Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Another assistance request. PC infected.

Started by Stumped2012 , Jan 23 2012 10:32 PM

Please log in to reply

#1
Stumped2012

Posted 23 January 2012 - 10:32 PM

New Member

Member
6 posts

Hi there.

I'm looking for assistance, if possible.

My PC has picked up a virus - or several viruses, or it may be the same one using different names....

I first became aware that something was wrong a couple of weeks ago. I suddenly started to get redirected to seemingly random websites when using my net browser (Opera).

Thereafter my virus checker (Norton) began to inform me on a regular basis that my system had been attacked by a trojan, but that it had been dealt with.

Norton then informed me a few days ago that it had found a trojan called 'zero access' and required me to delete it. I followed the instructions that Norton gave me.

During this time I have been suffering from net browser redirects. I have tried Malawarebytes and Spybot - with no success.

I currently have a pop up called 'Windows Command Processor' that is clearly another virus.

I also find that i'm curently unable to access any Microsoft sites or Opera. I'm simply redirected to a 'site not found' page.

This is my OTL log:

OTL logfile created on: 24/01/2012 04:12:01 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Scott\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 46.62% Memory free
6.70 Gb Paging File | 4.90 Gb Available in Paging File | 73.15% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.02 Gb Total Space | 274.51 Gb Free Space | 60.33% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 86.58 Gb Free Space | 18.59% Space Free | Partition Type: NTFS
Drive F: | 4.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive S: | 1.46 Gb Total Space | 1.42 Gb Free Space | 96.61% Space Free | Partition Type: NTFS

Computer Name: FAMILY-PC | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/24 04:11:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
PRC - [2012/01/23 18:40:41 | 000,143,360 | --S- | M] () -- C:\Users\Scott\AppData\Local\ghkvwcli\oncihcuy.exe
PRC - [2012/01/17 21:56:04 | 000,038,704 | ---- | M] (NCSoft) -- C:\Program Files\NCSoft\Launcher\NCLauncher.exe
PRC - [2012/01/11 15:02:26 | 000,307,312 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/12/05 19:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/11/29 14:18:51 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/10/15 06:54:58 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/06/21 16:20:16 | 001,984,832 | ---- | M] (FSPro Labs) -- C:\Program Files\My Lockbox\mylbx.exe
PRC - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
PRC - [2010/12/13 12:54:44 | 000,223,400 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2010/10/18 13:37:35 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
PRC - [2010/07/13 01:34:46 | 000,906,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
PRC - [2009/07/17 13:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/09 19:10:54 | 000,970,240 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
PRC - [2008/07/10 13:48:18 | 000,974,848 | ---- | M] (Codeode) -- C:\Program Files\Privacy Mantra 2.05\privacymantra.exe
PRC - [2008/05/13 18:12:54 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/11/28 15:43:08 | 000,042,824 | ---- | M] () -- C:\Program Files\Spare Messaging\MessagingApp.exe

========== Modules (No Company Name) ==========

MOD - [2012/01/23 18:40:41 | 000,143,360 | --S- | M] () -- C:\Users\Scott\AppData\Local\ghkvwcli\oncihcuy.exe
MOD - [2011/11/15 21:06:33 | 000,217,088 | ---- | M] () -- C:\Program Files\NCSoft\Launcher\UnRar.Net.dll
MOD - [2011/11/15 21:06:32 | 000,024,576 | ---- | M] () -- C:\Program Files\NCSoft\Launcher\NC.Logging.dll
MOD - [2011/10/13 06:47:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6d2f689baff5da3df134fdec0742a13c\System.Runtime.Remoting.ni.dll
MOD - [2011/10/13 06:47:10 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\cbfa4bf002c1abaf94ba8634139727eb\System.Security.ni.dll
MOD - [2011/10/13 06:47:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/13 06:41:41 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/13 06:41:24 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/13 06:41:17 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/13 06:41:15 | 010,683,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\0e8e3007e61a2ba9454600dce8193b65\System.Design.ni.dll
MOD - [2011/10/13 06:40:19 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/13 06:39:39 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/07/13 01:29:42 | 000,143,360 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\connectionDetector.dll
MOD - [2010/07/13 01:28:42 | 000,856,064 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\fsk.dll
MOD - [2010/07/13 01:26:12 | 000,018,432 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
MOD - [2010/07/13 01:25:56 | 000,008,704 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
MOD - [2010/07/13 01:25:50 | 000,028,160 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ticket.dll
MOD - [2010/07/13 01:25:42 | 000,011,776 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
MOD - [2010/07/13 01:22:36 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskinLocalize.dll
MOD - [2010/07/13 01:22:02 | 000,009,728 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskPower.dll
MOD - [2010/07/13 01:16:16 | 000,118,784 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskDocumentViewer.dll
MOD - [2010/07/13 01:15:58 | 000,010,240 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
MOD - [2010/07/13 01:15:52 | 000,233,472 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\Fskin.dll
MOD - [2010/07/13 01:13:42 | 000,033,792 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskMediaPlayers.dll
MOD - [2010/07/13 01:10:56 | 000,172,032 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\USBDetector.dll
MOD - [2010/06/30 13:03:14 | 000,051,512 | ---- | M] () -- C:\Program Files\My Lockbox\FSPFlt.dll
MOD - [2010/04/02 21:23:36 | 000,815,104 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskSecurity.dll
MOD - [2010/04/02 20:44:16 | 000,086,016 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ebookUsb.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/04/11 06:28:22 | 000,223,232 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2009/04/11 06:28:22 | 000,223,232 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/06/17 12:09:02 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2007/11/28 15:43:08 | 000,042,824 | ---- | M] () -- C:\Program Files\Spare Messaging\MessagingApp.exe

========== Win32 Services (SafeList) ==========

SRV - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2010/04/02 21:34:12 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2009/07/17 13:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2009/04/12 18:19:32 | 000,120,168 | ---- | M] (stumbleupon.com) [On_Demand | Stopped] -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe -- (StumbleUponUpdateService)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/29 16:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)

========== Driver Services (SafeList) ==========

DRV - [2012/01/12 19:03:46 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120123.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/12 19:03:46 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120123.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/12/01 02:25:03 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 08:00:55 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/11/09 08:00:55 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/08/22 23:17:32 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120120.002\IDSvix86.sys -- (IDSVix86)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/05/02 23:16:37 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/29 02:16:24 | 000,580,096 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L6PODLV.sys -- (L6PODLV)
DRV - [2011/03/31 03:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/31 03:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/22 00:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1206000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/15 02:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 06:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/27 05:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/09/07 22:45:06 | 000,579,456 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L6TPortB.sys -- (L6TPortB)
DRV - [2010/07/22 16:13:28 | 000,041,912 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\FSPFltd.sys -- (FSProFilter)
DRV - [2009/04/11 04:39:17 | 000,067,072 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009/03/27 23:03:00 | 007,738,816 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/02 20:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/21 02:23:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/08/29 07:40:34 | 001,183,744 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVerBDA3x.sys -- (AVerBDA3x)
DRV - [2007/04/23 09:50:50 | 000,025,896 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2007/03/12 09:49:30 | 000,354,816 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL85n86.sys -- (RTL85n86)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.philips.com/pc
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://news.sky.com/home/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2009/12/07 13:07:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2011/09/28 06:47:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_4_3 [2012/01/24 03:36:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/09 18:26:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/23 07:32:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions
[2011/08/23 07:31:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/24 03:36:26 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\COFFPLGN_2011_7_4_3
[2011/09/28 06:47:34 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPLGN
[2009/06/25 02:00:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/01/09 18:26:41 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 07:41:22 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/10/03 07:41:22 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/10/03 07:41:22 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/10/03 07:41:22 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/10/03 07:41:22 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...z=1I7GGLL_en-GB
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Reader Library (Enabled) = C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: 9 Ball Pool = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmncmephfckdpcmohbdpcnkmchejma\1.0_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Monster Dash = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog\2.2_0\
CHR - Extension: Toss it = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlifoiidlkcpdlchhngenehnhcadakpl\2.3_0\
CHR - Extension: Google Calendar = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Tennis = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkomjfglgnfeeachhdckcbgjhfiahco\1.9_0\
CHR - Extension: Click&Clean = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.2.0_0\
CHR - Extension: feedly = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\9.0.423_0\
CHR - Extension: Pool Mania = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\icojacdaddlajldkicfacgcjncbkieen\4.3_0\
CHR - Extension: Jigsaw Deluxe = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjknlngmkndgfpjcbglhpmjmopigpif\13.2550.94_0\
CHR - Extension: Lose It! = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehemifhdilebjjpibeianiedocpgocn\3.5.0.3_0\
CHR - Extension: StumbleUpon = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\3.12.6.1_0\
CHR - Extension: Little Alchemy = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.11_0\
CHR - Extension: Google Maps = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.3_0\
CHR - Extension: Morpheon Dark = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad\2.0_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.6_0\
CHR - Extension: Winter Bow Master = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkneifeimhhieoecnhndngcpcpfdonap\1.3.1_0\
CHR - Extension: WGT Golf Game = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb\32.1.0_0\
CHR - Extension: Crusader Tank = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpegcjgnjllooimlcfdnphhccfnmhfem\1.2.0_0\
CHR - Extension: Lyrics for Google Chrome\u2122 = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglbipcbkmlknhfhabolnniekmlhfoek\1.6.2_0\
CHR - Extension: Learn Spanish - Qu\u00E9 Onda Spanish = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj\1_0\

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (TV Center Toolbar) - {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll ()
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Value error. File not found
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (TV Center Toolbar) - {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (TV Center Toolbar) - {A7347E8C-1CA6-469B-951E-4A23C4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SpareMessaging] C:\Program Files\Spare Messaging\MessagingApp.exe ()
O4 - HKLM..\Run: [Turbine Download Manager Tray Icon] "C:\Program Files\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon.exe" File not found
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [chromium] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [com.codeode.privacymantra] C:\Program Files\Privacy Mantra 2.05\privacymantra.exe (Codeode)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [FlashGet 3] "C:\Users\Scott\Downloads\FlashGet\FlashGet3.exe" -minimize File not found
O4 - HKCU..\Run: [NCsoft Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe (NCSoft)
O4 - HKCU..\Run: [OncIhcuy] C:\Users\Scott\AppData\Local\ghkvwcli\oncihcuy.exe ()
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SU 3.22; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.miniclip....bow-master/en/" File not found
O4 - Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\oncihcuy.exe ()
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} http://www.streamplu...lug/beta/SP.cab (StreamPlug Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444552440000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56641FDF-BE93-4ED7-8F72-9ED1AC7AF288}: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0386238-CB09-48BF-BD6B-3BF880BE0B44}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Scott\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Scott\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/21 22:09:01 | 000,054,544 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2010/12/10 20:32:49 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{a8172a85-ca11-11dd-a75d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a8172a85-ca11-11dd-a75d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2011/03/21 22:09:01 | 000,054,544 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/24 04:11:29 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
[2012/01/21 11:32:48 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\FixZeroAccess
[2012/01/12 16:37:50 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\NPE
[2012/01/11 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\ghkvwcli
[2012/01/09 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Yqurg
[2012/01/09 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Miq
[2009/04/13 08:50:11 | 000,475,201 | ---- | C] (Terraglyph Interactive Studios) -- C:\Program Files\scooby.exe
[2009/04/13 08:50:11 | 000,040,960 | ---- | C] (The Learning Company) -- C:\Program Files\UNINSTAL.EXE
[2009/04/13 08:50:11 | 000,021,504 | ---- | C] (The Learning Company) -- C:\Program Files\TLCRUN.EXE
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/24 04:11:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
[2012/01/24 04:07:15 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/24 04:07:15 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/24 04:00:27 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/24 03:36:08 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/24 03:35:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/24 03:35:51 | 3487,752,192 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/24 03:26:28 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{749CB4D8-C4E8-4045-8BDB-4DBD5E116D3D}.job
[2012/01/23 18:42:33 | 000,000,680 | ---- | M] () -- C:\Users\Scott\AppData\Local\d3d9caps.dat
[2012/01/23 18:40:41 | 000,143,360 | --S- | M] () -- C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\oncihcuy.exe
[2012/01/23 14:44:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/01/23 13:05:31 | 000,055,808 | ---- | M] () -- C:\Users\Scott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/22 10:48:55 | 000,650,118 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/22 10:48:55 | 000,126,628 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/22 03:48:00 | 000,000,454 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2012/01/21 19:53:07 | 000,000,943 | ---- | M] () -- C:\Users\Scott\Desktop\CyberlinkPower2Go.lnk
[2012/01/18 10:25:06 | 000,000,671 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\vso_ts_preview.xml
[2012/01/16 15:28:54 | 000,000,935 | ---- | M] () -- C:\Users\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/01/16 15:28:54 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/14 13:27:08 | 000,002,712 | ---- | M] () -- C:\{AACF6FD1-F8DD-4DCC-9F8F-742CC42A3E44}
[2012/01/14 13:24:51 | 000,003,016 | ---- | M] () -- C:\{BA255BA0-1BF7-46EB-BB0E-9B586177686D}
[2012/01/14 09:42:16 | 371,042,366 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/01/13 16:02:46 | 000,002,440 | ---- | M] () -- C:\{A951F79E-B2BA-4822-A4AE-92593B558F4A}
[2012/01/09 16:00:39 | 000,223,706 | ---- | M] () -- C:\Users\Scott\Desktop\FOR11HIL.B2384.pdf
[2012/01/06 00:13:01 | 003,942,236 | ---- | M] () -- C:\Users\Scott\Desktop\shred off.mp3
[2012/01/04 20:36:15 | 000,002,800 | ---- | M] () -- C:\{6749DF23-C64B-48DD-BDD9-5D5874BABC16}
[2012/01/04 20:25:17 | 000,002,800 | ---- | M] () -- C:\{BBE22844-2C8A-4E4B-B475-4D3779EB68C3}
[2012/01/03 14:48:22 | 002,012,119 | ---- | M] () -- C:\Users\Scott\Desktop\P1030014.JPG
[2012/01/03 14:45:04 | 002,099,029 | ---- | M] () -- C:\Users\Scott\Desktop\P1030013.JPG
[2012/01/03 12:05:04 | 002,006,152 | ---- | M] () -- C:\Users\Scott\Desktop\P1030003.JPG
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/24 03:36:45 | 000,143,360 | --S- | C] () -- C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\oncihcuy.exe
[2012/01/16 15:28:54 | 000,000,935 | ---- | C] () -- C:\Users\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/01/16 15:28:54 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/14 13:27:05 | 000,002,712 | ---- | C] () -- C:\{AACF6FD1-F8DD-4DCC-9F8F-742CC42A3E44}
[2012/01/14 13:24:50 | 000,003,016 | ---- | C] () -- C:\{BA255BA0-1BF7-46EB-BB0E-9B586177686D}
[2012/01/13 16:02:44 | 000,002,440 | ---- | C] () -- C:\{A951F79E-B2BA-4822-A4AE-92593B558F4A}
[2012/01/09 16:00:39 | 000,223,706 | ---- | C] () -- C:\Users\Scott\Desktop\FOR11HIL.B2384.pdf
[2012/01/09 15:58:57 | 002,012,119 | ---- | C] () -- C:\Users\Scott\Desktop\P1030014.JPG
[2012/01/09 15:58:56 | 002,099,029 | ---- | C] () -- C:\Users\Scott\Desktop\P1030013.JPG
[2012/01/09 15:58:56 | 002,006,152 | ---- | C] () -- C:\Users\Scott\Desktop\P1030003.JPG
[2012/01/06 00:01:25 | 003,942,236 | ---- | C] () -- C:\Users\Scott\Desktop\shred off.mp3
[2012/01/04 20:36:13 | 000,002,800 | ---- | C] () -- C:\{6749DF23-C64B-48DD-BDD9-5D5874BABC16}
[2012/01/04 20:25:16 | 000,002,800 | ---- | C] () -- C:\{BBE22844-2C8A-4E4B-B475-4D3779EB68C3}
[2011/12/08 00:50:02 | 000,069,632 | ---- | C] () -- C:\Windows\WCUNINST.EXE
[2011/12/08 00:49:29 | 000,069,632 | ---- | C] () -- C:\Windows\RAUNINST.EXE
[2011/10/18 09:58:49 | 000,000,680 | ---- | C] () -- C:\Users\Scott\AppData\Local\d3d9caps.dat
[2010/10/27 22:45:44 | 000,001,940 | ---- | C] () -- C:\Users\Scott\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/08 18:52:08 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/28 13:09:33 | 000,001,371 | ---- | C] () -- C:\Windows\lsrslt.ini
[2010/03/08 23:26:45 | 000,009,782 | -HS- | C] () -- C:\Users\Scott\AppData\Local\8Kc67
[2010/03/08 00:18:35 | 000,137,572 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/02/21 17:33:59 | 000,012,756 | -HS- | C] () -- C:\Users\Scott\AppData\Local\e1wnOl
[2010/02/08 17:43:40 | 000,010,798 | -HS- | C] () -- C:\Users\Scott\AppData\Local\1wq31I7
[2010/01/31 11:06:18 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg
[2010/01/26 18:42:20 | 000,000,353 | ---- | C] () -- C:\Windows\GearBox.ini
[2010/01/16 19:49:12 | 000,000,305 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2010/01/16 19:48:34 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2009/09/24 02:16:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 02:16:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/24 02:15:04 | 000,067,072 | ---- | C] () -- C:\Windows\System32\drivers\cdrom.sys
[2009/09/15 21:08:25 | 000,118,784 | ---- | C] () -- C:\Windows\dsdxirmv.exe
[2009/09/14 22:57:18 | 000,000,910 | ---- | C] () -- C:\Windows\APDFPRP.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/02 15:06:49 | 000,000,671 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\vso_ts_preview.xml
[2009/04/14 16:07:42 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf
[2009/04/14 14:41:36 | 000,008,767 | ---- | C] () -- C:\Program Files\ZOE.sav
[2009/04/13 08:51:54 | 000,008,664 | ---- | C] () -- C:\Program Files\LAURA.sav
[2009/04/13 08:50:13 | 000,000,201 | ---- | C] () -- C:\Program Files\UNINSTAL.INF
[2009/04/13 08:50:12 | 000,286,208 | ---- | C] () -- C:\Program Files\binkw32.dll
[2009/04/13 08:50:11 | 000,028,788 | ---- | C] () -- C:\Program Files\object.ini
[2009/04/13 08:50:11 | 000,004,365 | ---- | C] () -- C:\Program Files\Uninst.isu
[2009/04/13 08:50:11 | 000,000,214 | ---- | C] () -- C:\Program Files\TLCRUN.INI
[2009/04/13 08:49:43 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2009/03/14 08:54:16 | 000,000,487 | ---- | C] () -- C:\Windows\ka.ini
[2009/02/26 18:47:56 | 000,042,320 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/02/23 17:30:18 | 000,000,093 | ---- | C] () -- C:\Users\Scott\AppData\Local\fusioncache.dat
[2009/02/22 17:57:52 | 004,421,889 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009/02/18 13:57:22 | 000,557,451 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009/02/16 17:19:42 | 000,790,190 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/02/16 16:32:20 | 000,425,040 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009/02/16 16:30:30 | 000,903,703 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2009/02/16 16:23:50 | 000,145,081 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009/02/16 14:49:30 | 000,328,334 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2009/02/14 15:15:42 | 000,486,400 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2009/02/09 22:28:18 | 000,098,304 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2009/02/09 20:19:18 | 000,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2009/02/09 20:19:12 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2009/02/09 20:18:52 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2009/02/09 20:18:32 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2009/02/09 20:18:24 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2009/02/09 20:18:20 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2009/02/09 19:56:22 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/01/10 22:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2009/01/10 22:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2009/01/10 22:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2009/01/10 22:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2009/01/10 22:16:04 | 000,335,872 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2009/01/10 22:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2009/01/10 22:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2009/01/10 22:15:36 | 000,103,424 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2009/01/10 22:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2009/01/10 22:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2009/01/10 22:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2009/01/10 22:15:06 | 000,135,168 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2009/01/10 22:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2009/01/10 22:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2008/12/28 15:51:00 | 000,239,247 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2008/12/15 01:50:56 | 000,055,808 | ---- | C] () -- C:\Users\Scott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/14 21:57:48 | 000,000,108 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\wklnhst.dat
[2008/12/14 19:27:15 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/14 19:25:01 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/12/14 19:25:01 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/12/03 22:11:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/11/06 16:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/07/09 08:05:24 | 000,020,480 | ---- | C] () -- C:\Windows\System32\ac3config.exe
[2008/06/17 11:30:48 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2007/10/13 09:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 000,320,384 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,650,118 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,126,628 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/06/06 01:01:58 | 000,029,696 | ---- | C] () -- C:\Windows\System32\asutl8.dll

