-11db-a91d-0013ce4d5a8a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c60e4bc3-d22c-11db-a91d-0013ce4d5a8a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/23 09:26:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012/01/23 09:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/01/23 09:23:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/12 12:49:39 | 004,200,024 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf400.dll
[2012/01/12 12:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Quicken 2012
[2012/01/12 12:48:31 | 000,000,000 | ---D | C] -- C:\Program Files\Quicken
[2012/01/07 13:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2012/01/07 12:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Victor Lido\Application Data\Memeo
[2012/01/07 12:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Victor Lido\Application Data\Seagate
[2012/01/07 12:46:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2012/01/07 12:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate Dashboard
[2012/01/07 12:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest
[2012/01/07 12:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Memeo
[2012/01/07 12:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2012/01/07 12:44:46 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2012/01/07 12:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Victor Lido\Local Settings\Application Data\temp
[2012/01/07 12:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/12/30 10:04:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/12/30 10:04:46 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/12/30 10:04:44 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/12/30 10:04:25 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/12/30 10:04:21 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/12/30 10:04:15 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/12/30 10:04:04 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/12/30 10:04:04 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/12/30 10:03:59 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/12/30 10:00:34 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/12/30 10:00:30 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/12/30 09:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/30 09:58:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

========== Files - Modified Within 30 Days ==========

[2012/01/25 09:51:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/25 09:02:01 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-465358544-1033300905-706428009-1006UA.job
[2012/01/25 08:02:01 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-465358544-1033300905-706428009-1006Core.job
[2012/01/24 11:51:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/23 17:07:56 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\Victor Lido\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/23 16:00:03 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-465358544-1033300905-706428009-1006.job
[2012/01/23 16:00:03 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-465358544-1033300905-706428009-1006.job
[2012/01/23 15:26:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/23 15:24:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/23 15:24:42 | 1063,768,064 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/23 09:26:09 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/01/20 16:34:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/12 12:49:36 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Quicken Home & Business 2012.lnk
[2012/01/12 12:49:16 | 000,000,120 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2012/01/12 11:31:51 | 000,524,452 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/12 11:31:51 | 000,101,230 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/12 08:21:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/09 11:42:10 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/01/08 11:41:27 | 000,000,372 | ---- | M] () -- C:\WINDOWS\System32\configuration.xml
[2012/01/07 12:46:00 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Dashboard.lnk
[2012/01/02 10:30:52 | 000,002,692 | ---- | M] () -- C:\WINDOWS\winzip32.ini
[2011/12/31 11:13:03 | 000,368,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/30 10:04:50 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/30 10:04:09 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

========== Files Created - No Company Name ==========

[2012/01/23 09:26:09 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/01/12 17:16:01 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/12 12:49:36 | 000,001,565 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Quicken Home & Business 2012.lnk
[2012/01/09 11:42:10 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/01/09 11:42:10 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/01/08 11:41:27 | 000,000,372 | ---- | C] () -- C:\WINDOWS\System32\configuration.xml
[2012/01/07 12:46:00 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Dashboard.lnk
[2011/12/30 10:04:50 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/07/21 14:04:08 | 000,110,098 | ---- | C] () -- C:\WINDOWS\hpoins08.dat.temp
[2011/07/21 14:04:07 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat.temp
[2011/07/20 07:58:34 | 000,108,789 | ---- | C] () -- C:\WINDOWS\hpoins08.dat
[2011/07/20 07:58:33 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat
[2011/06/22 09:39:09 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2011/06/22 08:23:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\EPR220.ini
[2011/06/22 07:47:59 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011/06/22 07:47:59 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011/06/22 07:47:59 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011/06/22 07:47:59 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011/06/22 07:47:59 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011/06/22 07:47:59 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011/06/22 07:47:59 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011/06/22 07:47:59 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011/06/22 07:47:59 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011/06/22 07:47:59 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011/06/22 07:47:59 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011/06/22 07:47:59 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011/06/22 07:47:59 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011/06/22 07:47:59 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011/06/22 07:47:59 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011/06/22 07:47:59 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011/06/20 07:50:54 | 000,274,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/03 06:36:17 | 000,000,028 | ---- | C] () -- C:\WINDOWS\EX31_51_71.ini
[2011/05/18 17:05:37 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/04/28 17:54:19 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/24 14:02:18 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/04/10 15:00:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\Reboot.exe
[2011/04/10 15:00:06 | 000,000,470 | ---- | C] () -- C:\WINDOWS\ikey.ini
[2011/04/10 14:59:48 | 000,040,960 | R--- | C] () -- C:\WINDOWS\LoadDll.dll
[2011/03/20 09:37:23 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2011/01/09 12:00:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/01/02 11:07:11 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2010/12/01 14:19:52 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Blank Sheet Music.INI
[2010/11/19 10:59:02 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2010/06/15 16:42:17 | 000,013,234 | ---- | C] () -- C:\WINDOWS\System32\Pen_Tablet.dat
[2010/04/05 09:53:04 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010/01/06 12:21:51 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2009/12/21 15:40:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhotoNow.INI
[2009/12/21 08:43:44 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Application Data\setup_ldm.iss
[2009/12/11 20:38:37 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2009/12/11 18:58:19 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2009/11/06 12:49:48 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/07/03 13:45:51 | 000,000,354 | ---- | C] () -- C:\WINDOWS\Ripper.INI
[2009/06/26 05:45:15 | 000,799,088 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
[2009/04/29 14:22:41 | 000,112,128 | RH-- | C] () -- C:\WINDOWS\CdaC14BA.DLL
[2009/04/29 14:22:41 | 000,030,720 | RH-- | C] () -- C:\WINDOWS\CdaC13BA.EXE
[2009/04/29 14:22:36 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2009/04/26 17:13:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 16:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/06/23 09:19:43 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Application Data\WavCodec.wff
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/02/24 13:40:00 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/11/24 10:27:48 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/11/24 10:16:52 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/10/24 10:53:59 | 000,000,726 | ---- | C] () -- C:\WINDOWS\PODW.INI
[2007/10/24 10:53:57 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\RASTY.DLL
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/22 10:32:36 | 000,000,923 | ---- | C] () -- C:\WINDOWS\posteriza.INI
[2007/03/08 15:30:07 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2007/03/08 14:42:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MTSTACK.INI
[2007/03/05 12:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/25 12:31:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/12/16 08:29:01 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/15 12:41:36 | 000,000,012 | ---- | C] () -- C:\WINDOWS\Recorder.dat
[2006/10/18 08:02:14 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/14 16:40:01 | 000,077,588 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2006/07/11 07:58:51 | 000,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2006/07/06 14:52:30 | 000,000,473 | ---- | C] () -- C:\WINDOWS\SS74demo.ini
[2006/07/06 14:13:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\STAFF32.INI
[2006/05/22 15:14:09 | 000,002,692 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2006/03/31 16:51:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\qfnonl.ini
[2006/03/31 16:47:20 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2006/03/29 10:30:08 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2006/03/29 10:30:08 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/03/29 09:07:54 | 000,001,394 | ---- | C] () -- C:\WINDOWS\EReg011.dat
[2006/03/23 08:25:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSBrow.INI
[2006/03/22 16:31:55 | 000,007,835 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2006/03/08 08:45:18 | 000,000,412 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2006/01/19 11:18:22 | 000,026,072 | ---- | C] () -- C:\Documents and Settings\Victor Lido\Application Data\Comma Separated Values (Windows).ADR
[2006/01/13 16:52:55 | 000,000,088 | ---- | C] () -- C:\WINDOWS\gbsaver.ini
[2005/12/26 14:22:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2005/12/26 11:38:01 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2005/12/26 11:32:56 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2005/12/26 11:31:41 | 000,000,196 | ---- | C] () -- C:\WINDOWS\EPSON RX500 Installer.ini
[2005/12/19 15:02:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/15 21:44:17 | 000,159,743 | ---- | C] () -- C:\WINDOWS\Google Pack Screensaver Uninstaller.exe
[2005/12/15 21:33:25 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Cleanup.exe
[2005/11/30 11:27:53 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005/11/30 11:27:40 | 000,007,222 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/11/30 10:37:55 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/11/29 14:18:36 | 000,000,064 | ---- | C] () -- C:\WINDOWS\QBWCD.INI
[2005/11/29 14:18:34 | 000,006,838 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2005/11/29 12:21:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2005/11/21 20:59:54 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2005/11/16 09:15:04 | 000,164,112 | ---- | C] () -- C:\WINDOWS\System32\awmpi.dll
[2005/09/30 00:28:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/09/30 00:22:23 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/09/30 00:22:23 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/09/30 00:22:23 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/09/30 00:22:23 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/09/30 00:22:23 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/09/30 00:22:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/18 19:44:57 | 000,000,415 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2005/08/18 19:40:26 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/08/18 19:40:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/08/18 19:40:26 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/08/18 19:40:26 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/08/18 19:39:38 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/08/18 19:39:38 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxhweq.dat
[2005/08/18 19:39:38 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxeq.dat
[2005/05/13 16:59:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/05/13 01:44:54 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2005/05/13 01:06:59 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/13 01:06:50 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005/05/13 01:06:50 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/05/13 00:37:53 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2005/05/13 00:31:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2005/05/13 00:21:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\InstDrvr.exe
[2005/05/13 00:21:52 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/05/13 00:11:11 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2005/05/12 23:52:03 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2005/05/12 22:13:44 | 000,000,482 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/12 22:09:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/05/12 22:05:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/05/12 22:03:51 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/05/12 21:47:16 | 000,000,347 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/12 21:43:54 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/05/12 21:43:49 | 000,524,452 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/05/12 21:43:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/05/12 21:43:49 | 000,101,230 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/05/12 21:43:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/05/12 21:43:47 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/05/12 21:43:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/05/12 21:43:44 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/05/12 21:43:37 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/05/12 21:43:36 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/05/12 21:43:22 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/05/12 21:43:16 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/05/12 14:59:53 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/05/12 14:58:58 | 000,368,896 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/04/25 13:51:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005/04/20 17:59:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/04/01 17:39:56 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2005/04/01 17:37:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
[2005/04/01 17:37:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll
[2004/12/03 15:07:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/12/02 17:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/08/12 10:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/07/20 19:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/02/10 01:51:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\UCMfg.exe
[2004/01/15 16:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2002/10/29 21:53:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\PcHook.DLL
[2002/07/24 05:04:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\lhtool.exe
[2002/01/14 21:36:28 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\MP2enc.dll
[2001/10/08 21:54:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ucinst32.dll
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/09/13 21:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[1996/08/20 18:37:20 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\Machnm1.exe
[1996/02/01 12:25:42 | 000,943,616 | ---- | C] () -- C:\WINDOWS\System32\dfolder.dll
[1995/07/11 09:50:00 | 000,001,024 | -H-- | C] () -- C:\WINDOWS\System32\msfxmod.dll