========== LOP Check ==========

[2011/01/03 20:57:30 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Amazon
[2009/08/22 16:56:59 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Anvil Studio
[2012/01/21 03:22:09 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Audacity
[2011/08/10 23:04:25 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Babylon
[2010/01/16 19:48:35 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\BITS
[2009/09/15 22:01:42 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Blitware
[2011/08/10 23:39:29 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Cakewalk
[2009/02/24 04:10:07 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Dealio
[2010/06/09 17:00:33 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Doctor Who
[2012/01/24 03:37:43 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Dropbox
[2010/06/09 11:11:52 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\EB28242F25275404D3ECDC0945A7A925
[2012/01/21 11:32:48 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\FixZeroAccess
[2010/01/16 19:48:15 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\FlashGet
[2010/01/16 19:48:12 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\FlashGetBHO
[2010/04/16 21:16:39 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\FMZilla
[2011/09/26 12:18:01 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\GetRightToGo
[2011/12/08 22:04:06 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Line 6
[2012/01/09 21:03:08 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Miq
[2009/09/01 18:32:43 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Music Recognition
[2009/07/26 12:44:54 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\NCH Swift Sound
[2010/12/24 19:36:23 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Newnovelist 2
[2011/09/22 12:16:12 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Opera
[2010/04/20 14:26:35 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Orbit
[2010/01/26 22:17:28 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\PACE Anti-Piracy
[2009/10/01 23:39:40 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Participatory Culture Foundation
[2009/10/01 23:45:54 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\PCF-VLC
[2010/02/13 21:35:06 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\REAPER
[2011/01/07 18:55:12 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Rovio
[2009/06/07 03:15:38 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Search Settings
[2009/09/12 17:12:05 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Song Surgeon
[2009/09/15 22:22:20 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Steinberg
[2011/08/01 19:17:35 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\SynthFont
[2009/02/19 15:36:24 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Template
[2011/01/14 09:11:16 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Tific
[2010/06/15 03:15:20 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Turbine
[2010/02/09 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Uniblue
[2012/01/23 03:02:02 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\uTorrent
[2012/01/18 10:25:07 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Vso
[2012/01/09 23:20:10 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Yqurg
[2012/01/22 03:48:00 | 000,000,454 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2012/01/24 03:34:10 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/24 03:26:28 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{749CB4D8-C4E8-4045-8BDB-4DBD5E116D3D}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Scott\Desktop\ForgetYou_190511.MPG:TOC.WMV

< End of report >

Edited by Stumped2012, 23 January 2012 - 10:36 PM.

#2
RKinner

Posted 23 January 2012 - 11:37 PM

Malware Expert

Expert
24,625 posts

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Ron

#3
Stumped2012

Posted 23 January 2012 - 11:45 PM

New Member

Topic Starter
Member
6 posts

Hi Ron

I appreciate your help here.

Unfortunately I'm going to need to do this a bit later on.

I'll post my logs later today.

Thanks again.

#4
Stumped2012

Posted 24 January 2012 - 07:00 AM

New Member

Topic Starter
Member
6 posts

I'm now in a position to start trying to fix the problem I have.

The only problem is that I'm being blocked from going to the first 3 links that you've posted.

I get redirected to a very false looking microsoft page, with a message saying the site could not be found.

I'm going to try and look at it on a laptop and possibly download combofix to a USB stick so I can transfer it to my infected PC.

#5
Stumped2012

Posted 24 January 2012 - 07:28 AM

New Member

Topic Starter
Member
6 posts

Still trying to get ComboFix onto my infected PC - with no luck.

I got a copy of combofix from my laptop and put it into my infected PC.

I disabled Norton and it still identified combofix as a Trojan and promptly deleted it.

I then ran a quickscan of Norton to see exactly what had happened.

The result came back that the following problem was found:

trojan.Zeroaccess!kmem

I'm unable to deal with that. The Norton recommendation (go to Norton website) results in me being redirected to the same phony MS site.......

Any advice would be helpful.

In the meantime I'll continue to try and get combofix onto my infected PC.

P.S.

I'm effectively blocked from all bleepingcomputers URL's right now.

Edited by Stumped2012, 24 January 2012 - 07:31 AM.

#6
Stumped2012

Posted 24 January 2012 - 08:56 AM

New Member

Topic Starter
Member
6 posts

Ok ... I think I've managed to run all the fixes.

Logs are as follows:

ComboFix;

ComboFix 12-01-23.02 - Scott 24/01/2012 13:50:08.1.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3325.2551 [GMT 0:00]
Running from: c:\users\Scott\Desktop\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Search Settings
c:\program files\Search Settings\kb128\SearchSettings.dll
c:\program files\Search Settings\kb128\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\users\Scott\353551_intl_i386_zip.exe
c:\users\Scott\362706_intl_i386_zip.exe
c:\users\Scott\AppData\Local\assembly\tmp
c:\users\Scott\AppData\Local\chdectll.log
c:\users\Scott\AppData\Local\eatxospo.log
c:\users\Scott\AppData\Local\ghkvwcli\oncihcuy.exe
c:\users\Scott\AppData\Local\iomntcmm.log
c:\users\Scott\AppData\Local\pofaieax.log
c:\users\Scott\AppData\Local\qfjnebhu.log
c:\users\Scott\AppData\Local\rfydcikl.log
c:\users\Scott\AppData\Local\uxaukwtp.log
c:\users\Scott\AppData\Roaming\Dealio
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\alerts.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\alerts_over.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\alerts_rec.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\alerts_rec_over.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\chevron-small.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\deal_report.jpg
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\DealioSearch.html
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\deals-leftcap.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\ebay_login.jpg
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\err_mainwindow.html
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\err_toolbar.html
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\global_scripts.js
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\headerbgthin.jpg
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\highlight-bg.png
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\logo.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\logo_over.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\man_toolbar.css
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\man_toolbar.html
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\man_toolbar.js
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\man_toolbarl.js
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\post-this-deal.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\post-this-deal_over.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\scripts.js
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\scroller.js
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\search-chevron.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\search-chevron_over.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\search_bg_blink.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\separator.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\settings.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\settings_over.gif
c:\users\Scott\AppData\Roaming\Dealio\kb127\res\yahoo-search.png
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\index.76.35
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.10.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.109.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.110.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.12.52
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.13.58
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.130.58
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.135.50
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.153.44
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.155.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.156.49
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.16.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.161.52
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.178.66
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.184.55
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.188.52
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.189.45
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.196.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.198.56
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.199.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.200.53
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.201.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.202.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.203.71
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.205.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.213.71
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.214.49
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.215.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.216.67
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.217.67
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.218.52
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.219.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.220.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.221.57
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.222.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.223.68
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.226.68
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.227.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.228.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.229.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.23.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.239.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.24.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.240.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.241.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.242.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.243.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.244.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.245.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.247.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.248.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.249.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.250.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.251.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.252.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.253.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.254.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.255.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.256.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.257.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.279.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.28.58
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.282.75
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.283.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.284.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.289.67
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.290.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.291.61
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.296.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.297.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.304.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.307.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.308.75
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.31.47
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.310.46
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.311.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.315.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.316.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.317.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.318.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.319.49
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.32.48
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.334.44
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.335.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.336.44
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.337.44
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.338.75
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.339.47
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.34.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.340.47
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.341.47
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.349.50
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.35.48
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.350.50
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.351.51
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.352.54
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.353.51
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.354.51
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.357.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.358.52
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.359.52
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.360.53
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.361.54
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.362.68
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.363.58
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.364.54
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.365.53
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.367.56
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.368.58
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.369.55
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.370.56
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.371.56
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.372.57
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.373.55
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.375.56
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.376.57
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.377.55
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.378.65
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.384.58
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.386.71
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.387.59
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.388.59
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.389.59
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.390.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.391.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.392.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.393.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.394.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.396.61
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.397.61
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.398.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.399.60
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.403.61
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.404.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.405.61
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.406.61
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.407.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.408.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.409.61
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.412.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.413.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.414.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.415.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.416.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.417.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.418.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.419.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.420.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.421.62
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.423.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.424.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.425.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.426.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.427.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.428.65
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.429.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.430.63
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.432.65
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.433.64
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.434.65
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.435.64
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.436.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.437.64
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.438.71
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.439.71
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.440.75
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.442.73
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.443.73
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.444.73
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.445.68
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.446.69
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.450.67
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.451.67
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.452.68
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.453.68
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.454.69
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.456.69
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.457.75
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.458.70
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.459.70
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.460.69
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.462.74
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.463.69
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.464.70
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.465.68
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.468.70
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.469.70
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.470.70
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.471.73
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.472.70
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.478.74
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.479.73
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.480.68
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.481.71
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.482.74
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.49.67
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.50.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.500.71
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.501.74
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.502.71
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.51.69
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.52.72
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.520.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.521.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.522.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.53.51
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.531.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.532.75
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.534.75
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.54.47
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.55.45
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.56.69
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.57.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.58.47
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.593.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.595.76
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.63.57
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.66.47
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.70.75
c:\users\Scott\AppData\Roaming\Dealio\kb127\rules\rules.1.71.43
c:\users\Scott\AppData\Roaming\Dealio\kb127\temp\dod_cache.xml
c:\users\Scott\POD Farm v1.12 Installer.exe
c:\users\Scott\POD Farm v2.02 Installer.exe
c:\windows\$NtUninstallKB29503$
c:\windows\$NtUninstallKB29503$\4179591775
c:\windows\$NtUninstallKB29503$\752050156\@
c:\windows\$NtUninstallKB29503$\752050156\bckfg.tmp
c:\windows\$NtUninstallKB29503$\752050156\cfg.ini
c:\windows\$NtUninstallKB29503$\752050156\Desktop.ini
c:\windows\$NtUninstallKB29503$\752050156\keywords
c:\windows\$NtUninstallKB29503$\752050156\kwrd.dll
c:\windows\$NtUninstallKB29503$\752050156\L\qnbwvoto
c:\windows\$NtUninstallKB29503$\752050156\U\00000001.@
c:\windows\$NtUninstallKB29503$\752050156\U\00000002.@
c:\windows\$NtUninstallKB29503$\752050156\U\00000004.@
c:\windows\$NtUninstallKB29503$\752050156\U\80000000.@
c:\windows\$NtUninstallKB29503$\752050156\U\80000004.@
c:\windows\$NtUninstallKB29503$\752050156\U\80000032.@
c:\windows\system32\CohUpdater.EU.tmp
c:\windows\system32\cohupdater.tmp
.
Infected copy of c:\windows\system32\drivers\cdrom.sys was found and disinfected
Restored copy from - c:\windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
.
.
((((((((((((((((((((((((( Files Created from 2011-12-24 to 2012-01-24 )))))))))))))))))))))))))))))))
.
.
2012-01-21 11:32 . 2012-01-21 11:32 -------- d-----w- c:\users\Scott\AppData\Roaming\FixZeroAccess
2012-01-12 16:37 . 2012-01-12 16:51 -------- d-----w- c:\users\Scott\AppData\Local\NPE
2012-01-11 14:57 . 2012-01-24 14:04 -------- d-----w- c:\users\Scott\AppData\Local\ghkvwcli
2012-01-09 18:30 . 2012-01-09 23:20 -------- d-----w- c:\users\Scott\AppData\Roaming\Yqurg
2012-01-09 18:30 . 2012-01-09 21:03 -------- d-----w- c:\users\Scott\AppData\Roaming\Miq
2012-01-09 18:26 . 2012-01-09 18:26 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-09 18:26 . 2012-01-09 18:26 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-09 18:26 . 2012-01-09 18:26 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-09 18:26 . 2012-01-09 18:26 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-23 18:40 . 2012-01-23 18:40 130560 ----a-w- c:\programdata\Microsoft\Windows\DRM\4235.tmp
2011-12-10 15:24 . 2010-02-21 19:32 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-29 14:18 . 2011-06-03 13:12 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2000-10-05 15:07 . 2009-04-13 08:50 475201 ----a-w- c:\program files\scooby.exe
2000-10-04 17:37 . 2009-04-13 08:50 40960 ----a-w- c:\program files\UNINSTAL.EXE
2000-10-04 17:37 . 2009-04-13 08:50 21504 ----a-w- c:\program files\TLCRUN.EXE
2000-07-11 14:14 . 2009-04-13 08:50 286208 ----a-w- c:\program files\binkw32.dll
2012-01-09 18:26 . 2011-08-23 07:31 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\System32\drivers\atapi.sys
[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[7] 2008-01-21 . 2D9C903DC76A66813D350A562DE40ED9 . 21560 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[7] 2008-01-21 . 2D9C903DC76A66813D350A562DE40ED9 . 21560 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[7] 2006-11-02 . 4F4FCB8B6EA06784FB6D475B7EC7300F . 19048 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
.
[7] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys
[7] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys
.
[7] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
[7] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
.
[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\drivers\kbdclass.sys
[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys
[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdclass.sys
[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys
[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys
[7] 2008-01-21 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys
[7] 2008-01-21 . C9B0CF786D5F151A43C7BE8E243F2819 . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys
[7] 2006-11-02 . 1A48765F92BA1A88445FC25C9C9D94FC . 32872 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys
.
[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\System32\drivers\ndis.sys
[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[7] 2008-01-21 . 9BDC71790FA08F0A0B5F10462B1BD0B1 . 529464 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
.
[7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6000.16386] . . c:\windows\System32\drivers\ntfs.sys
[7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[7] 2008-03-13 . 37430AA7A66D7A63407ADC2C0D05E9F6 . 1060920 . . [6.0.6000.16615] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16615_none_a4851c9d1fc8a346\ntfs.sys
[7] 2008-03-13 . F08824715CA6076F5E73E005AB83B9C8 . 1061944 . . [6.0.6000.20740] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20740_none_a4e9483239031830\ntfs.sys
[7] 2008-01-21 . B4EFFE29EB4F15538FD8A9681108492D . 1081912 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
.
[7] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
[7] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
.
[7] 2011-09-20 . 814A1C66FBD4E1B310A517221F1456BF . 905088 . . [6.0.6002.18519] . . c:\windows\SoftwareDistribution\Download\5ccd80bc8df1fe46a8ecba39b10b1135\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[7] 2011-09-20 . 16731B631F28F63CD9F4CB60940E7DDD . 913280 . . [6.0.6002.22719] . . c:\windows\SoftwareDistribution\Download\5ccd80bc8df1fe46a8ecba39b10b1135\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[7] 2011-06-17 . 6647FCE6FC4970DAAFE5C64C794513D3 . 913296 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[7] 2011-06-17 . 2756186E287139310997090797E0182B . 905104 . . [6.0.6002.18484] . . c:\windows\System32\drivers\tcpip.sys
[7] 2011-06-17 . 2756186E287139310997090797E0182B . 905104 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[7] 2010-06-16 . 6A10AFCE0B38371064BE41C1FBFD3C6B . 912776 . . [6.0.6002.22425] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[7] 2010-06-16 . A474879AFA4A596B3A531F3E69730DBF . 905088 . . [6.0.6002.18272] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[7] 2010-06-16 . 782568AB6A43160A159B6215B70BCCE9 . 898952 . . [6.0.6001.18493] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[7] 2010-06-16 . 6216A954ED7045B62880A92D6C9B9FC7 . 902032 . . [6.0.6001.22713] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[7] 2010-02-18 . 93A5655CD9CD2F080EF1CB71A3666215 . 902024 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[7] 2010-02-18 . 2EAE4500984C2F8DACFB977060300A15 . 898952 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[7] 2010-02-18 . D9F5DD5BBC8348E8F8220CCBF14C022E . 910216 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[7] 2010-02-18 . 48CBE6D53632D0067C2D6B20F90D84CA . 904576 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[7] 2010-02-18 . 4A82FA8F0DF67AA354580C3FAAF8BDE3 . 815104 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[7] 2010-02-18 . 2C1F7005AA3B62721BFDB307BD5F5010 . 818688 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[7] 2009-12-08 . 1ACBB7A47E78F4CC82D2EFFB72901528 . 897624 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[7] 2009-12-08 . 5653230D480A9C54D169E1B080B72CF5 . 900696 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[7] 2009-12-08 . 46E6685F3E92AEC743773ADD4CD54F57 . 907832 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[7] 2009-12-08 . DA467E7619AE5F4588E6262C13C8940A . 904776 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[7] 2009-12-08 . 8734BD051FFDCBF8425CF222141C3741 . 813568 . . [6.0.6000.16973] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[7] 2009-12-08 . CA3A5756672013A66BB9D547A5A62DCA . 816640 . . [6.0.6000.21175] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[7] 2009-08-15 . 2512B4D1353370D6688B1AF1F5AFA1CF . 816640 . . [6.0.6000.21108] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[7] 2009-08-14 . 8A7AD2A214233F684242F289ED83EBC3 . 897608 . . [6.0.6001.18311] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[7] 2009-08-14 . 2608E71AAD54564647D4BB984E1925AA . 900168 . . [6.0.6001.22497] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[7] 2009-08-14 . FF71856BD4CD6D4367F9FD84BE79A874 . 905784 . . [6.0.6002.22200] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
[7] 2009-08-14 . 65877AA1B6A7CB797488E831698973E9 . 904776 . . [6.0.6002.18091] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[7] 2009-08-14 . 300208927321066EA53761FDC98747C6 . 813568 . . [6.0.6000.16908] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[7] 2009-04-11 . 0E6B0885C3D5E4643ED2D043DE3433D8 . 897000 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[7] 2008-04-26 . 82E266BEE5F0167E41C6ECFDD2A79C02 . 891448 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[7] 2008-04-26 . 01EC1E92595F839BEE70D439C46796E3 . 891448 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[7] 2008-01-21 . FC6E2835D667774D409C7C7021EAF9C4 . 891448 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
.
[7] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
[7] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
.
[7] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[7] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[7] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[7] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[7] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[7] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[7] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[7] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[7] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[7] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[7] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
.
[7] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[7] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
.
[7] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
[7] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
.
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[7] 2008-01-21 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
.
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[7] 2008-01-21 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
.
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[7] 2008-01-21 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
.
[7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[7] 2008-01-21 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
.
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[7] 2008-01-21 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
.
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\System32\wuauclt.exe
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_e979223d5b9c821b\wuauclt.exe
[7] 2008-10-16 . E654B78D2F1D791B30D0ED9A8195EC22 . 51224 . . [7.2.6001.788] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
[7] 2008-01-21 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_a052d92e34802200\wuauclt.exe
[7] 2008-01-21 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wuauclt.exe
[7] 2006-11-02 . FF81090B6EF1A42A19DF226632711D25 . 41472 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wuauclt.exe
.
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[7] 2008-01-21 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
.
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
[7] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll
.
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[7] 2008-01-21 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
.
[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[7] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[7] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[7] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[7] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[7] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[7] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[7] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[7] 2008-01-21 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
[7] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll
[7] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll
[7] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll
[7] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll
[7] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll
[7] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll
[7] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll
[7] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll
[7] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
[7] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
[7] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
[7] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
[7] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll
[7] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll
[7] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll
[7] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
.
[7] 2011-09-30 . 59CC0E3A960D0B8A4BBDB6FC65340EB9 . 5972992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_f67f9f65513d0f01\mshtml.dll
[7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.18702] . . c:\windows\System32\mshtml.dll
[7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_f5fa03c2381bd493\mshtml.dll
[7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll
[7] 2011-07-23 . CAB330223469AC16EDB4863DF4C9976B . 5969920 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_f616725e38071b64\mshtml.dll
[7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll
[7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll
[7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll
[7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll
[7] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll
[7] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll
[7] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll
[7] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll
[7] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll
[7] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll
[7] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll
[7] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll
[7] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll
[7] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll
[7] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll
[7] 2010-02-23 . 8D5FB97AE3D30CCDD8C9D8AF447C7D09 . 5944832 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll
[7] 2010-01-02 . BE6120F3D7A853039B5437AC9E1986C1 . 5945856 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll
[7] 2010-01-02 . DF4D546A6E1C8D0F4FC10FCC9E422763 . 5942784 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll
[7] 2009-11-21 . ED6055694115B1A247B2591AB465A21D . 5944320 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll
[7] 2009-11-21 . 062B81F34EADEEF652E759BF93691C50 . 5940736 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll
[7] 2009-10-21 . 159239C8EF4D26392F9C160369348C61 . 5943296 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22942_none_f68c93f75132f82e\mshtml.dll
[7] 2009-10-21 . 9BFB2F7C3A2F626040C4EB8CE5C6ED2A . 5939712 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18852_none_f5f82740381d7455\mshtml.dll
[7] 2009-08-27 . E9C51FD04019DC14CAE9CEDE3C7B08E3 . 5942272 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\mshtml.dll
[7] 2009-08-27 . 7172C1681283EC40A8DA9ED4180FF390 . 5940224 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\mshtml.dll
[7] 2009-07-22 . 8FD67A68AF3E2013DC668D3DD1519BB7 . 5938176 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22903_none_f6b8d3f15111a1c1\mshtml.dll
[7] 2009-07-21 . 2620C82EEEBED884FAA1E00C4671E83A . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18813_none_f624673a37fc1de8\mshtml.dll