========== LOP Check ==========

[2007/07/27 09:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D
[2006/12/15 12:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Audible
[2011/12/30 09:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/07 16:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2008/10/11 13:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPH Shepherds Staff
[2010/12/18 09:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2011/06/22 07:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/01/06 12:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2010/12/01 09:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MakeMusic
[2012/01/07 13:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2005/08/18 19:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/07/20 06:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/06/08 15:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2011/06/20 09:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/04/05 08:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/08/20 14:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Startup Manager
[2012/01/25 09:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/19 10:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/01/08 11:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2010/04/24 08:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/22 10:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/02/28 14:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Acoustica
[2006/08/30 16:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\AOMrec
[2011/04/29 13:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Audacity
[2007/03/08 15:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Autodesk
[2010/04/12 09:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\BITS
[2008/07/04 12:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Canneverbe_Limited
[2009/07/07 06:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\CiscoCAA
[2010/11/19 10:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\CoffeeCup Software
[2009/02/20 08:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\ComcastToolbar
[2011/06/13 13:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Dropbox
[2011/07/21 16:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\ElevatedDiagnostics
[2006/08/21 12:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\EPSON
[2006/06/23 10:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\FileMaker
[2011/06/21 05:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\FileZilla
[2009/12/11 18:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\FlashGetBHO
[2009/11/04 17:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\FLV Extract
[2010/12/18 10:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\GetRightToGo
[2010/08/16 05:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\GlarySoft
[2011/04/11 18:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\gtk-2.0
[2011/04/23 20:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\HandBrake
[2011/09/01 20:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Image Zone Express
[2008/10/10 16:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\InfraRecorder
[2005/05/13 00:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\InterTrust
[2005/11/22 16:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\InterVideo
[2009/02/04 10:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\iPodder
[2005/12/16 09:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Leadertech
[2010/12/01 10:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\MakeMusic
[2012/01/08 12:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Memeo
[2009/12/18 11:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Moyea
[2010/12/01 13:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\MusE
[2008/07/17 14:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\NCH Swift Sound
[2009/08/19 19:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\OfficeUpdate12
[2008/04/24 16:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Orbit
[2007/03/08 15:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\pdf995
[2011/06/15 17:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\SanDisk
[2010/08/23 08:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Scribus
[2012/01/07 12:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Seagate
[2006/04/05 13:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Seven Zip
[2007/02/02 15:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\SmartDraw
[2009/11/18 12:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\TeamViewer
[2005/11/30 11:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Thunderbird
[2005/05/13 01:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\toshiba
[2011/04/02 06:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Uniblue
[2009/07/20 11:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Windows Desktop Search
[2009/07/28 08:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\Windows Search
[2010/06/08 15:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\WTouch
[2010/03/10 10:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Victor Lido\Application Data\XnView

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC77041F
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:91E29860
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DBEDD28

< End of report >

OTL Extras logfile created on: 1/20/2012 10:25:41 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Victor Lido\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.42 Mb Total Physical Memory | 373.87 Mb Available Physical Memory | 36.86% Memory free
2.39 Gb Paging File | 1.81 Gb Available in Paging File | 75.80% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.34 Gb Total Space | 19.32 Gb Free Space | 25.99% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 442.84 Gb Free Space | 95.08% Space Free | Partition Type: NTFS