[7] 2009-05-12 . 5F3B323A3758C9B156B199F54A888882 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22874_none_f66e22e151498188\mshtml.dll
[7] 2009-05-09 . 89CCF8069B59780BDEF45E345E671347 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18783_none_f5d8b5e03834e458\mshtml.dll
[7] 2009-04-24 . C1BF8C6F8D5E0435D1ABBB94DAC8EAFD . 3596288 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll
[7] 2009-04-24 . 1638C2FA1CC381CE39504B39F7D87F35 . 3581952 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll
[7] 2009-04-24 . D12ADCB4045EF392A62990C06694EB78 . 3582976 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll
[7] 2009-04-24 . A0DB69A75113B6A396E271744489824F . 3598336 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll
[7] 2009-04-24 . 8BC33ADC526B3E7EE6E6AA013154DF69 . 3598336 . . [7.00.6002.22121] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll
[7] 2009-04-23 . DBACE2C96ED63E60CD5D89D8DE00D148 . 3597824 . . [7.00.6002.18024] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll
[7] 2009-04-11 . A4D04D404AFC1D30EDA01EE50D27AA51 . 3596288 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll
[7] 2009-03-03 . 0DCC9623D9A3E77212177F59738BE29A . 3580928 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18226_none_1333784c22344556\mshtml.dll
[7] 2009-03-03 . A77A82830D2BBB001A53A5368934F7EB . 3581440 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22389_none_137f366d3b7fd8cb\mshtml.dll
[7] 2009-03-03 . 94ED56734E8AB74357F8EA2C5C174EA9 . 3595264 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16830_none_113c67fe251b384c\mshtml.dll
[7] 2009-03-03 . 67FFB5ED7723D03B50734614D31B57A5 . 3596800 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21023_none_11d3adb53e2e3b6c\mshtml.dll
[7] 2009-01-16 . 8FA6CFFC665D1D9D99126CFA8D8DEAB7 . 3580928 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22355_none_139ba5093b6b1f9c\mshtml.dll
[7] 2009-01-15 . E161281A8E8937ED94299A6B465D7BCE . 3580416 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18203_none_134617462226c16f\mshtml.dll
[7] 2009-01-15 . AD9E78847641E519FE50A9C27E49AD27 . 3596288 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20996_none_118b26fd3e6417c6\mshtml.dll
[7] 2009-01-15 . 676692EDC2E1DBD89EFCB617A1E75F7D . 3594752 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16809_none_1165da5c24fac888\mshtml.dll
[7] 2008-12-12 . 8ECFDD5549AD28191D8594C80D4001E8 . 3578880 . . [7.00.6001.18183] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18183_none_12ef96002267a3d0\mshtml.dll
[7] 2008-12-12 . 20348C5C94D7D4A0D9AA12FBAA698514 . 3579392 . . [7.00.6001.22328] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22328_none_13bf15ab3b5017ce\mshtml.dll
[7] 2008-12-12 . 863FBEECA377800B2AFA4F8E972BEBC0 . 3593216 . . [7.00.6000.16788] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16788_none_110e58cc253c9192\mshtml.dll
[7] 2008-12-12 . 616EA8D014AF07FB1DC97B7432794AA6 . 3594752 . . [7.00.6000.20973] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20973_none_119dc5f73e5693df\mshtml.dll
[7] 2008-10-16 . B1AE727959358E4FE72D7FE6DC6736E8 . 3578880 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18157_none_131406ec224bb559\mshtml.dll
[7] 2008-10-16 . 8B03B6121C4A55BF48B56BFAF962F879 . 3593216 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16764_none_111ff77c252ff454\mshtml.dll
[7] 2008-10-16 . 6D4AAAAAEB494F78610AE792EC6B3E77 . 3579392 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22288_none_137e343d3b80c24d\mshtml.dll
[7] 2008-10-16 . CF807C36C2E1984104D173B9DE1BCBCD . 3595264 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20937_none_11cd06cf3e328977\mshtml.dll
[7] 2008-04-21 . 3AE6072A86AD8049DD133DB40F73F0C8 . 3591680 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll
[7] 2008-04-21 . ED2588D1864319C54E79443130A8004B . 3593728 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll
[7] 2008-04-21 . 9C4091CD321D6D8BCF9842F109EE574B . 3578368 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll
[7] 2008-04-21 . 977C356E655F357665310C0C95D0DBD4 . 3578368 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll
[7] 2008-01-21 . 48E05FD07045BB2E5CFC43C970CAF1E7 . 3578368 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll
.
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\System32\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[7] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[7] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
.
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[7] 2008-01-21 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
.
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
[7] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll
[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.18702] . . c:\windows\System32\wininet.dll
[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll
[7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll
[7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll
[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[7] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[7] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[7] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[7] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[7] 2009-05-12 . 4BEDA2520729640D927E09A51AB916C4 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll
[7] 2009-05-09 . D78B62CC91F043CED52F23F0085E7FE2 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll
[7] 2009-04-24 . D94BDEEF2E47EB4A46B957253C697F01 . 827392 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll
[7] 2009-04-24 . 64EAF7CF461A15DB4EAEB1D50A10E88E . 827904 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll
[7] 2009-04-24 . E7D90AF9B0C7FA98DF353E022EE1C63E . 828928 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll
[7] 2009-04-24 . 77C60DD61D21777734B1C945540473A4 . 828416 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll
[7] 2009-04-24 . 07DBFC0759F61E95901AF2B2D4E83451 . 828416 . . [7.00.6002.22121] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll
[7] 2009-04-23 . 24CBE22F35941FBFD6144A5C011EA999 . 828416 . . [7.00.6002.18024] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[7] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll
[7] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll
[7] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll
[7] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll
[7] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[7] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[7] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[7] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
[7] 2008-10-16 . 8F89FFECF6989DD7D9ECCEC6D95D7419 . 827392 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll
[7] 2008-10-16 . F18C1B151A0B18C35BF0919A9BA0FA0F . 826368 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll
[7] 2008-10-16 . 4944C9FFE8903A276590D4215F74B937 . 827904 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll
[7] 2008-10-16 . 622FE627D15DD920238A993021F0A4D1 . 827904 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll
[7] 2008-04-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[7] 2008-04-21 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[7] 2008-04-21 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[7] 2008-04-21 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[7] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
.
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[7] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[7] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[7] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[7] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[7] 2008-01-21 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
.
[7] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe
[7] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[7] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
.
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[7] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[7] 2008-01-21 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
.
[7] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[7] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[7] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[7] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[7] 2008-01-21 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
[7] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[7] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
.
[7] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[7] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
.
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[7] 2008-01-21 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
.
[7] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[7] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
.
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6000.16386] . . c:\windows\System32\drivers\AGP440.sys
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[7] 2006-11-02 . EF23439CDD587F64C2C1B8825CEAD7D8 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
.
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[7] 2011-06-20 . A94B3B8B4B35ACA0290A2A8CC2977094 . 3603856 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntkrnlpa.exe
[7] 2011-06-20 . 31AD5148F09D539BAF06D0A0FA53CD8B . 3602832 . . [6.0.6002.18484] . . c:\windows\System32\ntkrnlpa.exe
[7] 2011-06-20 . 31AD5148F09D539BAF06D0A0FA53CD8B . 3602832 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntkrnlpa.exe
[7] 2010-10-15 . 950C425C9E1FA4DDEC8A6B7915E3D892 . 3600272 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntkrnlpa.exe
[7] 2010-10-15 . C391DF1007E54B1FE06A4EF02DB6FA61 . 3602320 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntkrnlpa.exe
[7] 2010-10-15 . 3BEF21D45A74AD2C6EAD894BA6C6A502 . 3602832 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntkrnlpa.exe
[7] 2010-10-15 . FEB9209E1D2B97DB4AE8FBF1DB0F54B6 . 3603856 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntkrnlpa.exe
[7] 2010-06-08 . 3FAFA4C0567D205F56C15D8B9D469F9D . 3601792 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntkrnlpa.exe
[7] 2010-06-08 . E3A2697835A14C75B233606357AB46DD . 3600768 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntkrnlpa.exe
[7] 2010-06-08 . 4F332C0A64F4209EB322DB35310BA879 . 3598216 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntkrnlpa.exe
[7] 2010-06-08 . 560C7E5036D6D0F9CC4AED5DE885DB8A . 3600784 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntkrnlpa.exe
[7] 2010-02-18 . AF2FC3FE3AD6860A808B237171BA6EED . 3600776 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntkrnlpa.exe
[7] 2010-02-18 . D8077969EE22B889B793D076FDCA7066 . 3502480 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntkrnlpa.exe
[7] 2010-02-18 . C2334AE54E10BCA2631660F649010B03 . 3598216 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntkrnlpa.exe
[7] 2010-02-18 . 642161C66547496ACCD2794AB6B4284F . 3504008 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntkrnlpa.exe
[7] 2010-02-18 . 1FED62B16D372E169CF355B2F3210A65 . 3601800 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntkrnlpa.exe
[7] 2010-02-18 . 8BBC454D2F91D92E3E73DB5B5A0D8D8E . 3600776 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntkrnlpa.exe
[7] 2009-12-08 . D2859DAE5F6730DF5BF1C25CFC376797 . 3503704 . . [6.0.6000.21175] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntkrnlpa.exe
[7] 2009-12-08 . 84D47D16C6E7FB61D3A2F7738838A57B . 3502168 . . [6.0.6000.16973] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntkrnlpa.exe
[7] 2009-12-08 . C89111B0489D5CF7B14CBDB5D225A88F . 3597912 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntkrnlpa.exe
[7] 2009-12-08 . 4A65C0C8743AD660A9DE8C2B68218FC7 . 3600472 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntkrnlpa.exe
[7] 2009-12-08 . C481B4F271D3D234B93E19F5531D1D55 . 3601464 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntkrnlpa.exe
[7] 2009-12-08 . 735CDD610B7A0E7B5C6A153DD45ECE32 . 3600456 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntkrnlpa.exe
[7] 2009-08-05 . 2E6E7BA5C8764F80ADA7D4C98E8B5D4A . 3599960 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntkrnlpa.exe
[7] 2009-08-05 . FF493ACD34EE896B8D114918439FAF10 . 3502152 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntkrnlpa.exe
[7] 2009-08-05 . FBA1B3594C1F691F1FA917ADE45D1DB5 . 3597896 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntkrnlpa.exe
[7] 2009-08-05 . 5FBCBEBDC19FB9A3F9C102D30FCD1E9E . 3599928 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntkrnlpa.exe
[7] 2009-08-05 . 6AD406205B25DC4EFBBCB044744248AD . 3503688 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntkrnlpa.exe
[7] 2009-08-04 . 0517782FC7FEDBEBFAD15566E75B732F . 3600456 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntkrnlpa.exe
[7] 2009-04-11 . 1260BEACF2F023807A1087BBB0E15BBD . 3601896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntkrnlpa.exe
[7] 2009-03-03 . FEB3FB3309EBA85917BDE7F4FD019C9D . 3599328 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntkrnlpa.exe
[7] 2009-03-03 . 641C0F376136E5B6F389016EC48374D2 . 3600880 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntkrnlpa.exe
[7] 2009-03-03 . 06BCF21AAA1890328D1F58F0ACBE668D . 3503584 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntkrnlpa.exe
[7] 2009-03-03 . 191C702B48681FB2BA5A96F416207ACF . 3505120 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntkrnlpa.exe
[7] 2008-10-21 . 20233E2CA894EC3C9C0D695409352478 . 3600136 . . [6.0.6001.22291] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22291_none_6c59b14fcd88c429\ntkrnlpa.exe
[7] 2008-10-21 . 11FD4442D45AD92C9F7C00C27E75A5B1 . 3504904 . . [6.0.6000.20940] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20940_none_6aa883e1d03a8b53\ntkrnlpa.exe
[7] 2008-09-18 . 3EB08788832D9048C617559CEFD208CF . 3601464 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntkrnlpa.exe
[7] 2008-09-18 . DC870DCAA25E5CC1C8A50FAC19CCED45 . 3601976 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntkrnlpa.exe
[7] 2008-09-18 . E67F6247029F6311E643532D2CFFE667 . 3505208 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntkrnlpa.exe
[7] 2008-09-18 . 084A3A26A3D1A75D0705D963C0289DD5 . 3506744 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntkrnlpa.exe
[7] 2008-04-26 . 6BB1994F5B62FEF6268F1EBB4014E293 . 3600952 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntkrnlpa.exe
[7] 2008-04-26 . 68EEF02A8846442FE98AD0E0517EE6BC . 3601464 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntkrnlpa.exe
[7] 2008-01-21 . FE51E8DBBEF2D01EF886499FECBF2D78 . 3600440 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntkrnlpa.exe
.
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[7] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[7] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[7] 2008-01-21 02:23 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[7] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
.
[7] 2011-09-30 . 0E1695AD4C30E72D68170F01B4818A80 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23250_none_129e8cd2491214ae\iexplore.exe
[7] 2011-09-30 . 7ACBBC85FCE4989B533220FC3B291633 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19154_none_1218f12f2ff0da40\iexplore.exe
[7] 2011-07-23 . 4D08A4234D645EFCB30605CC0BFA87F4 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23216_none_12cfce3e48ec3cf4\iexplore.exe
[7] 2011-07-23 . 04D1DC458C723B291179F8449ACC281D . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19120_none_12355fcb2fdc2111\iexplore.exe
[7] 2011-05-28 . 7EE10C5413AD7ED1AF9E8FAE1B58FC3E . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_127f1b72492984b1\iexplore.exe
[7] 2011-05-28 . ED65737D70FDEAC29F738E77D2496EE5 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_11fc80ad30059648\iexplore.exe
[7] 2011-02-22 . 9CE5543464432CA73134F170FA2BF823 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_12ac5bb64907479b\iexplore.exe
[7] 2011-02-22 . C1D36A2CBE0CEC4DF593DB1288CF586E . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_1227c05d2fe52684\iexplore.exe
[7] 2010-12-18 . 7852371DA9EFBC17B645558E23780EAC . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_12cacae648f0c11a\iexplore.exe
[7] 2010-12-18 . B988D7F127B94BD5BF8356FE81B985C4 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_1249306b2fcbec08\iexplore.exe
[7] 2010-11-02 . 92A17B0A89D14815AACC62CD190B6CE3 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_127449a04931a37b\iexplore.exe
[7] 2010-11-02 . 5AB037B17F8A87D052F5A88E0D29A3C8 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_11f2d8e9300c984e\iexplore.exe
[7] 2010-09-08 . 4A719476A6393B1DCACFEB4F3AC6599C . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_129abb204913e7b2\iexplore.exe
[7] 2010-09-08 . D5A730DFDEAE005373E62BC2A866E3BB . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_120477992ffffb10\iexplore.exe
[7] 2010-06-26 . F05B3A2C6CB319DD1377AD566CF5ECE5 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_12a958f24909fe6f\iexplore.exe
[7] 2010-06-26 . 7420BE0E7D3D1320054F7ACA0594953D . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_1222e6c92fe9748f\iexplore.exe
[7] 2010-05-04 . 48A6109E8DF0365195298CC527B7426A . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\iexplore.exe
[7] 2010-05-04 . 5C9B1062EA7A44E8F6BFDE994B68C7AA . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\iexplore.exe
[7] 2010-02-23 . 25DB705A7DC85C208B3CF2D20F118AA7 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\iexplore.exe
[7] 2010-02-23 . 9F52FBE99C749E3F32C75124F09F1B03 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\iexplore.exe
[7] 2010-01-02 . 3D8DA00B028DEA9517066F1CECBFC4A2 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_128c11ea491f6b05\iexplore.exe
[7] 2010-01-02 . 88BD42DAE7CFFEB256CA7145A15E4843 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_11f6a4e9300acdd5\iexplore.exe
[7] 2009-11-21 . E7F8DF50E483D165BB01F367D3519AA7 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_12a4b2a0490c7f28\iexplore.exe
[7] 2009-11-21 . 1B6362BB14FCEB9E76BCF9A953B04788 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_120f459f2ff7e1f8\iexplore.exe
[7] 2009-08-27 . 7DD482E4A2E3CBB0A72F718C342F5B75 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\iexplore.exe
[7] 2009-08-27 . 2E48756F12C21F46895036AC089AAD97 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\iexplore.exe
[7] 2009-07-22 . 4B5AEA50CE77FBA4C2D169622DC9B489 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe
[7] 2009-07-21 . C33BD196A0301F9B23D9A003D30ED8B0 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe
[7] 2009-04-24 . 1F44940EF1D07D0BDAF80E55853DFBD0 . 634648 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe
[7] 2009-04-24 . F294D8EEB05C835EC44A12CE0A1DFE7A . 634632 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe
[7] 2009-04-24 . D5271AC4A06AD9D1E2EA0151B79B2657 . 634648 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe
[7] 2009-04-24 . D6157423C117F24D24695866A1D0A93F . 634648 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe
[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe
[7] 2009-03-03 . 9E6C1527D9A2C64BFD780AA23075380F . 636072 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_2f5265b91a094b03\iexplore.exe
[7] 2009-03-03 . 8BA2B7A05F88BE0D45237A0994AD8366 . 636072 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_2f9e23da3354de78\iexplore.exe
[7] 2009-03-03 . EA4BE33726155F89D89A3FE7142878E0 . 636072 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_2d5b556b1cf03df9\iexplore.exe
[7] 2009-03-03 . 1DD66A2851DACDEC32EAE8F9A8865ABD . 636072 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_2df29b2236034119\iexplore.exe
[7] 2009-01-15 . F0B1CA517977BA2FF6DA33F1B966C488 . 634024 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\iexplore.exe
[7] 2009-01-15 . 0844F5B9CB3BB85A917D347EF1565B6C . 634024 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\iexplore.exe
[7] 2008-10-16 . D762642A109433EEDCD332B0A9511137 . 634024 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\iexplore.exe
[7] 2008-10-16 . 4CBA2F58668F2D5F3259CBE73E227F25 . 634024 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\iexplore.exe
[7] 2008-04-21 . 9437CA21CD48C9B6BFD6F5AC0143D251 . 625664 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\iexplore.exe
[7] 2008-04-21 . 182CAF7403705ACCB51211A761080B8F . 625664 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\iexplore.exe
[7] 2008-01-21 . 5B92133D3E7FB2644677686305E29E81 . 625664 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe
.
.
.
[7] 2011-06-20 . BF4B9F40116DF26B2FC7C20CB69B9D9A . 3552144 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntoskrnl.exe
[7] 2011-06-20 . C73E0BEB5062C94B68581642304F7BB4 . 3550096 . . [6.0.6002.18484] . . c:\windows\System32\ntoskrnl.exe
[7] 2011-06-20 . C73E0BEB5062C94B68581642304F7BB4 . 3550096 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntoskrnl.exe
[7] 2010-10-15 . A573338BDCED710795C618EA5FCF48D5 . 3548048 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe
[7] 2010-10-15 . 8B5EEAA99965E26C3FBB9FAC8BD3B6A1 . 3552144 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe
[7] 2010-10-15 . F276ABE13DD0BA1024A42A443E47A4A2 . 3550608 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe
[7] 2010-10-15 . 1ACD7FC485D0E0FF9097E08900D834CC . 3550096 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe
[7] 2010-06-08 . C5AB434D0C8FA38EAD136FB29E2504B7 . 3550600 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe
[7] 2010-06-08 . F2BEE482023F146CF85EBB15B9E1CD35 . 3548040 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe
[7] 2010-06-08 . D5FA5D17F03E6D39E1A12431DD6F2A39 . 3545992 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe
[7] 2010-06-08 . 47DB9968B8CF2031C46007F42CCE2437 . 3548552 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe
[7] 2010-02-18 . C5759C9345A06EE52C7F5ECCF685CA6D . 3548560 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntoskrnl.exe
[7] 2010-02-18 . DC44BF78DEB87B7737D0D29B5B8EDAE3 . 3468168 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntoskrnl.exe
[7] 2010-02-18 . 6025E5530E2C43E1983CC8B840DF2108 . 3545992 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntoskrnl.exe
[7] 2010-02-18 . F8BEC470EAA8621751F739585C5871CD . 3470216 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntoskrnl.exe
[7] 2010-02-18 . 31289DD6914686D088582EED4B43F826 . 3550088 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntoskrnl.exe
[7] 2010-02-18 . A5D0B405442724448D23D61821BEA92A . 3548040 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntoskrnl.exe
[7] 2009-12-08 . 2972EEF8E834883EEC7C1995639341EF . 3469912 . . [6.0.6000.21175] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntoskrnl.exe
[7] 2009-12-08 . CD2EEBFA39E742C8C066CCE09382A19B . 3467848 . . [6.0.6000.16973] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntoskrnl.exe
[7] 2009-12-08 . 20D040ECE9A8F578D1D938256F34B663 . 3546200 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntoskrnl.exe
[7] 2009-12-08 . D32E95B17477E183F6019A99BE799BA9 . 3548760 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntoskrnl.exe
[7] 2009-12-08 . FB82B0147B7D93379B68F8A6A5828C70 . 3550264 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntoskrnl.exe
[7] 2009-12-08 . 664CA09C523FAB9D01BE6C4028C1B58B . 3548216 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntoskrnl.exe
[7] 2009-08-05 . 3EEEDCCFB587BCB0E2DE075332498C11 . 3547736 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe
[7] 2009-08-05 . 4765C66A89E7151626FF3545B01D2601 . 3467864 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe
[7] 2009-08-05 . 5302026B0FADB0819009798D3F6BCD77 . 3546184 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe
[7] 2009-08-05 . 09C5FB44F152EFF551A112C931DDE640 . 3548216 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe
[7] 2009-08-05 . D8DCA438CE571DB20BD8C4915CAC0760 . 3469896 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe
[7] 2009-08-04 . 575DD16BF4C21C2F7E2BBE203AC1E957 . 3548216 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe
[7] 2009-04-11 . 6798DBF3F25721637AEF5B6C69911C9C . 3549672 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
[7] 2009-03-03 . 393BB8FE05D66ABA7B091E6032179272 . 3547632 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe
[7] 2009-03-03 . DFF34C5D66AB4BF1EED47BF19D1267BB . 3548656 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe
[7] 2009-03-03 . 3910FE042C707E6BACD0FEC5AB9ECDE6 . 3469280 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe
[7] 2009-03-03 . 808C86316AED98716C5F305A6265F393 . 3471328 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe
[7] 2008-10-21 . 1B0A61525475D7A804F7A54F528B71B2 . 3547912 . . [6.0.6001.22291] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22291_none_6c59b14fcd88c429\ntoskrnl.exe
[7] 2008-10-21 . 097408D009BE543CFBF6F1703F73324B . 3471112 . . [6.0.6000.20940] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20940_none_6aa883e1d03a8b53\ntoskrnl.exe
[7] 2008-09-18 . 1FD3E8BFFD38F9B145E4B2B238B692F7 . 3549240 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe
[7] 2008-09-18 . DEA801F2D9FD1DB35ED6B9BC4A6657F1 . 3549752 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe
[7] 2008-09-18 . 03279407E78F76BA1131DAB35A5E55C0 . 3470904 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe
[7] 2008-09-18 . 1E09CE4D9BB7B6521FB023CAE2E55F63 . 3472952 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe
[7] 2008-04-26 . C9CD31B3CBA8134F2B47FB5E78376ACC . 3549240 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe
[7] 2008-04-26 . 22D444D3D88A4C299894B3638A114BF7 . 3549240 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe
[7] 2008-01-21 . 6700F35EBA206E5C89AC27C9A124DC01 . 3548728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe
.
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll
[7] 2008-01-21 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll
.
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll
[7] 2008-01-21 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[7] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
.
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a7347e8c-1ca6-469b-951e-4a23c4437935}"= "c:\program files\TV_Center\tbTV_C.dll" [2009-07-15 2224152]
.
[HKEY_CLASSES_ROOT\clsid\{a7347e8c-1ca6-469b-951e-4a23c4437935}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a7347e8c-1ca6-469b-951e-4a23c4437935}]
2009-07-15 09:09 2224152 ----a-w- c:\program files\TV_Center\tbTV_C.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C3947F4E-8894-4C04-98E0-DF182C706DDF}]
2010-12-09 16:02 86696 ----a-w- c:\program files\wbtooltb\wbtoolDx.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-07-15 04:46 195360 ----a-w- c:\program files\Yontoo Layers Runtime\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a7347e8c-1ca6-469b-951e-4a23c4437935}"= "c:\program files\TV_Center\tbTV_C.dll" [2009-07-15 2224152]
"{C3947F4E-8894-4C04-98E0-DF182C706DDF}"= "c:\program files\wbtooltb\wbtoolDx.dll" [2010-12-09 86696]
.
[HKEY_CLASSES_ROOT\clsid\{a7347e8c-1ca6-469b-951e-4a23c4437935}]
.
[HKEY_CLASSES_ROOT\clsid\{c3947f4e-8894-4c04-98e0-df182c706ddf}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A7347E8C-1CA6-469B-951E-4A23C4437935}"= "c:\program files\TV_Center\tbTV_C.dll" [2009-07-15 2224152]
.
[HKEY_CLASSES_ROOT\clsid\{a7347e8c-1ca6-469b-951e-4a23c4437935}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Scott\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Scott\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Scott\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"com.codeode.privacymantra"="c:\program files\Privacy Mantra 2.05\privacymantra.exe" [2008-07-10 974848]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-16 39408]
"NCsoft Launcher"="c:\program files\NCSoft\Launcher\NCLauncher.exe" [2012-01-17 38704]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"chromium"="c:\program files\Google\Chrome\Application\chrome.exe" [2012-01-05 1047024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpareMessaging"="c:\program files\Spare Messaging\MessagingApp.exe" [2007-11-28 42824]
"UpdateP2GShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-13 6139904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"Reader Library Launcher"="c:\program files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" [2010-07-13 906648]
"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2011-06-21 1984832]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2010-12-13 223400]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]
.
c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-12-5 24242056]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Philips SA19xx Device Manager.lnk - c:\program files\Philips\GoGear SA19xx Device Manager\main.exe [2010-11-11 124760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-23 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-14 20:27]
.
2012-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 14:34]
.
2012-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 14:34]
.
2012-01-24 c:\windows\Tasks\User_Feed_Synchronization-{749CB4D8-C4E8-4045-8BDB-4DBD5E116D3D}.job
- c:\windows\system32\msfeedssync.exe [2011-10-12 21:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://news.sky.com/home/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
Trusted Zone: kuaiche.com\software
Trusted Zone: line6.net
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\bl65kaeq.default\
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} - (no file)
HKCU-Run-FlashGet 3 - c:\users\Scott\Downloads\FlashGet\FlashGet3.exe
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-PlayNC Launcher - (no file)
HKCU-Run-OncIhcuy - c:\users\Scott\AppData\Local\ghkvwcli\oncihcuy.exe
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
HKLM-Run-Turbine Download Manager Tray Icon - c:\program files\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon.exe
AddRemove-Audacity_is1 - c:\program files\Audacity\unins000.exe
AddRemove-Cakewalk VST Adapter 4.4.4.0 - c:\progra~1\Cakewalk\CAKEWA~1\UNWISE.EXE
AddRemove-Champions Online - d:\program files\Cryptic Studios\Uninstall Champions Online.exe
AddRemove-Sonar Producer Edition v4.0.2 - c:\progra~1\Cakewalk\SONAR4~1\UNWISE.EXE
AddRemove-SONAR8Producer_is1 - d:\program files\Cakewalk\SONAR 8 Producer Edition\unins000.exe
AddRemove-Steinberg Cubase SX v3.1.1.944 - c:\progra~1\STEINB~1\CUBASE~1\UNWISE.EXE
AddRemove-VST Bridge_is1 - c:\program files\Audacity\Plug-ins\VST Bridge\unins000.exe
AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\progra~2\TARMAI~1\{889DF~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-24 14:09
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-336274091-882255576-533055083-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X*v*i*D*-*A*R*R*O*W*-*M*F*D*s*s*"!\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-336274091-882255576-533055083-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1489D426-94C6-4398-13B7-5D872E33BFCA}*]
"oaaihmpfninanalhbhjphojdjniklb"=hex:64,61,64,6b,69,6b,63,68,00,49
"oaebhaabonmbkjodfgjcinmppbojcg"=hex:6a,61,64,6b,65,6a,62,64,65,6d,64,6c,67,65,
66,6e,67,63,6c,6f,00,00
"nakabjafnlgdeepfflengiicajem"=hex:6a,61,61,6b,61,6b,66,69,67,70,69,64,62,66,
70,6e,69,6c,66,62,00,00
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4044)
c:\users\Scott\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2012-01-24 14:28:03 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-24 14:28
.
Pre-Run: 294,159,421,440 bytes free
Post-Run: 294,267,699,200 bytes free
.
- - End Of File - - EB7C06F0377A9DBE523F37754F845262

TDSS

14:31:06.0497 5588 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
14:31:06.0980 5588 ============================================================
14:31:06.0980 5588 Current date / time: 2012/01/24 14:31:06.0980
14:31:06.0980 5588 SystemInfo:
14:31:06.0980 5588
14:31:06.0980 5588 OS Version: 6.0.6002 ServicePack: 2.0
14:31:06.0980 5588 Product type: Workstation
14:31:06.0980 5588 ComputerName: FAMILY-PC
14:31:06.0980 5588 UserName: Scott
14:31:06.0980 5588 Windows directory: C:\Windows
14:31:06.0980 5588 System windows directory: C:\Windows
14:31:06.0980 5588 Processor architecture: Intel x86
14:31:06.0980 5588 Number of processors: 4
14:31:06.0980 5588 Page size: 0x1000
14:31:06.0980 5588 Boot type: Normal boot
14:31:06.0980 5588 ============================================================
14:31:08.0556 5588 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:31:08.0961 5588 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:31:09.0211 5588 Initialize success
14:31:10.0833 5640 ============================================================
14:31:10.0833 5640 Scan started
14:31:10.0833 5640 Mode: Manual;
14:31:10.0833 5640 ============================================================
14:31:11.0910 5640 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:31:11.0910 5640 ACPI - ok
14:31:11.0957 5640 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:31:11.0972 5640 adp94xx - ok
14:31:12.0003 5640 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:31:12.0003 5640 adpahci - ok
14:31:12.0019 5640 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:31:12.0019 5640 adpu160m - ok
14:31:12.0050 5640 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:31:12.0050 5640 adpu320 - ok
14:31:12.0097 5640 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:31:12.0113 5640 AFD - ok
14:31:12.0144 5640 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:31:12.0144 5640 agp440 - ok
14:31:12.0159 5640 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:31:12.0159 5640 aic78xx - ok
14:31:12.0191 5640 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:31:12.0191 5640 aliide - ok
14:31:12.0222 5640 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:31:12.0222 5640 amdagp - ok
14:31:12.0237 5640 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:31:12.0253 5640 amdide - ok
14:31:12.0253 5640 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:31:12.0269 5640 AmdK7 - ok
14:31:12.0300 5640 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
14:31:12.0300 5640 AmdK8 - ok
14:31:12.0347 5640 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
14:31:12.0347 5640 androidusb - ok
14:31:12.0409 5640 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:31:12.0409 5640 arc - ok
14:31:12.0440 5640 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:31:12.0440 5640 arcsas - ok
14:31:12.0487 5640 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:31:12.0487 5640 AsyncMac - ok
14:31:12.0518 5640 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
14:31:12.0518 5640 atapi - ok
14:31:12.0596 5640 AVerBDA3x (1dcee9bf401a3bbd746dc018b63e32fc) C:\Windows\system32\DRIVERS\AVerBDA3x.sys
14:31:12.0643 5640 AVerBDA3x - ok
14:31:12.0674 5640 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:31:12.0690 5640 Beep - ok
14:31:12.0830 5640 BHDrvx86 (e685ba3267c5a4ec4ce9e2b4a1481725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHDrvx86.sys
14:31:12.0846 5640 BHDrvx86 - ok
14:31:12.0971 5640 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:31:12.0971 5640 blbdrive - ok
14:31:13.0033 5640 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:31:13.0049 5640 bowser - ok
14:31:13.0080 5640 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:31:13.0080 5640 BrFiltLo - ok
14:31:13.0095 5640 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:31:13.0095 5640 BrFiltUp - ok
14:31:13.0127 5640 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:31:13.0127 5640 Brserid - ok
14:31:13.0158 5640 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:31:13.0158 5640 BrSerWdm - ok
14:31:13.0173 5640 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:31:13.0173 5640 BrUsbMdm - ok
14:31:13.0189 5640 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:31:13.0189 5640 BrUsbSer - ok
14:31:13.0220 5640 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:31:13.0220 5640 BTHMODEM - ok
14:31:13.0236 5640 catchme - ok
14:31:13.0251 5640 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:31:13.0267 5640 cdfs - ok
14:31:13.0283 5640 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:31:13.0283 5640 cdrom - ok
14:31:13.0329 5640 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:31:13.0329 5640 circlass - ok
14:31:13.0361 5640 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:31:13.0361 5640 CLFS - ok
14:31:13.0392 5640 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:31:13.0392 5640 cmdide - ok
14:31:13.0423 5640 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
14:31:13.0423 5640 Compbatt - ok
14:31:13.0439 5640 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:31:13.0439 5640 crcdisk - ok
14:31:13.0470 5640 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:31:13.0470 5640 Crusoe - ok
14:31:13.0532 5640 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:31:13.0532 5640 DfsC - ok
14:31:13.0610 5640 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:31:13.0610 5640 disk - ok
14:31:13.0657 5640 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:31:13.0657 5640 drmkaud - ok
14:31:13.0704 5640 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:31:13.0719 5640 DXGKrnl - ok
14:31:13.0751 5640 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:31:13.0751 5640 E1G60 - ok
14:31:13.0797 5640 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:31:13.0797 5640 Ecache - ok
14:31:13.0891 5640 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
14:31:13.0891 5640 eeCtrl - ok
14:31:13.0985 5640 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:31:13.0985 5640 elxstor - ok
14:31:14.0016 5640 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:31:14.0016 5640 EraserUtilRebootDrv - ok
14:31:14.0047 5640 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:31:14.0063 5640 ErrDev - ok
14:31:14.0109 5640 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:31:14.0109 5640 exfat - ok
14:31:14.0141 5640 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:31:14.0141 5640 fastfat - ok
14:31:14.0172 5640 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:31:14.0172 5640 fdc - ok
14:31:14.0203 5640 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:31:14.0219 5640 FileInfo - ok
14:31:14.0234 5640 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:31:14.0234 5640 Filetrace - ok
14:31:14.0250 5640 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:31:14.0250 5640 flpydisk - ok
14:31:14.0297 5640 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:31:14.0297 5640 FltMgr - ok
14:31:14.0343 5640 FSProFilter (3528c9ec493ca524a877d217c7d51600) C:\Windows\system32\Drivers\FSPFltd.sys
14:31:14.0359 5640 FSProFilter - ok
14:31:14.0390 5640 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
14:31:14.0390 5640 fssfltr - ok
14:31:14.0468 5640 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:31:14.0499 5640 Fs_Rec - ok
14:31:14.0593 5640 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:31:14.0593 5640 gagp30kx - ok
14:31:14.0624 5640 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:31:14.0624 5640 GEARAspiWDM - ok
14:31:14.0687 5640 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
14:31:14.0702 5640 HdAudAddService - ok
14:31:14.0733 5640 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:31:14.0749 5640 HDAudBus - ok
14:31:14.0780 5640 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:31:14.0780 5640 HidBth - ok
14:31:14.0811 5640 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:31:14.0811 5640 HidIr - ok
14:31:14.0858 5640 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:31:14.0858 5640 HidUsb - ok
14:31:14.0874 5640 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:31:14.0889 5640 HpCISSs - ok
14:31:14.0921 5640 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
14:31:14.0936 5640 HTTP - ok
14:31:14.0952 5640 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:31:14.0952 5640 i2omp - ok
14:31:14.0999 5640 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:31:14.0999 5640 i8042prt - ok
14:31:15.0077 5640 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:31:15.0092 5640 ialm - ok
14:31:15.0186 5640 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:31:15.0201 5640 iaStorV - ok
14:31:15.0342 5640 IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120121.005\IDSvix86.sys
14:31:15.0342 5640 IDSVix86 - ok
14:31:15.0420 5640 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:31:15.0435 5640 iirsp - ok
14:31:15.0513 5640 IntcAzAudAddService (fbbe3f1697d393be685cd6192b1ec95a) C:\Windows\system32\drivers\RTKVHDA.sys
14:31:15.0545 5640 IntcAzAudAddService - ok
14:31:15.0576 5640 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
14:31:15.0576 5640 intelide - ok
14:31:15.0607 5640 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:31:15.0607 5640 intelppm - ok
14:31:15.0638 5640 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:31:15.0638 5640 IpFilterDriver - ok
14:31:15.0654 5640 IpInIp - ok
14:31:15.0669 5640 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:31:15.0669 5640 IPMIDRV - ok
14:31:15.0701 5640 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:31:15.0701 5640 IPNAT - ok
14:31:15.0763 5640 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
14:31:15.0763 5640 irda - ok
14:31:15.0779 5640 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:31:15.0779 5640 IRENUM - ok
14:31:15.0779 5640 irsir (5896b5ff6332ab2be1582523e9656a67) C:\Windows\system32\DRIVERS\irsir.sys
14:31:15.0779 5640 irsir - ok
14:31:15.0810 5640 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:31:15.0810 5640 isapnp - ok
14:31:15.0857 5640 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:31:15.0857 5640 iScsiPrt - ok
14:31:15.0888 5640 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:31:15.0888 5640 iteatapi - ok
14:31:15.0935 5640 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:31:15.0935 5640 iteraid - ok
14:31:15.0966 5640 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:31:15.0966 5640 kbdclass - ok
14:31:15.0981 5640 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
14:31:15.0981 5640 kbdhid - ok
14:31:16.0028 5640 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
14:31:16.0044 5640 KSecDD - ok
14:31:16.0091 5640 L6PODLV (27207f289cbf01d46e4f5f7a261aa4ac) C:\Windows\system32\Drivers\L6PODLV.sys
14:31:16.0106 5640 L6PODLV - ok
14:31:16.0137 5640 L6TPortB (0e2e3cabb4723b78441e58e5899d82d9) C:\Windows\system32\Drivers\L6TPortB.sys
14:31:16.0153 5640 L6TPortB - ok
14:31:16.0169 5640 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:31:16.0184 5640 lltdio - ok
14:31:16.0215 5640 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:31:16.0215 5640 LSI_FC - ok
14:31:16.0231 5640 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:31:16.0247 5640 LSI_SAS - ok
14:31:16.0262 5640 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:31:16.0262 5640 LSI_SCSI - ok
14:31:16.0278 5640 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:31:16.0278 5640 luafv - ok
14:31:16.0309 5640 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:31:16.0309 5640 megasas - ok
14:31:16.0356 5640 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:31:16.0371 5640 MegaSR - ok
14:31:16.0403 5640 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:31:16.0418 5640 Modem - ok
14:31:16.0434 5640 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:31:16.0434 5640 monitor - ok
14:31:16.0449 5640 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:31:16.0449 5640 mouclass - ok
14:31:16.0465 5640 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:31:16.0465 5640 mouhid - ok
14:31:16.0481 5640 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:31:16.0481 5640 MountMgr - ok
14:31:16.0512 5640 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:31:16.0512 5640 mpio - ok
14:31:16.0543 5640 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:31:16.0543 5640 mpsdrv - ok
14:31:16.0574 5640 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:31:16.0574 5640 Mraid35x - ok
14:31:16.0605 5640 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:31:16.0605 5640 MRxDAV - ok
14:31:16.0637 5640 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:31:16.0637 5640 mrxsmb - ok
14:31:16.0668 5640 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:31:16.0683 5640 mrxsmb10 - ok
14:31:16.0699 5640 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:31:16.0699 5640 mrxsmb20 - ok
14:31:16.0746 5640 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
14:31:16.0746 5640 msahci - ok
14:31:16.0761 5640 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:31:16.0777 5640 msdsm - ok
14:31:16.0808 5640 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:31:16.0824 5640 Msfs - ok
14:31:16.0839 5640 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:31:16.0839 5640 msisadrv - ok
14:31:16.0886 5640 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:31:16.0886 5640 MSKSSRV - ok
14:31:16.0902 5640 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:31:16.0902 5640 MSPCLOCK - ok
14:31:16.0917 5640 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:31:16.0917 5640 MSPQM - ok
14:31:16.0949 5640 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:31:16.0949 5640 MsRPC - ok
14:31:16.0980 5640 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:31:16.0980 5640 mssmbios - ok
14:31:16.0995 5640 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:31:16.0995 5640 MSTEE - ok
14:31:17.0027 5640 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:31:17.0027 5640 Mup - ok
14:31:17.0073 5640 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:31:17.0073 5640 NativeWifiP - ok
14:31:17.0214 5640 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120123.034\NAVENG.SYS
14:31:17.0214 5640 NAVENG - ok
14:31:17.0276 5640 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120123.034\NAVEX15.SYS
14:31:17.0307 5640 NAVEX15 - ok
14:31:17.0401 5640 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:31:17.0417 5640 NDIS - ok
14:31:17.0463 5640 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:31:17.0463 5640 NdisTapi - ok
14:31:17.0479 5640 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:31:17.0479 5640 Ndisuio - ok
14:31:17.0510 5640 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:31:17.0526 5640 NdisWan - ok
14:31:17.0526 5640 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:31:17.0526 5640 NDProxy - ok
14:31:17.0557 5640 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:31:17.0557 5640 NetBIOS - ok
14:31:17.0588 5640 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:31:17.0588 5640 netbt - ok
14:31:17.0619 5640 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:31:17.0619 5640 nfrd960 - ok
14:31:17.0682 5640 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:31:17.0682 5640 Npfs - ok
14:31:17.0697 5640 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:31:17.0713 5640 nsiproxy - ok
14:31:17.0760 5640 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:31:17.0791 5640 Ntfs - ok
14:31:17.0807 5640 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:31:17.0807 5640 ntrigdigi - ok
14:31:17.0822 5640 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:31:17.0838 5640 Null - ok
14:31:18.0041 5640 nvlddmkm (484844c0d892b42ecc5e6b063d072a38) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:31:18.0103 5640 nvlddmkm - ok
14:31:18.0134 5640 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:31:18.0134 5640 nvraid - ok
14:31:18.0150 5640 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:31:18.0165 5640 nvstor - ok
14:31:18.0181 5640 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:31:18.0181 5640 nv_agp - ok
14:31:18.0197 5640 NwlnkFlt - ok
14:31:18.0197 5640 NwlnkFwd - ok
14:31:18.0243 5640 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
14:31:18.0243 5640 ohci1394 - ok
14:31:18.0290 5640 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
14:31:18.0290 5640 Parport - ok
14:31:18.0306 5640 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:31:18.0306 5640 partmgr - ok
14:31:18.0321 5640 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
14:31:18.0321 5640 Parvdm - ok
14:31:18.0353 5640 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:31:18.0353 5640 pci - ok
14:31:18.0384 5640 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
14:31:18.0384 5640 pciide - ok
14:31:18.0399 5640 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:31:18.0399 5640 pcmcia - ok
14:31:18.0446 5640 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:31:18.0462 5640 PEAUTH - ok
14:31:18.0509 5640 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:31:18.0509 5640 PptpMiniport - ok
14:31:18.0540 5640 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:31:18.0540 5640 Processor - ok
14:31:18.0587 5640 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:31:18.0602 5640 PSched - ok