Computer Name: GOLDIE | User Name: Victor Lido | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE:*:Disabled:SAgent4
"C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Victor Lido\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe
"C:\WINDOWS\Temp\~osC.tmp\rlvknlg.exe" = C:\WINDOWS\Temp\~osC.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe
"c:\program files\relevantknowledge\rlvknlg.exe" = c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe
"C:\Documents and Settings\Victor Lido\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Victor Lido\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe" = C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe:*:Enabled:SeagateHipServAgent -- (Axentra Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{294BB21B-0091-492F-87D2-A9192DA3E448}" = System Requirements Lab for Intel
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{31263605-FC84-4787-B847-BA445B147E24}" = ScannerCopy
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{61B1A9C8-B2AD-4F54-B916-388FFD07BDE7}" = 4300
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{66C8BE35-8BBB-472B-96C7-C7C9A499F988}" = ArcSoft Software Suite
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{93539D60-1817-11D1-9504-00805F26A89C}" = Easy Access Button Support
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A0C814CA-D26F-4CC9-84C4-EA686F72D61C}" = Keyspan High Speed USB Serial Adapter
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A38D57D1-5F29-4691-B3DD-FE4B3A7B3AFE}" = TOSHIBA Power Saver
"{A4394612-D02F-11DC-9BFF-D18556D89593}" = Microsoft ASP.NET MVC 1.0
"{A744C7C3-76F5-42F5-9E15-497A3DFBC709}" = 4300Trb
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC29BB45-D811-11D9-AD9B-005004AAF7BE}" = Font Installer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BA561482-C49D-4687-A61C-96236C1688F0}" = ArcSoft Software Suite
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BF4E9ED0-EF26-4A4C-A123-6A6A1ABEE411}" = DocProc
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C98E8D9D-21DE-4F87-A9B7-142BB89840FC}" = Toolbox
"{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
"{CCF13D13-A87B-34E8-B689-1896D0C2DBA2}" = Google Talk Plugin
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}" = HP Photosmart Essential
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{E0343A4C-2FFD-4CCB-B0EB-5DE9F0E2A083}" = LS_HSI
"{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}" = HP PSC & OfficeJet 6.1.A
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E769999E-D0D9-4D51-AEFE-1BD44289E550}" = 4300_Help
"{EB7A2041-6A16-4BAC-8079-43B985673C2C}" = Avery Wizard 3.1
"{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F6C405D2-C50D-4D10-B89E-73A233A14D74}" = Toshiba Registration
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica MP3 CD Burner" = Acoustica MP3 CD Burner
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"America Online us" = America Online (Choose which version to remove)
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AudibleManager" = AudibleManager
"avast" = avast! Free Antivirus
"AVI Joiner_is1" = AVI Joiner
"AviSynth" = AviSynth 2.5
"CdaC13Ba" = Cda Product Service - shared component
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ComcastToolbar" = Comcast Toolbar
"DAO 3.5" = DAO 3.5
"EPSON Printer and Utilities" = EPSON Printer Software
"ERUNT_is1" = ERUNT 1.1j
"EzDesign3.0" = EzDesign
"FastStone Photo Resizer" = FastStone Photo Resizer 3.0
"ffdshow_is1" = ffdshow [rev 2583] [2009-01-05]
"FileZilla Client" = FileZilla Client 3.5.0
"Fn-esse" = TOSHIBA Fn-esse
"Freemake Video Converter_is1" = Freemake Video Converter version 2.1.3
"Google Chrome" = Google Chrome
"Google Pack Screensaver" = Google Pack Screensaver
"Google Updater" = Google Updater
"HandBrake" = HandBrake 0.9.5
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP DVD" = HP DVD Writer
"HP Imaging Device Functions" = HP Imaging Device Functions 6.1
"HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls
"InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"InstallShield_{A38D57D1-5F29-4691-B3DD-FE4B3A7B3AFE}" = TOSHIBA Power Saver
"InstallShield_{EB7A2041-6A16-4BAC-8079-43B985673C2C}" = Avery Wizard 3.1
"legacyqcam_11.00" = Logitech Legacy USB Camera Driver Package
"Logitech Resource Center" = Logitech Resource Center
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MUSICMATCH Jukebox" = MUSICMATCH Jukebox
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notebook_Maximizer" = Notebook Maximizer
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"Pen Tablet Driver" = Bamboo
"Picasa 3" = Picasa 3
"Pick Path Tool" = Pick Path Tool
"ProInst" = Intel® PROSet/Wireless Software
"PROR" = Microsoft Office Professional 2007
"PW240DeinstKey" = PhotoWorks
"Quick Startup_is1" = Quick Startup 2.8.0.718
"RealPlayer 12.0" = RealPlayer
"Recovery for Publisher" = Recovery for Publisher
"Spin It Again" = Spin It Again
"SpywareBlaster_is1" = SpywareBlaster 4.2
"ST6UNST #1" = Audio Converter
"Startup_Manager_is1" = Startup Manager 2.4.2
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
"VLC media player" = VLC media player 1.1.8
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Web Site Downloader_is1" = Web Site Downloader
"What's Running_is1" = What's Running 3.0
"WIC" = Windows Imaging Component
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGTK-2_is1" = GTK+ 2.10.6-1 runtime environment
"WinPcapInst" = WinPcap 4.0
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"c8d13e0f249c4e3a" = GoldMail
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/12/2012 9:16:19 AM | Computer Name = GOLDIE | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: c:\Program Files\Microsoft SQL Server\100\SDK\Assemblies\Microsoft.SqlServer.Replication.dll
. Error code = 0x8007007e

Error - 1/12/2012 9:25:20 AM | Computer Name = GOLDIE | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: Microsoft.SqlServer.Replication, Version=10.0.0.0, Culture=neutral,
PublicKeyToken=89845dcd8080cc91 . Error code = 0x8007007e

Error - 1/12/2012 9:49:58 AM | Computer Name = GOLDIE | Source = MsiInstaller | ID = 1013
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 -- Microsoft
.NET Framework 2.0 Service Pack 2 cannot be uninstalled because it will affect other
applications that are installed. For more information, see http://go.microsoft..../?LinkId=91126.

Error - 1/12/2012 6:27:07 PM | Computer Name = GOLDIE | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\VICTOR LIDO\MY DOCUMENTS\MY VIDEOS\POOKIEZING.MSWMM>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 1/13/2012 10:13:25 AM | Computer Name = GOLDIE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/13/2012 10:13:25 AM | Computer Name = GOLDIE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 36356000

Error - 1/13/2012 10:13:25 AM | Computer Name = GOLDIE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 36356000

Error - 1/16/2012 10:07:11 AM | Computer Name = GOLDIE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/16/2012 10:07:11 AM | Computer Name = GOLDIE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 42840062

Error - 1/16/2012 10:07:11 AM | Computer Name = GOLDIE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 42840062

[ OSession Events ]
Error - 3/5/2010 4:57:15 PM | Computer Name = GOLDIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/5/2010 4:57:33 PM | Computer Name = GOLDIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/5/2010 4:57:42 PM | Computer Name = GOLDIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/5/2010 4:57:52 PM | Computer Name = GOLDIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/5/2010 5:29:07 PM | Computer Name = GOLDIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/5/2010 5:35:48 PM | Computer Name = GOLDIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/5/2010 5:58:49 PM | Computer Name = GOLDIE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3768
seconds with 1320 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1/17/2012 12:07:58 PM | Computer Name = GOLDIE | Source = Service Control Manager | ID = 7009
Description = Timeout (120000 milliseconds) waiting for the Google Update Service
(gupdate1ca37cd2a3dd880) service to connect.

Error - 1/17/2012 12:08:04 PM | Computer Name = GOLDIE | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate1ca37cd2a3dd880) service failed
to start due to the following error: %%1053

Error - 1/17/2012 12:13:01 PM | Computer Name = GOLDIE | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.

Error - 1/17/2012 12:13:35 PM | Computer Name = GOLDIE | Source = DCOM | ID = 10010
Description = The server {022105BD-948A-40C9-AB42-A3300DDF097F} did not register
with DCOM within the required timeout.