14:31:18.0649 5640 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:31:18.0680 5640 ql2300 - ok
14:31:18.0696 5640 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:31:18.0711 5640 ql40xx - ok
14:31:18.0727 5640 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:31:18.0727 5640 QWAVEdrv - ok
14:31:18.0743 5640 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:31:18.0743 5640 RasAcd - ok
14:31:18.0774 5640 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:31:18.0774 5640 Rasl2tp - ok
14:31:18.0805 5640 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:31:18.0805 5640 RasPppoe - ok
14:31:18.0836 5640 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:31:18.0836 5640 RasSstp - ok
14:31:18.0883 5640 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:31:18.0883 5640 rdbss - ok
14:31:18.0914 5640 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:31:18.0914 5640 RDPCDD - ok
14:31:18.0930 5640 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:31:18.0945 5640 rdpdr - ok
14:31:18.0945 5640 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:31:18.0945 5640 RDPENCDD - ok
14:31:18.0992 5640 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:31:19.0008 5640 RDPWD - ok
14:31:19.0086 5640 rfastfat - ok
14:31:19.0148 5640 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:31:19.0148 5640 rspndr - ok
14:31:19.0179 5640 RTL8169 (2fc33077f85d7dc0d03678c06d43898c) C:\Windows\system32\DRIVERS\Rtlh86.sys
14:31:19.0195 5640 RTL8169 - ok
14:31:19.0242 5640 RTL85n86 (1bb178fbd7ad334f0bfa3f17f66afef9) C:\Windows\system32\DRIVERS\RTL85n86.sys
14:31:19.0242 5640 RTL85n86 - ok
14:31:19.0273 5640 RtlProt (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
14:31:19.0273 5640 RtlProt - ok
14:31:19.0289 5640 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:31:19.0304 5640 sbp2port - ok
14:31:19.0335 5640 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:31:19.0335 5640 secdrv - ok
14:31:19.0351 5640 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
14:31:19.0351 5640 Serenum - ok
14:31:19.0367 5640 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
14:31:19.0367 5640 Serial - ok
14:31:19.0398 5640 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:31:19.0398 5640 sermouse - ok
14:31:19.0413 5640 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
14:31:19.0413 5640 sffdisk - ok
14:31:19.0445 5640 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:31:19.0445 5640 sffp_mmc - ok
14:31:19.0460 5640 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
14:31:19.0460 5640 sffp_sd - ok
14:31:19.0476 5640 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:31:19.0491 5640 sfloppy - ok
14:31:19.0507 5640 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:31:19.0523 5640 sisagp - ok
14:31:19.0538 5640 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:31:19.0538 5640 SiSRaid2 - ok
14:31:19.0554 5640 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:31:19.0554 5640 SiSRaid4 - ok
14:31:19.0585 5640 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:31:19.0585 5640 Smb - ok
14:31:19.0616 5640 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:31:19.0632 5640 spldr - ok
14:31:19.0663 5640 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS
14:31:19.0694 5640 SRTSP - ok
14:31:19.0725 5640 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS
14:31:19.0725 5640 SRTSPX - ok
14:31:19.0757 5640 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:31:19.0772 5640 srv - ok
14:31:19.0788 5640 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:31:19.0788 5640 srv2 - ok
14:31:19.0803 5640 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:31:19.0819 5640 srvnet - ok
14:31:19.0850 5640 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
14:31:19.0866 5640 ssadbus - ok
14:31:19.0881 5640 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\Windows\system32\DRIVERS\ssadmdfl.sys
14:31:19.0881 5640 ssadmdfl - ok
14:31:19.0913 5640 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\Windows\system32\DRIVERS\ssadmdm.sys
14:31:19.0913 5640 ssadmdm - ok
14:31:19.0959 5640 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:31:19.0959 5640 swenum - ok
14:31:19.0975 5640 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:31:19.0975 5640 Symc8xx - ok
14:31:19.0991 5640 SYMDNS - ok
14:31:20.0037 5640 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS
14:31:20.0053 5640 SymDS - ok
14:31:20.0084 5640 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS
14:31:20.0100 5640 SymEFA - ok
14:31:20.0147 5640 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
14:31:20.0147 5640 SymEvent - ok
14:31:20.0178 5640 SYMFW - ok
14:31:20.0225 5640 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS
14:31:20.0225 5640 SymIRON - ok
14:31:20.0240 5640 SYMNDISV - ok
14:31:20.0240 5640 SYMREDRV - ok
14:31:20.0271 5640 SYMTDIv (5136f99a60ddbdeb1f6fd1eefc44407f) C:\Windows\System32\Drivers\NIS\1206000.01D\SYMTDIV.SYS
14:31:20.0271 5640 SYMTDIv - ok
14:31:20.0287 5640 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:31:20.0303 5640 Sym_hi - ok
14:31:20.0318 5640 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:31:20.0318 5640 Sym_u3 - ok
14:31:20.0365 5640 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
14:31:20.0381 5640 Tcpip - ok
14:31:20.0412 5640 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
14:31:20.0412 5640 Tcpip6 - ok
14:31:20.0443 5640 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:31:20.0443 5640 tcpipreg - ok
14:31:20.0459 5640 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:31:20.0474 5640 TDPIPE - ok
14:31:20.0490 5640 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:31:20.0490 5640 TDTCP - ok
14:31:20.0537 5640 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:31:20.0537 5640 tdx - ok
14:31:20.0568 5640 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:31:20.0568 5640 TermDD - ok
14:31:20.0599 5640 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:31:20.0599 5640 tssecsrv - ok
14:31:20.0630 5640 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:31:20.0630 5640 tunmp - ok
14:31:20.0646 5640 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:31:20.0646 5640 tunnel - ok
14:31:20.0661 5640 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:31:20.0661 5640 uagp35 - ok
14:31:20.0708 5640 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:31:20.0708 5640 udfs - ok
14:31:20.0724 5640 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:31:20.0724 5640 uliagpkx - ok
14:31:20.0755 5640 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:31:20.0755 5640 uliahci - ok
14:31:20.0786 5640 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:31:20.0786 5640 UlSata - ok
14:31:20.0817 5640 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:31:20.0817 5640 ulsata2 - ok
14:31:20.0849 5640 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:31:20.0849 5640 umbus - ok
14:31:20.0911 5640 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:31:20.0911 5640 USBAAPL - ok
14:31:20.0942 5640 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:31:20.0942 5640 usbccgp - ok
14:31:20.0958 5640 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:31:20.0973 5640 usbcir - ok
14:31:21.0005 5640 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:31:21.0005 5640 usbehci - ok
14:31:21.0020 5640 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:31:21.0020 5640 usbhub - ok
14:31:21.0036 5640 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:31:21.0051 5640 usbohci - ok
14:31:21.0067 5640 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:31:21.0067 5640 usbprint - ok
14:31:21.0098 5640 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:31:21.0114 5640 usbscan - ok
14:31:21.0145 5640 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:31:21.0145 5640 USBSTOR - ok
14:31:21.0161 5640 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:31:21.0161 5640 usbuhci - ok
14:31:21.0176 5640 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:31:21.0176 5640 vga - ok
14:31:21.0207 5640 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:31:21.0207 5640 VgaSave - ok
14:31:21.0239 5640 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:31:21.0239 5640 viaagp - ok
14:31:21.0270 5640 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:31:21.0270 5640 ViaC7 - ok
14:31:21.0285 5640 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:31:21.0285 5640 viaide - ok
14:31:21.0301 5640 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:31:21.0301 5640 volmgr - ok
14:31:21.0332 5640 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:31:21.0348 5640 volmgrx - ok
14:31:21.0379 5640 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:31:21.0379 5640 volsnap - ok
14:31:21.0426 5640 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:31:21.0426 5640 vsmraid - ok
14:31:21.0457 5640 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:31:21.0457 5640 WacomPen - ok
14:31:21.0473 5640 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:31:21.0473 5640 Wanarp - ok
14:31:21.0488 5640 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:31:21.0488 5640 Wanarpv6 - ok
14:31:21.0519 5640 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:31:21.0519 5640 Wd - ok
14:31:21.0551 5640 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:31:21.0551 5640 Wdf01000 - ok
14:31:21.0613 5640 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
14:31:21.0613 5640 WmiAcpi - ok
14:31:21.0660 5640 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:31:21.0675 5640 WpdUsb - ok
14:31:21.0722 5640 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:31:21.0722 5640 ws2ifsl - ok
14:31:21.0785 5640 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:31:21.0785 5640 WUDFRd - ok
14:31:21.0816 5640 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
14:31:21.0863 5640 \Device\Harddisk0\DR0 - ok
14:31:21.0878 5640 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
14:31:21.0878 5640 \Device\Harddisk1\DR1 - ok
14:31:21.0878 5640 Boot (0x1200) (308fa6f2a8026892a77427020c9b7011) \Device\Harddisk0\DR0\Partition0
14:31:21.0878 5640 \Device\Harddisk0\DR0\Partition0 - ok
14:31:21.0894 5640 Boot (0x1200) (75fe4f8c9417aa1c763009314b13906c) \Device\Harddisk0\DR0\Partition1
14:31:21.0894 5640 \Device\Harddisk0\DR0\Partition1 - ok
14:31:21.0894 5640 Boot (0x1200) (65f7d60ea3fbdc9c7fca76cb964e9221) \Device\Harddisk1\DR1\Partition0
14:31:21.0894 5640 \Device\Harddisk1\DR1\Partition0 - ok
14:31:21.0894 5640 ============================================================
14:31:21.0894 5640 Scan finished
14:31:21.0894 5640 ============================================================
14:31:21.0909 5628 Detected object count: 0
14:31:21.0909 5628 Actual detected object count: 0
14:32:34.0613 5580 Deinitialize success

aswMBR

aswMBR version 0.9.9.1509 Copyright© 2011 AVAST Software
Run date: 2012-01-24 14:32:44
-----------------------------
14:32:44.595 OS Version: Windows 6.0.6002 Service Pack 2
14:32:44.595 Number of processors: 4 586 0xF0B
14:32:44.595 ComputerName: FAMILY-PC UserName: Scott
14:32:45.905 Initialize success
14:33:42.819 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
14:33:42.835 Disk 0 Vendor: WDC_WD5000AAVS-00ZTB0 01.01B01 Size: 476940MB BusType: 3
14:33:42.835 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-2
14:33:42.835 Disk 1 Vendor: WDC_WD5000AAVS-00ZTB0 01.01B01 Size: 476940MB BusType: 3
14:33:42.850 Disk 0 MBR read successfully
14:33:42.850 Disk 0 MBR scan
14:33:42.866 Disk 0 Windows VISTA default MBR code
14:33:42.866 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9500 MB offset 2048
14:33:42.881 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 19458048
14:33:42.897 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 465938 MB offset 22530048
14:33:42.897 Disk 0 scanning sectors +976771072
14:33:42.975 Disk 0 scanning C:\Windows\system32\drivers
14:33:48.139 Service scanning
14:33:49.808 Modules scanning
14:33:55.736 Scan finished successfully
14:34:12.490 Disk 0 MBR has been saved successfully to "C:\Users\Scott\Desktop\MBR.dat"
14:34:12.490 The log file has been saved successfully to "C:\Users\Scott\Desktop\aswMBR.txt"

OTL

OTL logfile created on: 24/01/2012 14:47:24 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Scott\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 52.29% Memory free
6.68 Gb Paging File | 5.11 Gb Available in Paging File | 76.43% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.02 Gb Total Space | 274.02 Gb Free Space | 60.22% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 86.58 Gb Free Space | 18.59% Space Free | Partition Type: NTFS
Drive F: | 4.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive S: | 1.46 Gb Total Space | 1.42 Gb Free Space | 96.61% Space Free | Partition Type: NTFS

Computer Name: FAMILY-PC | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/24 04:11:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
PRC - [2012/01/17 21:56:04 | 000,038,704 | ---- | M] (NCSoft) -- C:\Program Files\NCSoft\Launcher\NCLauncher.exe
PRC - [2012/01/11 15:02:26 | 000,307,312 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/12/05 19:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/11/29 14:18:51 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/10/15 06:54:58 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/06/21 16:20:16 | 001,984,832 | ---- | M] (FSPro Labs) -- C:\Program Files\My Lockbox\mylbx.exe
PRC - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
PRC - [2010/12/13 12:54:44 | 000,223,400 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2010/07/13 01:34:46 | 000,906,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
PRC - [2009/07/17 13:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/10 13:48:18 | 000,974,848 | ---- | M] (Codeode) -- C:\Program Files\Privacy Mantra 2.05\privacymantra.exe
PRC - [2008/05/13 18:12:54 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/11/28 15:43:08 | 000,042,824 | ---- | M] () -- C:\Program Files\Spare Messaging\MessagingApp.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/15 21:06:33 | 000,217,088 | ---- | M] () -- C:\Program Files\NCSoft\Launcher\UnRar.Net.dll
MOD - [2011/11/15 21:06:32 | 000,024,576 | ---- | M] () -- C:\Program Files\NCSoft\Launcher\NC.Logging.dll
MOD - [2011/10/13 07:56:16 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011/10/13 06:47:43 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b88a2bf58d8529fc33f8f3437a7ff06\System.Web.Services.ni.dll
MOD - [2011/10/13 06:47:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6d2f689baff5da3df134fdec0742a13c\System.Runtime.Remoting.ni.dll
MOD - [2011/10/13 06:47:10 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\cbfa4bf002c1abaf94ba8634139727eb\System.Security.ni.dll
MOD - [2011/10/13 06:47:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/13 06:41:41 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/13 06:41:24 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/13 06:41:17 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/13 06:41:15 | 010,683,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\0e8e3007e61a2ba9454600dce8193b65\System.Design.ni.dll
MOD - [2011/10/13 06:40:19 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/13 06:39:39 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/07/13 01:29:42 | 000,143,360 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\connectionDetector.dll
MOD - [2010/07/13 01:28:42 | 000,856,064 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\fsk.dll
MOD - [2010/07/13 01:26:12 | 000,018,432 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
MOD - [2010/07/13 01:25:56 | 000,008,704 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
MOD - [2010/07/13 01:25:50 | 000,028,160 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ticket.dll
MOD - [2010/07/13 01:25:42 | 000,011,776 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
MOD - [2010/07/13 01:22:36 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskinLocalize.dll
MOD - [2010/07/13 01:22:02 | 000,009,728 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskPower.dll
MOD - [2010/07/13 01:16:16 | 000,118,784 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskDocumentViewer.dll
MOD - [2010/07/13 01:15:58 | 000,010,240 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
MOD - [2010/07/13 01:15:52 | 000,233,472 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\Fskin.dll
MOD - [2010/07/13 01:13:42 | 000,033,792 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskMediaPlayers.dll
MOD - [2010/07/13 01:10:56 | 000,172,032 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\USBDetector.dll
MOD - [2010/06/30 13:03:14 | 000,051,512 | ---- | M] () -- C:\Program Files\My Lockbox\FSPFlt.dll
MOD - [2010/04/02 21:23:36 | 000,815,104 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskSecurity.dll
MOD - [2010/04/02 20:44:16 | 000,086,016 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ebookUsb.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/09/16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/06/17 12:09:02 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2007/11/28 15:43:08 | 000,042,824 | ---- | M] () -- C:\Program Files\Spare Messaging\MessagingApp.exe

========== Win32 Services (SafeList) ==========

SRV - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2010/04/02 21:34:12 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2009/07/17 13:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2009/04/12 18:19:32 | 000,120,168 | ---- | M] (stumbleupon.com) [On_Demand | Stopped] -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe -- (StumbleUponUpdateService)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/29 16:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)

========== Driver Services (SafeList) ==========

DRV - [2012/01/12 19:03:46 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120123.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/12 19:03:46 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120123.034\NAVENG.SYS -- (NAVENG)
DRV - [2011/12/15 23:33:22 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120121.005\IDSvix86.sys -- (IDSVix86)
DRV - [2011/12/01 02:25:03 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 08:00:55 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/11/09 08:00:55 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/05/02 23:16:37 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/29 02:16:24 | 000,580,096 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L6PODLV.sys -- (L6PODLV)
DRV - [2011/03/31 03:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/31 03:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/22 00:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1206000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/15 02:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 06:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/27 05:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/09/07 22:45:06 | 000,579,456 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L6TPortB.sys -- (L6TPortB)
DRV - [2010/07/22 16:13:28 | 000,041,912 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\FSPFltd.sys -- (FSProFilter)
DRV - [2009/03/27 23:03:00 | 007,738,816 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/02 20:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/21 02:23:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/08/29 07:40:34 | 001,183,744 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVerBDA3x.sys -- (AVerBDA3x)
DRV - [2007/04/23 09:50:50 | 000,025,896 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2007/03/12 09:49:30 | 000,354,816 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL85n86.sys -- (RTL85n86)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://news.sky.com/home/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2009/12/07 13:07:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012/01/24 14:42:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_4_3 [2012/01/24 14:42:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/09 18:26:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/23 07:32:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions
[2011/08/23 07:31:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/24 14:42:40 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\COFFPLGN_2011_7_4_3
[2012/01/24 14:42:20 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPLGN
[2009/06/25 02:00:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/01/09 18:26:41 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 07:41:22 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/10/03 07:41:22 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/10/03 07:41:22 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/10/03 07:41:22 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/10/03 07:41:22 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...z=1I7GGLL_en-GB
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Reader Library (Enabled) = C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: 9 Ball Pool = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmncmephfckdpcmohbdpcnkmchejma\1.0_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Monster Dash = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog\2.2_0\
CHR - Extension: Toss it = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlifoiidlkcpdlchhngenehnhcadakpl\2.3_0\
CHR - Extension: Google Calendar = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Tennis = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkomjfglgnfeeachhdckcbgjhfiahco\1.9_0\
CHR - Extension: Click&Clean = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.2.0_0\
CHR - Extension: feedly = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\9.0.423_0\
CHR - Extension: Pool Mania = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\icojacdaddlajldkicfacgcjncbkieen\4.3_0\
CHR - Extension: Jigsaw Deluxe = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjknlngmkndgfpjcbglhpmjmopigpif\13.2550.94_0\
CHR - Extension: Lose It! = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehemifhdilebjjpibeianiedocpgocn\3.5.0.3_0\
CHR - Extension: StumbleUpon = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\3.12.6.1_0\
CHR - Extension: Little Alchemy = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.11_0\
CHR - Extension: Google Maps = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.3_0\
CHR - Extension: Morpheon Dark = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad\2.0_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.6_0\
CHR - Extension: Winter Bow Master = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkneifeimhhieoecnhndngcpcpfdonap\1.3.1_0\
CHR - Extension: WGT Golf Game = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb\32.1.0_0\
CHR - Extension: Crusader Tank = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpegcjgnjllooimlcfdnphhccfnmhfem\1.2.0_0\
CHR - Extension: Lyrics for Google Chrome\u2122 = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglbipcbkmlknhfhabolnniekmlhfoek\1.6.2_0\
CHR - Extension: Learn Spanish - Qu\u00E9 Onda Spanish = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj\1_0\

O1 HOSTS File: ([2012/01/24 14:09:32 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (TV Center Toolbar) - {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll ()
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (TV Center Toolbar) - {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (TV Center Toolbar) - {A7347E8C-1CA6-469B-951E-4A23C4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SpareMessaging] C:\Program Files\Spare Messaging\MessagingApp.exe ()
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [chromium] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [com.codeode.privacymantra] C:\Program Files\Privacy Mantra 2.05\privacymantra.exe (Codeode)
O4 - HKCU..\Run: [NCsoft Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe (NCSoft)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} http://www.streamplu...lug/beta/SP.cab (StreamPlug Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444552440000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56641FDF-BE93-4ED7-8F72-9ED1AC7AF288}: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0386238-CB09-48BF-BD6B-3BF880BE0B44}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Scott\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Scott\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/21 22:09:01 | 000,054,544 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2010/12/10 20:32:49 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/24 14:32:23 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Scott\Desktop\aswMBR.exe
[2012/01/24 14:30:33 | 002,054,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Scott\Desktop\tdsskiller.exe
[2012/01/24 14:28:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/24 14:09:36 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/01/24 14:06:41 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\temp
[2012/01/24 13:38:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/24 13:38:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/24 13:38:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/24 13:38:07 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/24 13:36:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/24 04:11:29 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
[2012/01/21 11:32:48 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\FixZeroAccess
[2012/01/12 16:37:50 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\NPE
[2012/01/11 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\ghkvwcli
[2012/01/09 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Yqurg
[2012/01/09 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Miq
[2009/04/13 08:50:11 | 000,475,201 | ---- | C] (Terraglyph Interactive Studios) -- C:\Program Files\scooby.exe
[2009/04/13 08:50:11 | 000,040,960 | ---- | C] (The Learning Company) -- C:\Program Files\UNINSTAL.EXE
[2009/04/13 08:50:11 | 000,021,504 | ---- | C] (The Learning Company) -- C:\Program Files\TLCRUN.EXE

========== Files - Modified Within 30 Days ==========

[2012/01/24 14:49:36 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{749CB4D8-C4E8-4045-8BDB-4DBD5E116D3D}.job
[2012/01/24 14:44:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/01/24 14:42:05 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/24 14:41:56 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/24 14:41:56 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/24 14:41:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/24 14:41:46 | 3487,752,192 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/24 14:34:12 | 000,000,512 | ---- | M] () -- C:\Users\Scott\Desktop\MBR.dat
[2012/01/24 14:32:23 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Scott\Desktop\aswMBR.exe
[2012/01/24 14:30:36 | 002,054,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Scott\Desktop\tdsskiller.exe
[2012/01/24 14:09:32 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/01/24 14:00:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/24 13:19:32 | 000,650,118 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/24 13:19:32 | 000,126,628 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/24 04:11:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
[2012/01/23 18:42:33 | 000,000,680 | ---- | M] () -- C:\Users\Scott\AppData\Local\d3d9caps.dat
[2012/01/23 13:05:31 | 000,055,808 | ---- | M] () -- C:\Users\Scott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/21 19:53:07 | 000,000,943 | ---- | M] () -- C:\Users\Scott\Desktop\CyberlinkPower2Go.lnk
[2012/01/18 10:25:06 | 000,000,671 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\vso_ts_preview.xml
[2012/01/14 13:27:08 | 000,002,712 | ---- | M] () -- C:\{AACF6FD1-F8DD-4DCC-9F8F-742CC42A3E44}
[2012/01/14 13:24:51 | 000,003,016 | ---- | M] () -- C:\{BA255BA0-1BF7-46EB-BB0E-9B586177686D}
[2012/01/14 09:42:16 | 371,042,366 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/01/13 16:02:46 | 000,002,440 | ---- | M] () -- C:\{A951F79E-B2BA-4822-A4AE-92593B558F4A}
[2012/01/09 16:00:39 | 000,223,706 | ---- | M] () -- C:\Users\Scott\Desktop\FOR11HIL.B2384.pdf
[2012/01/06 00:13:01 | 003,942,236 | ---- | M] () -- C:\Users\Scott\Desktop\shred off.mp3
[2012/01/04 20:36:15 | 000,002,800 | ---- | M] () -- C:\{6749DF23-C64B-48DD-BDD9-5D5874BABC16}
[2012/01/04 20:25:17 | 000,002,800 | ---- | M] () -- C:\{BBE22844-2C8A-4E4B-B475-4D3779EB68C3}
[2012/01/03 14:48:22 | 002,012,119 | ---- | M] () -- C:\Users\Scott\Desktop\P1030014.JPG
[2012/01/03 14:45:04 | 002,099,029 | ---- | M] () -- C:\Users\Scott\Desktop\P1030013.JPG
[2012/01/03 12:05:04 | 002,006,152 | ---- | M] () -- C:\Users\Scott\Desktop\P1030003.JPG

========== Files Created - No Company Name ==========

[2012/01/24 14:34:12 | 000,000,512 | ---- | C] () -- C:\Users\Scott\Desktop\MBR.dat
[2012/01/24 13:38:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/24 13:38:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/24 13:38:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/24 13:38:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/24 13:38:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/14 13:27:05 | 000,002,712 | ---- | C] () -- C:\{AACF6FD1-F8DD-4DCC-9F8F-742CC42A3E44}
[2012/01/14 13:24:50 | 000,003,016 | ---- | C] () -- C:\{BA255BA0-1BF7-46EB-BB0E-9B586177686D}
[2012/01/13 16:02:44 | 000,002,440 | ---- | C] () -- C:\{A951F79E-B2BA-4822-A4AE-92593B558F4A}
[2012/01/09 16:00:39 | 000,223,706 | ---- | C] () -- C:\Users\Scott\Desktop\FOR11HIL.B2384.pdf
[2012/01/09 15:58:57 | 002,012,119 | ---- | C] () -- C:\Users\Scott\Desktop\P1030014.JPG
[2012/01/09 15:58:56 | 002,099,029 | ---- | C] () -- C:\Users\Scott\Desktop\P1030013.JPG
[2012/01/09 15:58:56 | 002,006,152 | ---- | C] () -- C:\Users\Scott\Desktop\P1030003.JPG
[2012/01/06 00:01:25 | 003,942,236 | ---- | C] () -- C:\Users\Scott\Desktop\shred off.mp3
[2012/01/04 20:36:13 | 000,002,800 | ---- | C] () -- C:\{6749DF23-C64B-48DD-BDD9-5D5874BABC16}
[2012/01/04 20:25:16 | 000,002,800 | ---- | C] () -- C:\{BBE22844-2C8A-4E4B-B475-4D3779EB68C3}
[2011/12/08 00:50:02 | 000,069,632 | ---- | C] () -- C:\Windows\WCUNINST.EXE
[2011/12/08 00:49:29 | 000,069,632 | ---- | C] () -- C:\Windows\RAUNINST.EXE
[2011/10/18 09:58:49 | 000,000,680 | ---- | C] () -- C:\Users\Scott\AppData\Local\d3d9caps.dat
[2010/10/27 22:45:44 | 000,001,940 | ---- | C] () -- C:\Users\Scott\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/08 18:52:08 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/28 13:09:33 | 000,001,371 | ---- | C] () -- C:\Windows\lsrslt.ini
[2010/03/08 23:26:45 | 000,009,782 | -HS- | C] () -- C:\Users\Scott\AppData\Local\8Kc67
[2010/03/08 00:18:35 | 000,137,572 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/02/21 17:33:59 | 000,012,756 | -HS- | C] () -- C:\Users\Scott\AppData\Local\e1wnOl
[2010/02/08 17:43:40 | 000,010,798 | -HS- | C] () -- C:\Users\Scott\AppData\Local\1wq31I7
[2010/01/31 11:06:18 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg
[2010/01/26 18:42:20 | 000,000,353 | ---- | C] () -- C:\Windows\GearBox.ini
[2010/01/16 19:49:12 | 000,000,305 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2010/01/16 19:48:34 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2009/09/24 02:16:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 02:16:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/15 21:08:25 | 000,118,784 | ---- | C] () -- C:\Windows\dsdxirmv.exe
[2009/09/14 22:57:18 | 000,000,910 | ---- | C] () -- C:\Windows\APDFPRP.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/02 15:06:49 | 000,000,671 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\vso_ts_preview.xml
[2009/04/14 16:07:42 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf
[2009/04/14 14:41:36 | 000,008,767 | ---- | C] () -- C:\Program Files\ZOE.sav
[2009/04/13 08:51:54 | 000,008,664 | ---- | C] () -- C:\Program Files\LAURA.sav
[2009/04/13 08:50:13 | 000,000,201 | ---- | C] () -- C:\Program Files\UNINSTAL.INF
[2009/04/13 08:50:12 | 000,286,208 | ---- | C] () -- C:\Program Files\binkw32.dll
[2009/04/13 08:50:11 | 000,028,788 | ---- | C] () -- C:\Program Files\object.ini
[2009/04/13 08:50:11 | 000,004,365 | ---- | C] () -- C:\Program Files\Uninst.isu
[2009/04/13 08:50:11 | 000,000,214 | ---- | C] () -- C:\Program Files\TLCRUN.INI
[2009/04/13 08:49:43 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2009/03/14 08:54:16 | 000,000,487 | ---- | C] () -- C:\Windows\ka.ini
[2009/02/26 18:47:56 | 000,042,320 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/02/23 17:30:18 | 000,000,093 | ---- | C] () -- C:\Users\Scott\AppData\Local\fusioncache.dat
[2009/02/22 17:57:52 | 004,421,889 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009/02/18 13:57:22 | 000,557,451 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009/02/16 17:19:42 | 000,790,190 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/02/16 16:32:20 | 000,425,040 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009/02/16 16:30:30 | 000,903,703 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2009/02/16 16:23:50 | 000,145,081 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009/02/16 14:49:30 | 000,328,334 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2009/02/14 15:15:42 | 000,486,400 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2009/02/09 22:28:18 | 000,098,304 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2009/02/09 20:19:18 | 000,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2009/02/09 20:19:12 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2009/02/09 20:18:52 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2009/02/09 20:18:32 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2009/02/09 20:18:24 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2009/02/09 20:18:20 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2009/02/09 19:56:22 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/01/10 22:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2009/01/10 22:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2009/01/10 22:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2009/01/10 22:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2009/01/10 22:16:04 | 000,335,872 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2009/01/10 22:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2009/01/10 22:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2009/01/10 22:15:36 | 000,103,424 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2009/01/10 22:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2009/01/10 22:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2009/01/10 22:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2009/01/10 22:15:06 | 000,135,168 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2009/01/10 22:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2009/01/10 22:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2008/12/28 15:51:00 | 000,239,247 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2008/12/15 01:50:56 | 000,055,808 | ---- | C] () -- C:\Users\Scott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/14 21:57:48 | 000,000,108 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\wklnhst.dat
[2008/12/14 19:27:15 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/14 19:25:01 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/12/14 19:25:01 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/12/03 22:11:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/11/06 16:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/07/09 08:05:24 | 000,020,480 | ---- | C] () -- C:\Windows\System32\ac3config.exe
[2008/06/17 11:30:48 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2007/10/13 09:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 000,320,384 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,650,118 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,126,628 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/06/06 01:01:58 | 000,029,696 | ---- | C] () -- C:\Windows\System32\asutl8.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Scott\Desktop\ForgetYou_190511.MPG:TOC.WMV