Error - 1/18/2012 9:19:58 AM | Computer Name = GOLDIE | Source = Service Control Manager | ID = 7023
Description = The Net Driver HPZ12 service terminated with the following error:
%%126

Error - 1/18/2012 9:19:58 AM | Computer Name = GOLDIE | Source = Service Control Manager | ID = 7023
Description = The Pml Driver HPZ12 service terminated with the following error:
%%126

Error - 1/20/2012 9:48:26 AM | Computer Name = GOLDIE | Source = Service Control Manager | ID = 7023
Description = The Net Driver HPZ12 service terminated with the following error:
%%126

Error - 1/20/2012 9:48:26 AM | Computer Name = GOLDIE | Source = Service Control Manager | ID = 7023
Description = The Pml Driver HPZ12 service terminated with the following error:
%%126

Error - 1/20/2012 11:22:23 AM | Computer Name = GOLDIE | Source = Service Control Manager | ID = 7023
Description = The Net Driver HPZ12 service terminated with the following error:
%%126

Error - 1/20/2012 11:22:23 AM | Computer Name = GOLDIE | Source = Service Control Manager | ID = 7023
Description = The Pml Driver HPZ12 service terminated with the following error:
%%126


< End of report >
  • 0

#4
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
What about aswMBR please?
  • 0

#5
VICFROMBAYVILLE

VICFROMBAYVILLE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
download aswMBR ok
Run opens command window
avast OK
SCAN runs 1 minute then system reboots
  • 0

#6
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Doubt Avast would cause that to one of it's own, but be sure Avast stays disabled while doing these repairs.

Click here and download Kaspersky's TDSSKiller to your desktop, but as you download it, rename it to larry.com then click that file to run TDSSKiller.

In the display that opens click Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot if requested.

When the scan completes it will create a log file on your C drive.

Similar in name to this:

C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt

Your copy will be different - some of those numbers will reflect the date/time it was just run by you there.

Copy/paste those contents back here please.

-------

Download ComboFix.exe from here to your desktop, then click that to run that scan. Agree to any warnings you might receive.

Be sure to install the Recovery Console if you are asked to do so. When the scan completes, a text window with your log will open. Please copy and paste that log back here.

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt.
  • 0

#7
VICFROMBAYVILLE

VICFROMBAYVILLE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
19:12:09.0478 4964 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
19:12:09.0791 4964 ============================================================
19:12:09.0791 4964 Current date / time: 2012/01/27 19:12:09.0791
19:12:09.0791 4964 SystemInfo:
19:12:09.0791 4964
19:12:09.0791 4964 OS Version: 5.1.2600 ServicePack: 3.0
19:12:09.0791 4964 Product type: Workstation
19:12:09.0791 4964 ComputerName: GOLDIE
19:12:09.0791 4964 UserName: Victor Lido
19:12:09.0791 4964 Windows directory: C:\WINDOWS
19:12:09.0791 4964 System windows directory: C:\WINDOWS
19:12:09.0791 4964 Processor architecture: Intel x86
19:12:09.0791 4964 Number of processors: 1
19:12:09.0791 4964 Page size: 0x1000
19:12:09.0791 4964 Boot type: Normal boot
19:12:09.0791 4964 ============================================================
19:12:15.0916 4964 Drive \Device\Harddisk0\DR0 - Size: 0x1296055200 (74.34 Gb), SectorSize: 0x200, Cylinders: 0x25E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:12:15.0916 4964 Drive \Device\Harddisk1\DR2 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xEC93C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'W'
19:12:16.0072 4964 Initialize success
19:12:20.0135 5276 ============================================================
19:12:20.0135 5276 Scan started
19:12:20.0135 5276 Mode: Manual;
19:12:20.0135 5276 ============================================================
19:12:23.0400 5276 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
19:12:23.0431 5276 61883 - ok
19:12:24.0103 5276 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:12:24.0119 5276 Aavmker4 - ok
19:12:24.0681 5276 Abiosdsk - ok
19:12:25.0181 5276 abp480n5 - ok
19:12:25.0931 5276 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:12:26.0244 5276 ACPI - ok
19:12:26.0900 5276 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:12:26.0931 5276 ACPIEC - ok
19:12:27.0400 5276 adpu160m - ok
19:12:28.0166 5276 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:12:28.0228 5276 aec - ok
19:12:28.0963 5276 AegisP (f498fd605c08404b20a48954c722ff74) C:\WINDOWS\system32\DRIVERS\AegisP.sys
19:12:28.0963 5276 AegisP - ok
19:12:29.0525 5276 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:12:29.0588 5276 AFD - ok
19:12:31.0150 5276 AgereSoftModem (029e01cb2938bec5af31bf47b6af0159) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
19:12:31.0635 5276 AgereSoftModem - ok
19:12:32.0260 5276 Aha154x - ok
19:12:32.0650 5276 aic78u2 - ok
19:12:33.0353 5276 aic78xx - ok
19:12:35.0603 5276 ALCXWDM (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:12:37.0353 5276 ALCXWDM - ok
19:12:37.0822 5276 AliIde - ok
19:12:38.0525 5276 amsint - ok
19:12:39.0010 5276 ApfiltrService (3ed81e8b4709d13e5a38db2d8e792b28) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
19:12:39.0103 5276 ApfiltrService - ok
19:12:39.0853 5276 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:12:40.0072 5276 Arp1394 - ok
19:12:40.0619 5276 asc - ok
19:12:41.0072 5276 asc3350p - ok
19:12:41.0525 5276 asc3550 - ok
19:12:42.0041 5276 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:12:42.0072 5276 aswFsBlk - ok
19:12:42.0650 5276 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
19:12:42.0713 5276 aswMon2 - ok
19:12:43.0150 5276 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
19:12:43.0181 5276 aswRdr - ok
19:12:43.0947 5276 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
19:12:44.0291 5276 aswSnx - ok
19:12:45.0041 5276 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
19:12:45.0197 5276 aswSP - ok
19:12:46.0056 5276 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
19:12:46.0135 5276 aswTdi - ok
19:12:47.0088 5276 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:12:47.0119 5276 AsyncMac - ok
19:12:47.0760 5276 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:12:47.0760 5276 atapi - ok
19:12:48.0181 5276 Atdisk - ok
19:12:48.0650 5276 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:12:48.0681 5276 Atmarpc - ok
19:12:49.0322 5276 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:12:49.0338 5276 audstub - ok
19:12:50.0228 5276 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
19:12:50.0353 5276 Avc - ok
19:12:50.0994 5276 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:12:51.0010 5276 Beep - ok
19:12:51.0447 5276 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:12:51.0463 5276 cbidf2k - ok
19:12:52.0088 5276 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:12:52.0103 5276 CCDECODE - ok
19:12:52.0603 5276 cd20xrnt - ok
19:12:53.0228 5276 CdaC15BA (82c4c6a2343b592c4fd590f625a724a9) C:\WINDOWS\system32\drivers\CDAC15BA.SYS
19:12:53.0275 5276 CdaC15BA - ok
19:12:53.0697 5276 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:12:53.0713 5276 Cdaudio - ok
19:12:54.0416 5276 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:12:54.0603 5276 Cdfs - ok
19:12:55.0088 5276 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:12:55.0416 5276 Cdrom - ok
19:12:55.0822 5276 Changer - ok
19:12:56.0447 5276 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:12:56.0463 5276 CmBatt - ok
19:12:56.0853 5276 CmdIde - ok
19:12:57.0478 5276 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:12:57.0525 5276 Compbatt - ok
19:12:57.0947 5276 Cpqarray - ok
19:12:58.0119 5276 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
19:12:58.0353 5276 cpudrv - ok
19:12:58.0791 5276 dac2w2k - ok
19:12:59.0400 5276 dac960nt - ok
19:12:59.0931 5276 DCamUSBEMPIA (5118ea8a2f55fa4d4295516500b78229) C:\WINDOWS\system32\DRIVERS\emDevice.sys
19:12:59.0994 5276 DCamUSBEMPIA - ok
19:13:00.0681 5276 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:13:00.0697 5276 Disk - ok
19:13:01.0681 5276 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:13:02.0072 5276 dmboot - ok
19:13:02.0806 5276 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:13:02.0885 5276 dmio - ok
19:13:03.0494 5276 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:13:03.0494 5276 dmload - ok
19:13:04.0010 5276 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:13:04.0041 5276 DMusic - ok
19:13:04.0681 5276 dpti2o - ok
19:13:05.0166 5276 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:13:05.0166 5276 drmkaud - ok
19:13:05.0994 5276 drvmcdb (96bc8f872f0270c10edc3931f1c03776) C:\WINDOWS\system32\drivers\drvmcdb.sys
19:13:06.0072 5276 drvmcdb - ok
19:13:06.0931 5276 drvnddm (5afbec7a6ac61b211633dfdb1d9e0c89) C:\WINDOWS\system32\drivers\drvnddm.sys
19:13:06.0963 5276 drvnddm - ok
19:13:07.0478 5276 eaps2kbd (53ce0799c9384cac99942ff032285f21) C:\WINDOWS\system32\DRIVERS\eaps2kbd.sys
19:13:07.0806 5276 eaps2kbd - ok
19:13:08.0275 5276 EAWDMFD (e54e3a335b3a03ad0252e50bb92a633c) C:\WINDOWS\system32\drivers\EAWDMFD.sys
19:13:08.0306 5276 EAWDMFD - ok
19:13:08.0994 5276 emAudio (200da4f1964c11b3c19a07f937394624) C:\WINDOWS\system32\drivers\emAudio.sys
19:13:09.0010 5276 emAudio - ok
19:13:09.0463 5276 EMSCR (d3d0ef132eb8f7351e0f6e8072e26331) C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
19:13:09.0494 5276 EMSCR - ok
19:13:10.0322 5276 ESDCR (fcf25b9eb1876dbb3efe13baf37b7bf8) C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
19:13:10.0338 5276 ESDCR - ok
19:13:11.0135 5276 ESMCR (7cec9e3a81142ea0294f2abba0b0a846) C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
19:13:11.0166 5276 ESMCR - ok
19:13:11.0728 5276 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:13:12.0010 5276 Fastfat - ok
19:13:12.0447 5276 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:13:12.0478 5276 Fdc - ok
19:13:13.0119 5276 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:13:13.0150 5276 FilterService - ok
19:13:13.0603 5276 FiltUSBEMPIA (6f87e4706f59463b74bc4fad0f67338f) C:\WINDOWS\system32\DRIVERS\emFilter.sys
19:13:13.0619 5276 FiltUSBEMPIA - ok
19:13:14.0213 5276 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:13:14.0291 5276 Fips - ok
19:13:14.0775 5276 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:13:14.0775 5276 Flpydisk - ok
19:13:15.0525 5276 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:13:15.0588 5276 FltMgr - ok
19:13:16.0197 5276 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:13:16.0228 5276 Fs_Rec - ok
19:13:16.0728 5276 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:13:16.0806 5276 Ftdisk - ok
19:13:17.0463 5276 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:13:17.0494 5276 GEARAspiWDM - ok
19:13:18.0056 5276 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:13:18.0088 5276 Gpc - ok
19:13:18.0916 5276 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:13:18.0931 5276 HidUsb - ok
19:13:19.0650 5276 hpn - ok
19:13:20.0135 5276 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:13:20.0463 5276 HPZid412 - ok
19:13:20.0994 5276 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:13:21.0010 5276 HPZipr12 - ok
19:13:21.0713 5276 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:13:21.0728 5276 HPZius12 - ok
19:13:22.0556 5276 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:13:22.0697 5276 HTTP - ok
19:13:23.0103 5276 i2omgmt - ok
19:13:23.0713 5276 i2omp - ok
19:13:24.0150 5276 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:13:24.0275 5276 i8042prt - ok
19:13:29.0322 5276 ialm (2aae7be67911f4aec9ad28e9cfb9096f) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:13:32.0556 5276 ialm - ok
19:13:33.0431 5276 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:13:33.0510 5276 Imapi - ok
19:13:34.0088 5276 ini910u - ok