< End of report >

Extra OTL

OTL Extras logfile created on: 24/01/2012 14:47:24 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Scott\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 52.29% Memory free
6.68 Gb Paging File | 5.11 Gb Available in Paging File | 76.43% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.02 Gb Total Space | 274.02 Gb Free Space | 60.22% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 86.58 Gb Free Space | 18.59% Space Free | Partition Type: NTFS
Drive F: | 4.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive S: | 1.46 Gb Total Space | 1.42 Gb Free Space | 96.61% Space Free | Partition Type: NTFS

Computer Name: FAMILY-PC | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Scott\Downloads\FlashGet\FlashGet3.exe" = C:\Users\Scott\Downloads\FlashGet\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files\Free Music Zilla\FMZilla.exe" = C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- ()

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E8AB04C-D495-4C23-92E0-D04C04745F9D}" = lport=445 | protocol=6 | dir=in | app=system |
"{15112045-7704-460F-AE50-22FCD4B80C64}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2B142EAF-37FB-4362-A598-1AC2796CA798}" = lport=137 | protocol=17 | dir=in | app=system |
"{3268247F-8292-43A0-ADEC-3D61E9C8E300}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4F1230E4-1B9A-4361-A56A-19CF8EC74E6C}" = rport=139 | protocol=6 | dir=out | app=system |
"{54F6AF80-43F2-401D-B5E8-BF868AC2A867}" = rport=137 | protocol=17 | dir=out | app=system |
"{792C9BD7-9935-4633-AB62-1AFF0D90D269}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{89023181-35D4-4B55-8260-3497555F2968}" = lport=139 | protocol=6 | dir=in | app=system |
"{8FF6A166-44AB-4D9E-BB51-F95CBE828E4F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A50FDEE4-B8BB-4BFB-8432-EBC4315C6EEF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A9F64949-56C3-44F3-81F6-9FF9FBDD0F24}" = rport=138 | protocol=17 | dir=out | app=system |
"{BD57E260-A178-4E5E-BB94-4A58FE4FDAEA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C8BA0FF9-0FE4-4845-B804-199D85515296}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C8F50EF8-FABD-4B31-A930-A2B4F8F9E96A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DD707C30-9F30-4491-8B5F-13D672BC5766}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E798ADF0-C8A0-4018-8C1F-F22AF10F819D}" = rport=445 | protocol=6 | dir=out | app=system |
"{F76F940C-8592-4BD9-A05C-CA450FD1039E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{FFD74F60-1532-4DF6-BEF6-995833E39195}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{180623F5-E436-4500-A079-531AB73476DB}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{1B8D7D9F-012B-4ACF-9767-8459E269E2C8}" = protocol=6 | dir=in | app=c:\program files\turbine\turbine download manager\turbinenetworkservice.exe |
"{1BCD88D4-4B12-49C4-8B2F-3EC8791C206F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1C31201D-B78A-4B68-98EE-D8609A6EB064}" = protocol=6 | dir=in | app=c:\users\scott\appdata\roaming\dropbox\bin\dropbox.exe |
"{1DE47D8A-0516-4FE8-BA0C-23E4BBDD8C01}" = protocol=58 | dir=in | [email protected],-28545 |
"{2864DB85-F8F9-45DE-A87F-CCC25BB85E78}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{30828E60-2503-4B51-B851-BB19AD8174EA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{340DC991-76DB-4101-B26B-FDA217F3324B}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{483EA7C6-F8B2-40B6-9E5B-8330C7C8A667}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4D1659A4-DB1F-43F7-9273-4B4E0FC24566}" = protocol=17 | dir=in | app=c:\users\scott\appdata\roaming\dropbox\bin\dropbox.exe |
"{5157A50A-64B7-4E6E-8A38-7E2F5DC5F509}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{5A03D7F5-325F-48B9-857F-52235288A10B}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5F93C5BC-F931-40F6-A52E-F6AF00AB2D5D}" = protocol=1 | dir=out | [email protected],-28544 |
"{62162241-FA5E-4A55-9753-28531C59FA44}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6F8C92E0-7350-4E0E-AB0A-46A0D817D06A}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{77327A30-7299-4B9B-AF99-8DA6E814208A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7BA4CE87-2B87-496C-B0B7-DCDF8925E057}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{867AE2A4-42C8-4B16-9738-625A7D544C08}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{86EF1FBA-C688-498B-ACF8-F265F67899E9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8846C1C2-F62F-4C17-BC0E-30F8FF041168}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{8C766E84-7697-4CBA-821E-7DA16FC7FBA6}" = protocol=6 | dir=in | app=d:\program files\utorrent\utorrent.exe |
"{8E84CF3E-E725-451F-93F9-DE9D8E313F0D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{938A0FA1-C408-44A8-B343-7273E1A4C35B}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{955B80C8-3720-459F-8219-A4D29D7740A9}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{96BEA371-BCBC-4235-9194-13240C504314}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9EB97C2B-323E-4FB6-9886-8BF3EB09346A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A4333EDA-0AC4-4C21-B784-1BEAEEC6D655}" = protocol=1 | dir=in | [email protected],-28543 |
"{AD008475-897C-47FF-89CC-FC5F2D2323B3}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B1EC1D80-AE07-4C8A-AE39-4A9AD8A19556}" = protocol=58 | dir=out | [email protected],-28546 |
"{B6360E5B-31D6-4CB5-9A8B-08143975BA7F}" = protocol=17 | dir=in | app=c:\program files\turbine\turbine download manager\turbinemessageservice.exe |
"{BC40445A-9D6D-4EFF-A7EE-7C724ACCAB48}" = protocol=17 | dir=in | app=d:\program files\utorrent\utorrent.exe |
"{BEEC351F-B63B-401C-8577-680F59F57EFE}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{C4714EF0-5BD0-40D9-860D-2201A1C441AC}" = protocol=17 | dir=in | app=c:\program files\turbine\turbine download manager\turbinenetworkservice.exe |
"{C55C7040-292D-4414-A536-02AF09E367AE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CC1990FC-BF30-4079-80AC-CC637288ED3C}" = protocol=6 | dir=in | app=c:\program files\turbine\turbine download manager\turbinemessageservice.exe |
"{CF23AF6A-F418-4D8E-A800-D70D4BB43EB4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D4D07677-6C83-422B-B112-C6BD83352332}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E4781EF8-F19F-4C9A-9228-4AD3439E00E6}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{880BB03E-26AE-477C-A6A6-9D92634AA05C}C:\users\scott\appdata\local\temp\lmib09a.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\scott\appdata\local\temp\lmib09a.tmp\lmi_rescue.exe |
"UDP Query User{EA79E5F2-76B2-4309-9D72-C1CBE73A2470}C:\users\scott\appdata\local\temp\lmib09a.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\scott\appdata\local\temp\lmib09a.tmp\lmi_rescue.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C09D67-BE24-43C6-9C4A-060394517B09}" = Newnovelist2
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}" = Search Settings 1.2.1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 26
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments GuitarRig Mobile IO Driver
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{417F5EA7-F7E9-4F33-860C-98270B90D75E}" = JustCloud Setup
"{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}" = EZdrummer
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46A5D1D1-8956-497C-92FB-59C44EFA6214}" = Safari
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C335AD4-6821-4028-9A6C-13943762DB55}" = Convert X to DVD 3.4.7.121
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DB69C2B-B31A-4D08-9D60-C07787E6892B}" = Anvil Studio 2011
"{5DD152A8-BFB3-439E-90CD-5C00C2116E23}" = AmpliTube 3
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = The Sims™ 3 Create a World Tool - Beta
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4 1.3
"{9F73FDEF-DDC1-4307-9D96-13AB3254641A}_is1" = Doctor Who: The Adventure Games
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}" = PRS-500 USB driver
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.5
"{AC76BA86-7AD7-1033-7B44-A81300000003}_814" = KB408682
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B585D829-A7D7-4F93-8249-E55A3DDB8CA5}" = GoGear SA19xx Device Manager
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{BA165460-FCF7-4D6C-A7A2-F2321700720F}" = MobileMe Control Panel
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C939F015-83C6-432C-B67B-0816AA0B4C17}" = Spare Messaging
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF35000B-8247-449B-85C9-D9C2A5936683}" = GoGear SA19xx Device Manager
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.11.00.812
"75070B1806113224B16C70296B90DD1AD8A53479" = Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"AVerMedia M135-Series PCI TV Tuner" = AVerMedia M135-Series PCI TV Tuner 3.5.0.69
"AVerMedia MCE Encoder x86" = AVerMedia MCE Encoder x86 3.2.1.84
"Barbie™ and the Magic of Pegasus™" = Barbie™ and the Magic of Pegasus™
"Barbie™ as Rapunzel" = Barbie™ as Rapunzel
"Barbie™ as The Princess and the Pauper" = Barbie™ as The Princess and the Pauper
"Barbie™ Beauty Boutique™ CD-ROM" = Barbie™ Beauty Boutique™ CD-ROM
"Bejeweled 2 Deluxe 1.1" = Bejeweled 2 Deluxe 1.1
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter version 6.2.2.46
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DreamStation DXi2" = DreamStation DXi2
"EADM" = EA Download Manager
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"EUCOH" = City of Heroes/City of Villains (European) (remove only)
"FL Studio 9" = FL Studio 9
"FLV Player" = FLV Player 2.0 (build 25)
"FormatFactory" = FormatFactory 2.30
"Free Music Zilla_is1" = Free Music Zilla
"GonVisor_is1" = GonVisor 1.73
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Guild Wars" = Guild Wars
"Hardcore" = Hardcore
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IL Download Manager" = IL Download Manager
"Kindle Auto eBook Converter" = Kindle Auto eBook Converter 0.4.50
"Line 6 Uninstaller" = Line 6 Uninstaller
"Live 4.1.5" = Live 4.1.5
"McGill English Dictionary of Rhyme with VersePer~286A7AE6_is1" = McGill English Dictionary of Rhyme & Verse Perfect 2.0
"Media Player - Codec Pack" = Media Player Codec Pack 3.4.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Miro" = Miro
"Mozilla Firefox 9.0.1 (x86 en-GB)" = Mozilla Firefox 9.0.1 (x86 en-GB)
"MP3 Key Changer" = MP3 Key Changer
"MP3 Key Changer_is1" = MP3 Key Changer - Version 1.3.1.305
"MP3SpeedChanger_is1" = MP3 Speed Changer 2.84
"Multi Tracker_is1" = Multi Tracker - Version 1.4.1.1582
"My Lockbox_is1" = My Lockbox 2.6
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments GuitarRig Mobile IO Driver" = Native Instruments GuitarRig Mobile IO Driver
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session IO Driver" = Native Instruments Session IO Driver
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.52.1100" = Opera 11.52
"Peggle Deluxe 1.01" = Peggle Deluxe 1.01
"Pocket Tanks Deluxe 1.3" = Pocket Tanks Deluxe 1.3
"PoiZone" = PoiZone
"Privacy Mantra 2.05" = Privacy Mantra 2.05
"Quartz AudioMaster Freeware" = Quartz AudioMaster Freeware
"REAPER" = REAPER
"Red Alert" = Red Alert Windows 95
"RiffWorks Line 6 Edition" = RiffWorks Line 6 Edition
"Sawer" = Sawer
"Scooby-Doo™, Phantom of the Knight™" = Scooby-Doo™, Phantom of the Knight™
"SONAR6Producer_is1" = SONAR 6 Producer Edition
"Song Surgeon_is1" = Song Surgeon 2.0.0.2
"StumbleUponIEToolbar" = StumbleUpon IE Toolbar
"Switch" = Switch Sound File Converter
"Syncrosoft's License Control" = Syncrosoft's License Control
"SynthFont_is1" = SynthFont
"SystemRequirementsLab" = System Requirements Lab
"Toxic Biohazard" = Toxic Biohazard
"TV_Center Toolbar" = TV_Center Toolbar
"VLC media player" = VLC media player 1.0.3
"VMidi" = vanBasco's Karaoke Player
"WavePad" = WavePad Sound Editor
"wbtooltb" = Webblog
"WChat" = Westwood Chat
"WIDI Recognition System Pro 3.32" = WIDI Recognition System Pro 3.32 (remove only)
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
"YTdetect" = Yahoo! Detect
"Zuma Deluxe 1.0" = Zuma Deluxe 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"Amazon Kindle For PC" = Amazon Kindle For PC
"Calendar Clock" = Calendar Clock
"Dropbox" = Dropbox
"eduMap" = eduMap
"GoogleToolBar" = GoogleToolBar
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Application Detect

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Edited by Stumped2012, 24 January 2012 - 08:58 AM.

#7
RKinner

Posted 24 January 2012 - 09:33 AM

Malware Expert

Expert
24,625 posts

Disable Spybot's TeaTimer to make sure it won't interfere with fixes. You can re-enable it when you're clean again:

* Run Spybot-S&D in Advanced Mode
* If it is not already set to do this, go to the Mode menu
select
Advanced Mode
* On the left hand side, click on Tools
* Then click on the Resident icon in the list
* Uncheck
Resident TeaTimer
and OK any prompts.
* Restart your computer

Uninstall
Adobe Reader 8.1.5 - obsolete get latest from adobe.com
Java™ 6 Update 26 - obsolete get latest from java.com
TV_Center Toolbar -adware
Winamp Toolbar - adware
µTorrent -P2P Dangerous to have
Yahoo! Detect - Foistware
Malwarebytes' Anti-Malware - don't see it in your logs but I did ask you to run it so if you ran it please uninstall now it as it interferes with some of our fixes.

Copy the text in the code box by highlighting and Ctrl + c


:processes
killallprocesses

:OTL
IE - HKLM\..\URLSearchHook: {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O2 - BHO: (TV Center Toolbar) - {a7347e8c-1ca6-469b-951e-4a23c4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (TV Center Toolbar) - {A7347E8C-1CA6-469B-951E-4A23C4437935} - C:\Program Files\TV_Center\tbTV_C.dll (Conduit Ltd.)
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444552440000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O32 - AutoRun File - [2010/12/10 20:32:49 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
[2012/01/11 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\ghkvwcli
[2012/01/09 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Yqurg
[2012/01/09 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Miq
[2010/03/08 23:26:45 | 000,009,782 | -HS- | C] () -- C:\Users\Scott\AppData\Local\8Kc67
[2010/03/08 00:18:35 | 000,137,572 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/02/21 17:33:59 | 000,012,756 | -HS- | C] () -- C:\Users\Scott\AppData\Local\e1wnOl
[2010/02/08 17:43:40 | 000,010,798 | -HS- | C] () -- C:\Users\Scott\AppData\Local\1wq31I7
@Alternate Data Stream - 64 bytes -> C:\Users\Scott\Desktop\ForgetYou_190511.MPG:TOC.WMV

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
C:\Program Files\TV_Center
     
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

DirLook::
C:\Program Files\Common
%user%\library

RegNull::
[HKEY_USERS\S-1-5-21-336274091-882255576-533055083-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1489D426-94C6-4398-13B7-5D872E33BFCA}*]

RegLock::
[HKEY_USERS\S-1-5-21-336274091-882255576-533055083-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1489D426-94C6-4398-13B7-5D872E33BFCA}*]
[HKEY_USERS\S-1-5-21-336274091-882255576-533055083-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1489D426-94C6-4398-13B7-5D872E33BFCA}]

Registry::
[HKEY_USERS\S-1-5-21-336274091-882255576-533055083-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1489D426-94C6-4398-13B7-5D872E33BFCA}*]
[HKEY_USERS\S-1-5-21-336274091-882255576-533055083-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1489D426-94C6-4398-13B7-5D872E33BFCA}]

******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Type with an Enter after each line:


cd  \windows\logs\cbs

copy  cbs.log  cbs.old

del  cbs.log

sfc  /scannow

findstr  /c:"[SR]"  cbs.log  >  junk.txt

attach the file \windows\logs\cbs\junk.txt to your next reply.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Run OTL (right click and Run As Admin) and select Quickscan and post the log.

How is it running now?

Ron

#8
Stumped2012

Posted 24 January 2012 - 09:53 PM

New Member

Topic Starter
Member
6 posts

Hi Ron.

Apologies for the slowness of my responses here.

I'm unfortunately out at work for long periods of time.

Your assistance is most certainly appreciated though.

My system is running nicely now.

I still have to finish the procedures outlinedin your last post.

Once I do that I'll get back to you.

Thanks again