19:13:34.0541 5276 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:13:34.0541 5276 IntelIde - ok
19:13:34.0978 5276 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:13:35.0150 5276 intelppm - ok
19:13:35.0650 5276 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:13:35.0681 5276 Ip6Fw - ok
19:13:36.0635 5276 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:13:36.0697 5276 IpFilterDriver - ok
19:13:37.0244 5276 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:13:37.0260 5276 IpInIp - ok
19:13:37.0838 5276 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:13:37.0931 5276 IpNat - ok
19:13:41.0322 5276 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:13:41.0431 5276 IPSec - ok
19:13:42.0228 5276 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:13:42.0291 5276 IRENUM - ok
19:13:42.0869 5276 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:13:42.0963 5276 isapnp - ok
19:13:43.0603 5276 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
19:13:43.0666 5276 Iviaspi - ok
19:13:44.0666 5276 IWCA (872d090ca5c306f62d1982bce6302376) C:\WINDOWS\system32\DRIVERS\iwca.sys
19:13:44.0791 5276 IWCA - ok
19:13:45.0338 5276 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:13:45.0635 5276 Kbdclass - ok
19:13:46.0338 5276 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:13:46.0385 5276 kbdhid - ok
19:13:47.0181 5276 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:13:47.0306 5276 kmixer - ok
19:13:48.0275 5276 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:13:48.0478 5276 KSecDD - ok
19:13:49.0103 5276 lbrtfdc - ok
19:13:50.0010 5276 LCcfltr (6dbfde591322242ecec5c48fca325e82) C:\WINDOWS\system32\drivers\lccfltr.sys
19:13:50.0244 5276 LCcfltr - ok
19:13:52.0697 5276 lvpopflt (e1158b0cb852db0573922c92e6e564de) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
19:13:53.0822 5276 lvpopflt - ok
19:13:54.0728 5276 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
19:13:54.0994 5276 LVPr2Mon - ok
19:13:55.0697 5276 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys
19:13:56.0103 5276 LVRS - ok
19:13:58.0400 5276 LVUSBSta (be5e104be263921d6842c555db6a5c23) C:\WINDOWS\system32\drivers\LVUSBSta.sys
19:13:59.0228 5276 LVUSBSta - ok
19:14:04.0150 5276 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:14:08.0728 5276 LVUVC - ok
19:14:09.0681 5276 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
19:14:09.0931 5276 MarvinBus - ok
19:14:10.0619 5276 meiudf (7efac183a25b30fb5d64cc9d484b1eb6) C:\WINDOWS\system32\Drivers\meiudf.sys
19:14:10.0681 5276 meiudf - ok
19:14:11.0338 5276 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:14:11.0369 5276 mnmdd - ok
19:14:11.0916 5276 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:14:11.0947 5276 Modem - ok
19:14:13.0697 5276 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:14:13.0760 5276 Mouclass - ok
19:14:15.0713 5276 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:14:15.0760 5276 mouhid - ok
19:14:17.0181 5276 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:14:17.0494 5276 MountMgr - ok
19:14:18.0947 5276 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
19:14:19.0181 5276 MPE - ok
19:14:19.0994 5276 mraid35x - ok
19:14:20.0650 5276 mrtRate (6075de2ad531f6e30c9995dfda22001f) C:\WINDOWS\system32\drivers\mrtRate.sys
19:14:20.0713 5276 mrtRate - ok
19:14:21.0619 5276 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:14:22.0150 5276 MRxDAV - ok
19:14:23.0400 5276 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:14:24.0041 5276 MRxSmb - ok
19:14:25.0150 5276 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
19:14:25.0244 5276 MSDV - ok
19:14:26.0025 5276 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:14:26.0135 5276 Msfs - ok
19:14:26.0775 5276 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:14:26.0806 5276 MSKSSRV - ok
19:14:27.0244 5276 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:14:27.0338 5276 MSPCLOCK - ok
19:14:27.0994 5276 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:14:28.0041 5276 MSPQM - ok
19:14:28.0588 5276 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:14:28.0603 5276 mssmbios - ok
19:14:29.0353 5276 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:14:29.0369 5276 MSTEE - ok
19:14:30.0197 5276 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:14:30.0275 5276 Mup - ok
19:14:30.0806 5276 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:14:31.0041 5276 NABTSFEC - ok
19:14:31.0572 5276 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:14:31.0650 5276 NDIS - ok
19:14:32.0291 5276 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:14:32.0338 5276 NdisIP - ok
19:14:33.0775 5276 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:14:33.0791 5276 NdisTapi - ok
19:14:34.0431 5276 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:14:34.0447 5276 Ndisuio - ok
19:14:34.0916 5276 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:14:34.0978 5276 NdisWan - ok
19:14:35.0885 5276 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:14:35.0916 5276 NDProxy - ok
19:14:36.0713 5276 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:14:36.0744 5276 NetBIOS - ok
19:14:37.0588 5276 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:14:37.0666 5276 NetBT - ok
19:14:38.0135 5276 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
19:14:38.0150 5276 Netdevio - ok
19:14:38.0916 5276 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:14:38.0978 5276 NIC1394 - ok
19:14:39.0838 5276 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
19:14:39.0869 5276 nm - ok
19:14:41.0056 5276 NPF (b15e0180c43d8b5219196d76878cc2dd) C:\WINDOWS\system32\drivers\npf.sys
19:14:41.0103 5276 NPF - ok
19:14:42.0322 5276 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:14:43.0744 5276 Npfs - ok
19:14:44.0650 5276 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:14:44.0947 5276 Ntfs - ok
19:14:45.0400 5276 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:14:45.0588 5276 Null - ok
19:14:46.0150 5276 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:14:46.0166 5276 NwlnkFlt - ok
19:14:46.0838 5276 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:14:46.0869 5276 NwlnkFwd - ok
19:14:47.0338 5276 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:14:47.0385 5276 ohci1394 - ok
19:14:47.0931 5276 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
19:14:48.0119 5276 Parport - ok
19:14:48.0556 5276 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:14:48.0572 5276 PartMgr - ok
19:14:49.0213 5276 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:14:49.0244 5276 ParVdm - ok
19:14:49.0978 5276 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:14:50.0025 5276 PCI - ok
19:14:50.0463 5276 PCIDump - ok
19:14:51.0385 5276 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:14:51.0431 5276 PCIIde - ok
19:14:52.0119 5276 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:14:52.0228 5276 Pcmcia - ok
19:14:52.0635 5276 PDCOMP - ok
19:14:53.0213 5276 PDFRAME - ok
19:14:53.0635 5276 PDRELI - ok
19:14:54.0322 5276 PDRFRAME - ok
19:14:54.0744 5276 perc2 - ok
19:14:55.0478 5276 perc2hib - ok
19:14:55.0994 5276 Pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
19:14:56.0010 5276 Pfc - ok
19:14:56.0900 5276 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:14:56.0931 5276 PptpMiniport - ok
19:14:57.0666 5276 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:14:57.0713 5276 PSched - ok
19:14:58.0556 5276 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:14:58.0588 5276 Ptilink - ok
19:14:59.0088 5276 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:14:59.0260 5276 PxHelp20 - ok
19:14:59.0713 5276 ql1080 - ok
19:15:00.0103 5276 Ql10wnt - ok
19:15:00.0681 5276 ql12160 - ok
19:15:01.0119 5276 ql1240 - ok
19:15:01.0791 5276 ql1280 - ok
19:15:02.0447 5276 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:15:02.0791 5276 RasAcd - ok
19:15:03.0713 5276 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:15:03.0760 5276 Rasl2tp - ok
19:15:04.0260 5276 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:15:04.0291 5276 RasPppoe - ok
19:15:05.0244 5276 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:15:05.0275 5276 Raspti - ok
19:15:06.0197 5276 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:15:06.0291 5276 Rdbss - ok
19:15:07.0025 5276 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:15:07.0056 5276 RDPCDD - ok
19:15:07.0619 5276 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:15:07.0822 5276 RDPWD - ok
19:15:08.0494 5276 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:15:08.0525 5276 redbook - ok
19:15:09.0135 5276 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\WINDOWS\system32\DRIVERS\RsFx0103.sys
19:15:09.0260 5276 RsFx0103 - ok
19:15:09.0760 5276 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
19:15:09.0931 5276 RTL8023xp - ok
19:15:10.0400 5276 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:15:10.0525 5276 rtl8139 - ok
19:15:11.0228 5276 s24trans (85a26a3bb748dfd3170cdbf45b0dd7fd) C:\WINDOWS\system32\DRIVERS\s24trans.sys
19:15:11.0275 5276 s24trans - ok
19:15:11.0791 5276 ScanUSBEMPIA (f5a633609777c212ec5ff19927fc5955) C:\WINDOWS\system32\DRIVERS\emScan.sys
19:15:11.0838 5276 ScanUSBEMPIA - ok
19:15:12.0556 5276 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:15:12.0619 5276 sdbus - ok
19:15:13.0244 5276 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:15:13.0275 5276 Secdrv - ok
19:15:13.0760 5276 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:15:13.0775 5276 serenum - ok
19:15:14.0416 5276 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
19:15:14.0463 5276 Serial - ok
19:15:14.0963 5276 SerTVOutCtlr (c996c839a3261cab5409c61e5702b620) C:\WINDOWS\system32\drivers\EPIOMngr.sys
19:15:14.0963 5276 SerTVOutCtlr - ok
19:15:15.0744 5276 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
19:15:15.0760 5276 sffdisk - ok
19:15:16.0416 5276 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
19:15:16.0478 5276 sffp_sd - ok
19:15:16.0916 5276 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:15:16.0947 5276 Sfloppy - ok
19:15:17.0525 5276 Simbad - ok
19:15:17.0963 5276 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:15:18.0275 5276 SLIP - ok
19:15:18.0869 5276 Sparrow - ok
19:15:19.0556 5276 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:15:19.0572 5276 splitter - ok
19:15:20.0072 5276 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:15:20.0119 5276 sr - ok
19:15:20.0947 5276 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:15:21.0119 5276 Srv - ok
19:15:21.0791 5276 SrvcEKIOMngr (3b01a9316255cdd17f9c8e79aa573406) C:\WINDOWS\system32\Drivers\EKIoMngr.sys
19:15:21.0822 5276 SrvcEKIOMngr - ok
19:15:22.0306 5276 SrvcSSIOMngr (79b7af340d55861df1d69e7bac975fcc) C:\WINDOWS\system32\Drivers\SSIoMngr.sys
19:15:22.0338 5276 SrvcSSIOMngr - ok
19:15:22.0994 5276 sscdbhk5 (98625722ad52b40305e74aaa83c93086) C:\WINDOWS\system32\drivers\sscdbhk5.sys
19:15:22.0994 5276 sscdbhk5 - ok
19:15:23.0447 5276 ssrtln (d79412e3942c8a257253487536d5a994) C:\WINDOWS\system32\drivers\ssrtln.sys
19:15:23.0463 5276 ssrtln - ok
19:15:23.0900 5276 StickyMesger - ok
19:15:24.0463 5276 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:15:24.0478 5276 streamip - ok
19:15:25.0260 5276 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:15:25.0275 5276 swenum - ok
19:15:25.0931 5276 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:15:25.0978 5276 swmidi - ok
19:15:26.0400 5276 symc810 - ok
19:15:27.0025 5276 symc8xx - ok
19:15:27.0463 5276 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
19:15:27.0478 5276 symlcbrd - ok
19:15:28.0291 5276 sym_hi - ok
19:15:28.0697 5276 sym_u3 - ok
19:15:29.0635 5276 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:15:29.0681 5276 sysaudio - ok
19:15:29.0697 5276 Tablet2k - ok
19:15:30.0822 5276 TBiosDrv (eeca2b57545e7b7be949b5e70e31444f) C:\WINDOWS\system32\drivers\TBiosDrv.sys
19:15:30.0838 5276 TBiosDrv - ok
19:15:31.0775 5276 TClass2k (535fb6fe9b756b4e3203de3e3842fa04) C:\WINDOWS\system32\DRIVERS\TClass2k.sys
19:15:31.0806 5276 TClass2k - ok
19:15:33.0072 5276 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:15:33.0369 5276 Tcpip - ok
19:15:33.0900 5276 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:15:33.0916 5276 TDPIPE - ok
19:15:34.0744 5276 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:15:34.0775 5276 TDTCP - ok
19:15:35.0385 5276 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:15:35.0416 5276 TermDD - ok
19:15:35.0853 5276 tfsnboio (d0177776e11b0b3f272eebd262a69661) C:\WINDOWS\system32\dla\tfsnboio.sys
19:15:35.0885 5276 tfsnboio - ok
19:15:36.0478 5276 tfsncofs (599804bc938b8305a5422319774da871) C:\WINDOWS\system32\dla\tfsncofs.sys
19:15:36.0510 5276 tfsncofs - ok
19:15:36.0885 5276 tfsndrct (a1902c00adc11c4d83f8e3ed947a6a32) C:\WINDOWS\system32\dla\tfsndrct.sys
19:15:36.0900 5276 tfsndrct - ok
19:15:37.0400 5276 tfsndres (d8ddb3f2b1bef15cff6728d89c042c61) C:\WINDOWS\system32\dla\tfsndres.sys
19:15:37.0556 5276 tfsndres - ok
19:15:38.0041 5276 tfsnifs (c4f2dea75300971cdaee311007de138d) C:\WINDOWS\system32\dla\tfsnifs.sys
19:15:38.0088 5276 tfsnifs - ok
19:15:38.0697 5276 tfsnopio (272925be0ea919f08286d2ee6f102b0f) C:\WINDOWS\system32\dla\tfsnopio.sys
19:15:38.0728 5276 tfsnopio - ok
19:15:39.0135 5276 tfsnpool (7b7d955e5cebc2fb88b03ef875d52a2f) C:\WINDOWS\system32\dla\tfsnpool.sys
19:15:39.0150 5276 tfsnpool - ok
19:15:39.0760 5276 tfsnudf (e3d01263109d800c1967c12c10a0b018) C:\WINDOWS\system32\dla\tfsnudf.sys
19:15:39.0822 5276 tfsnudf - ok
19:15:40.0353 5276 tfsnudfa (b9e9c377906e3a65bc74598fff7f7458) C:\WINDOWS\system32\dla\tfsnudfa.sys
19:15:42.0431 5276 tfsnudfa - ok
19:15:43.0353 5276 toshidpt (62c57e7411b5f20980e70530ca69d5a7) C:\WINDOWS\system32\drivers\Toshidpt.sys
19:15:43.0369 5276 toshidpt - ok
19:15:43.0963 5276 TosIde - ok
19:15:44.0431 5276 tosporte (e46fb54be8a2a395fe96633b838baafe) C:\WINDOWS\system32\DRIVERS\tosporte.sys
19:15:44.0463 5276 tosporte - ok
19:15:44.0916 5276 Tosrfbd (81546df5dea8abf2c8864d6d1f724b35) C:\WINDOWS\system32\Drivers\tosrfbd.sys
19:15:45.0010 5276 Tosrfbd - ok
19:15:45.0431 5276 Tosrfbnp (fe200eece7521061cdad658c6ee4f341) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
19:15:45.0463 5276 Tosrfbnp - ok
19:15:45.0963 5276 Tosrfcom (d185be751021bcf1e5d58566d408314a) C:\WINDOWS\system32\Drivers\tosrfcom.sys
19:15:46.0010 5276 Tosrfcom - ok
19:15:46.0447 5276 tosrfec (28c252f4311244a07b6dafc1fa0a2b0e) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
19:15:46.0463 5276 tosrfec - ok
19:15:47.0869 5276 Tosrfhid (341612b9758054e5965bcd6ae111b8f9) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
19:15:47.0900 5276 Tosrfhid - ok
19:15:48.0838 5276 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
19:15:48.0869 5276 tosrfnds - ok
19:15:49.0353 5276 TosRfSnd (350814a87f8ba3b0e28278feddf36f82) C:\WINDOWS\system32\drivers\TosRfSnd.sys
19:15:49.0431 5276 TosRfSnd - ok
19:15:50.0072 5276 Tosrfusb (ddb8a339e57d514768f45d33b11bdb50) C:\WINDOWS\system32\Drivers\tosrfusb.sys
19:15:50.0119 5276 Tosrfusb - ok
19:15:50.0588 5276 TPwSav (542dd0c0d8a1aa428a8c8d1517edb679) C:\WINDOWS\system32\Drivers\TPwSav.sys
19:15:50.0775 5276 TPwSav - ok
19:15:51.0275 5276 Tvs (7bc87d123f504d161693f672cfe99ec4) C:\WINDOWS\system32\DRIVERS\Tvs.sys
19:15:51.0306 5276 Tvs - ok
19:15:51.0978 5276 U2SP (975e28ba5acdd645c3d7a6775a63c8d9) C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys
19:15:51.0994 5276 U2SP - ok
19:15:52.0494 5276 UCTblHid (019d314a69789e377a92b8b279c8e12b) C:\WINDOWS\system32\DRIVERS\UCTblHid.sys
19:15:52.0510 5276 UCTblHid - ok
19:15:53.0197 5276 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:15:53.0260 5276 Udfs - ok
19:15:53.0666 5276 ultra - ok
19:15:54.0463 5276 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:15:54.0650 5276 Update - ok
19:15:55.0463 5276 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:15:55.0494 5276 USBAAPL - ok
19:15:56.0166 5276 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:15:56.0197 5276 usbaudio - ok
19:15:56.0635 5276 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:15:56.0666 5276 usbccgp - ok
19:15:57.0275 5276 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:15:57.0306 5276 usbehci - ok
19:15:57.0838 5276 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:15:57.0900 5276 usbhub - ok
19:15:58.0541 5276 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:15:58.0588 5276 usbohci - ok
19:15:59.0291 5276 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:15:59.0306 5276 usbprint - ok
19:15:59.0775 5276 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:15:59.0806 5276 usbscan - ok
19:16:00.0431 5276 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:16:00.0478 5276 USBSTOR - ok
19:16:00.0931 5276 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:16:00.0947 5276 usbuhci - ok
19:16:01.0572 5276 vcdrom (bfa4ae30b3ac10e9223830bf103f5a3f) C:\WINDOWS\system32\VCdRom.sys
19:16:01.0635 5276 vcdrom - ok
19:16:02.0135 5276 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:16:02.0135 5276 VgaSave - ok
19:16:02.0760 5276 ViaIde - ok
19:16:03.0260 5276 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:16:03.0478 5276 VolSnap - ok
19:16:05.0744 5276 w29n51 (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
19:16:07.0369 5276 w29n51 - ok
19:16:08.0306 5276 wacmoumonitor (8724531219ae3f9e3729012b61dce527) C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys
19:16:08.0338 5276 wacmoumonitor - ok
19:16:09.0181 5276 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
19:16:09.0197 5276 wacommousefilter - ok
19:16:10.0025 5276 wacomvhid (51d580f30d1a1f2ea4965af6abc2bcb2) C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
19:16:10.0088 5276 wacomvhid - ok
19:16:10.0619 5276 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:16:11.0041 5276 Wanarp - ok
19:16:11.0541 5276 wanatw - ok
19:16:12.0010 5276 WDC_SAM - ok
19:16:12.0431 5276 WDICA - ok
19:16:12.0978 5276 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:16:13.0025 5276 wdmaud - ok
19:16:13.0525 5276 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:16:13.0572 5276 WpdUsb - ok
19:16:14.0041 5276 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:16:14.0056 5276 WSTCODEC - ok
19:16:14.0619 5276 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:16:14.0650 5276 WudfPf - ok
19:16:15.0103 5276 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:16:15.0166 5276 WudfRd - ok
19:16:15.0244 5276 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
19:16:16.0025 5276 \Device\Harddisk0\DR0 - ok
19:16:16.0056 5276 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
19:16:16.0056 5276 \Device\Harddisk1\DR2 - ok
19:16:16.0088 5276 Boot (0x1200) (817d5146982094cfd60668a991b966d2) \Device\Harddisk0\DR0\Partition0
19:16:16.0088 5276 \Device\Harddisk0\DR0\Partition0 - ok
19:16:16.0103 5276 Boot (0x1200) (50fcbf9806a9fdd21f7fe7380389d5ed) \Device\Harddisk1\DR2\Partition0
19:16:16.0103 5276 \Device\Harddisk1\DR2\Partition0 - ok
19:16:16.0103 5276 ============================================================
19:16:16.0103 5276 Scan finished
19:16:16.0103 5276 ============================================================
19:16:16.0119 4312 Detected object count: 0
19:16:16.0119 4312 Actual detected object count: 0

ComboFix runs - leaves empty folder on C:\

no reboots this time.
  • 0

#8
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts

ComboFix runs - leaves empty folder on C:\

no reboots this time.


I am not sure I grasp what that means - if you would provide some details please.
  • 0

#9
VICFROMBAYVILLE

VICFROMBAYVILLE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
ComboFix runs - leaves empty folder on C:\
ran SCAN and it seemed to run to completion
looked for txt file generated on C:\ - found no file
found C:\32788R22FWJFW with no files in this folder

no reboots this time.
ran larry.exe and ComboFix with no unexpected reboot
that is they both ran to completion

Thanks, Vic
  • 0

#10
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Malware tourists have new tricks all the time. Open Gmer again. Once it has completed it's opening scan, this time just right click in the white space in the display and select Options - Only non MS files. Then click Scan and allow Gmer to run a different scan. Once that completes click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.
  • 0

Advertisements


#11
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
FYI - this method is less likely to bring on any crash problems.
  • 0

#12
VICFROMBAYVILLE

VICFROMBAYVILLE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
downloaded and ran Gmer
Gmer opened and I could see the initial scan in progress
then before I could click in the white space - computer screen went black and rebooted.
  • 0

#13
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
That all comes as a surprise, since nothing so far suggests such a level of malware interference, TDSSKiller finds nothing, and I kinda doubt Avast would be the cause, without you being alerted in some shape or form. Though of course be sure it is always disabled when doing these repairs.

Please check to see if any of these crashes created any log files I might check.

Navigate (right click My Computer, left click Explore) to the following folder:

c:\windows\minidump

And if one is there, locate in it any recent minidump(date-somenumber).dmp files created, where "date-somenumber" matches dates of any recent crashes there. If they exist, then just zip a copy of it, and send it to jintan AT malwarecrypt.com as an attachment. Please place "Submitted Files - VICFROMBAYVILLE/g2g/dmp" as the email Subject.
  • 0

#14
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
I received the files. thanks. Some of the common info in the dumps:

Crashes occur due to atapi.sys, which controls the drives there - disks, CD-ROM etc. They occur when it runs an IdePortNotification function, and causes an DRIVER_IRQL_NOT_LESS_OR_EQUAL, with a logged error of 0x000000D1. That often leads to issue with Logitech devices. I periodically have to deal with a laptop that also periodically dumps, atapi.sys, 0x000000D1, and has Logitech installed, and have yet to get a handle on that one, as long as Logitech devices are used with it.

Perhaps by coincidence, they also have Avast installed, though switching from that has not removed the periodic crashes.

Gmer, awwMBR and even parts of ComboFix all check low level device drivers, which very much involves those controlled by atapi.sys. So a question might be are we seeing malware activities here, or issues due to Logitech?

Please disconnect any Logitech devices (the logs suggest a webcam) for the computer.

Go to Start – Settings – Control Panel. Click on Add/Remove Programs. If any of the following programs are listed there, click on the program to highlight it, and click on Remove. Then close the Control Panel.

LogitechCommunicationsManager
LogitechQuickCamRibbon


And any other Logitech software that shows there I might have missed. You can always reinstall these later.

Reboot, and try aswMBR and Gmer again. Post those logs if successful.
  • 0

#15
VICFROMBAYVILLE

VICFROMBAYVILLE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
No Logitech files remain.
I also uninstalled...
bamboo
EPSON printer software
WebTablet Netscape plugin
WebTablet IE plugin
Spyware Blaster 4.2
Startup Manager 2.4.2
what's Running 3.0
Quick Startup 2.8.0.718
Watcher 2.3.4
3D Home Designer Suite
AND
replace Logitec keyboard with Dell keyboard

ran Gmer and it aborted during initial scan

system runs but occasionally reboots.
Use Chrome most often now.
Firefox now runs and IE runs OK
Thanks
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP