Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Babylon Toolbar Removal [Closed] [Solved]


  • This topic is locked This topic is locked

#1
bordforlyf

bordforlyf

    New Member

  • Member
  • Pip
  • 6 posts
Hi, I have Babylon ToolBar stuck on my laptop. I've tried multiple scanners and still am unable to remove it. Could you also look to see if there is anything wrong with my laptop? However, I am most interested in removing this toolbar. Thanks I appreciate any help!
















OTL logfile created on: 4/30/2012 10:12:34 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Dom\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 42.22% Memory free
7.60 Gb Paging File | 3.86 Gb Available in Paging File | 50.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.84 Gb Total Space | 275.41 Gb Free Space | 61.63% Space Free | Partition Type: NTFS
Drive D: | 18.63 Gb Total Space | 2.70 Gb Free Space | 14.51% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 90.62 Mb Free Space | 91.52% Space Free | Partition Type: FAT32

Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/30 22:12:23 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Downloads\OTL.exe
PRC - [2012/03/30 16:00:44 | 000,161,336 | ---- | M] (Google) -- C:\Users\Dom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/07/07 23:38:48 | 000,049,664 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
PRC - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/05 10:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2010/05/21 01:28:00 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 01:27:58 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010/03/31 18:53:18 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/26 16:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/02/04 14:39:52 | 000,689,008 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
PRC - [2009/12/08 19:35:50 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/08 19:35:36 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
PRC - [2008/12/04 13:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2007/01/01 14:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Dom\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/28 12:12:55 | 008,743,584 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
MOD - [2012/04/12 00:37:34 | 000,444,400 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 00:37:33 | 003,915,248 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 00:36:08 | 000,122,880 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 00:36:06 | 000,220,672 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 00:36:05 | 001,747,456 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012/04/11 10:30:24 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\cdc38572fd6c34cb3033fb419eff3639\System.Web.ni.dll
MOD - [2012/04/11 10:29:59 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/11 10:29:53 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/07 15:39:44 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\966a138f3aed60400472ac415bd16bc8\IAStorUtil.ni.dll
MOD - [2012/04/07 15:33:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
MOD - [2012/04/07 15:33:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012/04/07 15:33:08 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/04/07 15:33:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/04/07 15:33:04 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012/04/07 15:32:53 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/21 11:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/01/05 10:06:43 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\AIM\nssckbi.dll
MOD - [2010/06/15 11:01:12 | 000,057,904 | ---- | M] () -- C:\Windows\SysWOW64\wbload.dll
MOD - [2010/05/04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/12/03 14:05:26 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/26 10:56:02 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/07/18 19:39:56 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/23 07:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2010/02/01 02:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/01/18 15:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2009/12/16 14:51:46 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2011/04/06 16:42:11 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/03/16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/10/21 13:06:45 | 004,208,208 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010/03/31 18:53:18 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/02/26 16:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/02/23 07:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/04 14:39:52 | 000,689,008 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe -- (EgisTec Service)
SRV - [2010/02/01 02:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe -- (STacSV)
SRV - [2010/01/04 11:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/09 09:56:16 | 000,337,200 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe -- (WindowBlinds)
SRV - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2007/12/16 21:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/10 21:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 23:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/08/11 21:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/07/22 20:38:14 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/07/18 20:20:10 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/07/18 19:06:26 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/15 05:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/07 14:39:52 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/27 15:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 02:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/04 22:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/03 00:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/03/03 00:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/02/01 02:29:34 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/11 13:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/10/26 13:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/29 17:16:41 | 000,504,880 | R--- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/08/29 17:16:41 | 000,032,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/08/17 14:58:58 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2008/07/03 22:49:26 | 000,252,928 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTwindrvr6.sys -- (VSTWinDriver6)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/12/31 08:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {1016CC86-1ED3-4059-82A1-AE3C42FBC48B}
IE - HKLM\..\SearchScopes\{1016CC86-1ED3-4059-82A1-AE3C42FBC48B}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{DFF809A6-C17E-408B-935D-3ABB37AF862A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...00000268283296c
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000268283296c
IE - HKCU\..\SearchScopes\{1016CC86-1ED3-4059-82A1-AE3C42FBC48B}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{77D5A4D7-FBE8-4688-8B0D-33161A94D186}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\{DFF809A6-C17E-408B-935D-3ABB37AF862A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylo...0000268283296c"
FF - prefs.js..extensions.enabledItems: {41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}:1.0
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..keyword.URL: "http://search.babylo...0268283296c&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\Firefox [2011/02/02 18:02:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010/07/07 15:05:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/07/27 13:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/04/07 15:09:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/07 10:11:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/07 10:12:32 | 000,000,000 | ---D | M]

[2012/04/07 00:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Extensions
[2011/03/16 23:00:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\qmej6fbq.default\extensions
[2012/04/07 10:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\uxyn99ae.default\extensions
[2012/04/07 10:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\uxyn99ae.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25c}
[2012/04/07 10:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/23 18:33:42 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/04/07 10:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/02/07 22:38:55 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\jar50.dll
[2012/02/07 22:38:55 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\jsd3250.dll
[2012/02/07 22:38:56 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\myspell.dll
[2012/02/07 22:38:56 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\spellchk.dll
[2012/02/07 22:38:56 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\xpinstal.dll
[2012/03/23 18:33:38 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/03/12 21:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/12 21:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylo...00000268283296c
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: MSN\u00AE Toolbar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.32_0\
CHR - Extension: Skype Extension = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
CHR - Extension: Gmail = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/07/27 11:34:17 | 000,001,412 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 0.0.0.0 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [CubeDesktop] File not found
O4 - HKCU..\Run: [DeskSpace] C:\Users\Dom\AppData\Roaming\DeskSpace\deskspace.exe File not found
O4 - HKCU..\Run: [EPSON NX210 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDA.EXE /FU "C:\Windows\TEMP\E_S1860.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [googletalk] C:\Users\Dom\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10g_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 132.239.0.252 128.54.16.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35FE35BE-9C04-45B2-B594-242F82B65A23}: DhcpNameServer = 132.239.0.252 128.54.16.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDC94596-2B60-446B-8606-A5575568DFBB}: DhcpNameServer = 132.239.0.252 128.54.16.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\WB: DllName - (C:\Program Files (x86)\Stardock\MyColors\fast64.dll) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8523843c-df14-11e0-8db5-1cc1de8c7d4a}\Shell - "" = AutoRun
O33 - MountPoints2\{8523843c-df14-11e0-8db5-1cc1de8c7d4a}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{d4fedfad-960b-11df-8b11-1cc1de8c7d4a}\Shell - "" = AutoRun
O33 - MountPoints2\{d4fedfad-960b-11df-8b11-1cc1de8c7d4a}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/04/15 12:22:10 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Curiolab
[2012/04/15 12:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exterminate It!
[2012/04/15 12:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exterminate It!
[2012/04/13 22:24:01 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/04/09 11:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/04/08 11:01:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/04/08 11:01:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/04/06 20:53:54 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Spotify
[2012/04/06 20:53:48 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Spotify
[2012/04/04 14:16:23 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\arc_c7f168a6223596906129c311704b72a4
[2012/04/01 15:52:05 | 000,000,000 | R--D | C] -- C:\Users\Dom\Dropbox
[2012/04/01 15:51:16 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/04/01 15:50:54 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Dropbox
[54 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[54 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Users\Dom\Desktop\*.tmp files -> C:\Users\Dom\Desktop\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/30 21:40:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-872871200-901388992-920692641-1000UA.job
[2012/04/30 21:23:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/30 19:17:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/30 19:15:22 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/30 19:15:22 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/30 19:15:22 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/30 18:43:23 | 000,144,759 | ---- | M] () -- C:\Users\Dom\Desktop\housing.zip
[2012/04/30 18:16:30 | 000,076,000 | ---- | M] () -- C:\Users\Dom\Desktop\housing2.tif
[2012/04/30 18:15:00 | 000,073,096 | ---- | M] () -- C:\Users\Dom\Desktop\housing.tif
[2012/04/30 17:41:32 | 000,801,947 | ---- | M] () -- C:\Users\Dom\Desktop\LRA-editable (1).pdf
[2012/04/30 15:29:41 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/30 15:29:41 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/30 15:24:11 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/30 10:40:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-872871200-901388992-920692641-1000Core.job
[2012/04/29 22:52:48 | 000,008,814 | ---- | M] () -- C:\Users\Dom\Desktop\image001.png
[2012/04/28 12:31:26 | 006,592,316 | ---- | M] () -- C:\Users\Dom\Desktop\Gotye - Somebody That I Used To Know feat_ Kimbra (TiŽsto Remix)-[www_flvto_com].mp3
[2012/04/28 12:29:30 | 010,431,062 | ---- | M] () -- C:\Users\Dom\Desktop\Erik Arbores - On The Move (Club Mix)-[www_flvto_com].mp3
[2012/04/28 11:52:02 | 011,849,825 | ---- | M] () -- C:\Users\Dom\Desktop\W&W feat_ Bree - Nowhere To Go (Shogun Remix)-[www_flvto_com].mp3
[2012/04/28 11:19:47 | 009,081,263 | ---- | M] () -- C:\Users\Dom\Desktop\David Guetta & Avicii vs_ Laidback Luke - Till Sunshine (Pixel Cheese Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:47:28 | 008,678,142 | ---- | M] () -- C:\Users\Dom\Desktop\Flo Rida ft_ Sia - Wild Ones (VIDA Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:42:50 | 012,976,434 | ---- | M] () -- C:\Users\Dom\Desktop\Ralphie B - Icarus (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:39:18 | 008,266,870 | ---- | M] () -- C:\Users\Dom\Desktop\Avicii feat_ Nervo - You're Gonna Love Again HQ-[www_flvto_com].mp3
[2012/04/28 02:37:10 | 008,918,886 | ---- | M] () -- C:\Users\Dom\Desktop\Michael Woods - 'Airborne' [OFFICIAL]-[www_flvto_com].mp3
[2012/04/28 02:36:17 | 008,475,013 | ---- | M] () -- C:\Users\Dom\Desktop\Hilton Farris f_ Trevor Hastings - Kings (Beat Thrillerz Remix)-[www_flvto_com].mp3
[2012/04/28 02:31:10 | 010,297,524 | ---- | M] () -- C:\Users\Dom\Desktop\Marc Marberg with Kyau & Albert - Megashira (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:29:25 | 006,207,376 | ---- | M] () -- C:\Users\Dom\Desktop\The Naked & Famous - Young Blood (TiŽsto & Hardwell Remix)-[www_flvto_com].mp3
[2012/04/28 02:29:09 | 008,970,922 | ---- | M] () -- C:\Users\Dom\Desktop\tyDi feat_ Dj Rap - Talking To Myself (Maison & Dragen Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:48 | 011,029,789 | ---- | M] () -- C:\Users\Dom\Desktop\LUIGI LUSINI -WATERFALL- - Original mix-[www_flvto_com].mp3
[2012/04/28 02:27:36 | 009,001,642 | ---- | M] () -- C:\Users\Dom\Desktop\Dakota - Gypsy Room (Duderstadt Remix)-[www_flvto_com].mp3
[2012/04/28 02:26:35 | 007,370,974 | ---- | M] () -- C:\Users\Dom\Desktop\Michael Calfan - Resurrection (Axwell's Recut Club Version)-[www_flvto_com].mp3
[2012/04/27 17:28:28 | 040,571,779 | ---- | M] () -- C:\Users\Dom\Desktop\Physics Book!.pdf
[2012/04/24 16:15:46 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/15 12:20:27 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2012/04/14 01:20:43 | 000,001,129 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/13 22:24:02 | 000,002,296 | ---- | M] () -- C:\Users\Dom\Desktop\Google Chrome.lnk
[2012/04/13 01:41:59 | 000,001,945 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2012/04/08 11:05:31 | 000,001,433 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/08 10:57:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/08 10:57:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/08 10:55:36 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/07 15:32:18 | 005,004,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/01 14:43:32 | 113,742,269 | ---- | M] () -- C:\Users\Dom\Desktop\lalala.com.rar
[54 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[54 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Users\Dom\Desktop\*.tmp files -> C:\Users\Dom\Desktop\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/30 18:49:27 | 000,076,000 | ---- | C] () -- C:\Users\Dom\Desktop\housing2.tif
[2012/04/30 18:49:27 | 000,073,096 | ---- | C] () -- C:\Users\Dom\Desktop\housing.tif
[2012/04/30 18:43:23 | 000,144,759 | ---- | C] () -- C:\Users\Dom\Desktop\housing.zip
[2012/04/30 17:41:30 | 000,801,947 | ---- | C] () -- C:\Users\Dom\Desktop\LRA-editable (1).pdf
[2012/04/29 22:52:47 | 000,008,814 | ---- | C] () -- C:\Users\Dom\Desktop\image001.png
[2012/04/28 12:31:14 | 006,592,316 | ---- | C] () -- C:\Users\Dom\Desktop\Gotye - Somebody That I Used To Know feat_ Kimbra (TiŽsto Remix)-[www_flvto_com].mp3
[2012/04/28 12:28:13 | 010,431,062 | ---- | C] () -- C:\Users\Dom\Desktop\Erik Arbores - On The Move (Club Mix)-[www_flvto_com].mp3
[2012/04/28 11:49:51 | 011,849,825 | ---- | C] () -- C:\Users\Dom\Desktop\W&W feat_ Bree - Nowhere To Go (Shogun Remix)-[www_flvto_com].mp3
[2012/04/28 11:18:47 | 009,081,263 | ---- | C] () -- C:\Users\Dom\Desktop\David Guetta & Avicii vs_ Laidback Luke - Till Sunshine (Pixel Cheese Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:47:12 | 008,678,142 | ---- | C] () -- C:\Users\Dom\Desktop\Flo Rida ft_ Sia - Wild Ones (VIDA Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:42:25 | 012,976,434 | ---- | C] () -- C:\Users\Dom\Desktop\Ralphie B - Icarus (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:39:02 | 008,266,870 | ---- | C] () -- C:\Users\Dom\Desktop\Avicii feat_ Nervo - You're Gonna Love Again HQ-[www_flvto_com].mp3
[2012/04/28 02:36:53 | 008,918,886 | ---- | C] () -- C:\Users\Dom\Desktop\Michael Woods - 'Airborne' [OFFICIAL]-[www_flvto_com].mp3
[2012/04/28 02:36:01 | 008,475,013 | ---- | C] () -- C:\Users\Dom\Desktop\Hilton Farris f_ Trevor Hastings - Kings (Beat Thrillerz Remix)-[www_flvto_com].mp3
[2012/04/28 02:30:50 | 010,297,524 | ---- | C] () -- C:\Users\Dom\Desktop\Marc Marberg with Kyau & Albert - Megashira (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:29:13 | 006,207,376 | ---- | C] () -- C:\Users\Dom\Desktop\The Naked & Famous - Young Blood (TiŽsto & Hardwell Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:52 | 008,970,922 | ---- | C] () -- C:\Users\Dom\Desktop\tyDi feat_ Dj Rap - Talking To Myself (Maison & Dragen Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:26 | 011,029,789 | ---- | C] () -- C:\Users\Dom\Desktop\LUIGI LUSINI -WATERFALL- - Original mix-[www_flvto_com].mp3
[2012/04/28 02:27:19 | 009,001,642 | ---- | C] () -- C:\Users\Dom\Desktop\Dakota - Gypsy Room (Duderstadt Remix)-[www_flvto_com].mp3
[2012/04/28 02:26:20 | 007,370,974 | ---- | C] () -- C:\Users\Dom\Desktop\Michael Calfan - Resurrection (Axwell's Recut Club Version)-[www_flvto_com].mp3
[2012/04/27 17:28:02 | 040,571,779 | ---- | C] () -- C:\Users\Dom\Desktop\Physics Book!.pdf
[2012/04/15 12:20:27 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2012/04/14 01:20:43 | 000,001,129 | ---- | C] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/13 22:24:02 | 000,002,296 | ---- | C] () -- C:\Users\Dom\Desktop\Google Chrome.lnk
[2012/04/13 01:41:59 | 000,001,945 | ---- | C] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2012/04/08 10:57:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/08 10:57:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/07 00:11:33 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/01 14:40:09 | 113,742,269 | ---- | C] () -- C:\Users\Dom\Desktop\lalala.com.rar
[2012/01/04 16:31:33 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/01/01 21:48:55 | 006,908,648 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012/01/01 21:48:55 | 000,017,686 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/08/12 16:27:39 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/08/12 16:27:39 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/08/11 08:00:54 | 000,000,233 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2011/07/07 23:37:28 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/06/11 16:57:55 | 000,000,000 | ---- | C] () -- C:\Users\Dom\AppData\Local\{ED7C6ED9-33DF-42A8-A72E-FDA42B508812}
[2011/05/24 04:03:24 | 000,276,232 | ---- | C] () -- C:\Users\Dom\AppData\Local\ConduitInstaller.exe
[2011/04/06 16:43:09 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/03/27 12:43:08 | 000,096,768 | ---- | C] () -- C:\Users\Dom\AppData\Local\Bloson.exe
[2011/03/21 04:36:30 | 000,026,456 | ---- | C] () -- C:\Users\Dom\AppData\Local\bloson.bmp
[2010/11/13 03:14:46 | 000,062,648 | ---- | C] () -- C:\Users\Dom\AppData\Local\toolbar3.bmp
[2010/11/12 03:09:56 | 000,195,108 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral3.bmp
[2010/11/12 02:44:14 | 000,193,744 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral1.bmp
[2010/11/12 02:10:58 | 000,193,744 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral2.bmp
[2010/09/21 06:30:37 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2010/09/20 17:18:23 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/09/20 17:18:22 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/09/20 17:18:22 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/09/20 17:18:22 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/09/20 17:18:22 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/09/20 17:18:22 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/09/20 17:18:22 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/09/20 17:18:22 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/09/20 17:18:22 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/09/20 17:18:22 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/09/20 17:18:22 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/09/20 17:18:22 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/09/20 17:18:22 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/09/20 17:18:22 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/09/20 17:18:22 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/09/20 17:18:22 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/09/20 17:13:34 | 000,000,044 | ---- | C] () -- C:\Windows\EPNX210.ini
[2010/08/16 20:10:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/07/29 16:09:40 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/29 15:14:10 | 000,667,136 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.dll
[2010/07/29 15:14:09 | 000,414,208 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe
[2010/07/29 15:14:09 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll
[2010/07/22 18:41:52 | 000,038,407 | ---- | C] () -- C:\Windows\scunin.dat
[2010/07/07 14:50:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/07/07 14:42:55 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010/07/07 14:39:11 | 000,000,312 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/07/07 14:39:11 | 000,000,253 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/06/15 15:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/15 11:01:12 | 000,057,904 | ---- | C] () -- C:\Windows\SysWow64\wbload.dll
[2010/05/18 14:46:04 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini

========== LOP Check ==========

[2010/07/23 01:14:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\acccore
[2012/04/09 12:48:38 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Audacity
[2011/07/28 07:16:10 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Avnex
[2011/02/13 18:15:31 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Azureus
[2012/03/23 18:33:36 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Babylon
[2012/04/15 12:22:10 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Curiolab
[2010/07/22 20:42:20 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DAEMON Tools Lite
[2012/04/06 14:48:03 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Dropbox
[2010/09/21 06:27:57 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Epson
[2012/03/30 18:53:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FileZilla
[2011/05/24 17:39:43 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ijjigame
[2011/11/30 21:39:40 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\JasonRobitaille
[2010/09/20 17:19:10 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Leadertech
[2011/05/24 16:17:39 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\LolClient
[2011/04/25 18:52:32 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ooVoo Details
[2010/11/21 18:31:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OpenOffice.org
[2010/07/28 01:22:15 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OtakuSoftware
[2012/01/04 16:31:33 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\PACE Anti-Piracy
[2011/04/05 21:13:55 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SoftGrid Client
[2012/04/07 10:11:30 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Spotify
[2011/04/22 23:09:04 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/07/28 07:07:28 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\streamripper
[2010/07/28 10:05:26 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Thinking Minds Budiling Bytes
[2010/09/20 07:39:42 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TP
[2010/12/12 03:15:02 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Unity
[2012/01/06 17:09:20 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
[2010/12/10 14:35:00 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\WildTangent
[2011/09/22 17:42:27 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Windows Live Writer
[2012/02/02 23:04:14 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 1186 bytes -> C:\ProgramData\Microsoft:w7E36CH2MorARRfpnWvRqGyiX
@Alternate Data Stream - 1092 bytes -> C:\Program Files\Common Files\Microsoft Shared:DZe337KhTFKtg75WmY4hwi4T
@Alternate Data Stream - 1079 bytes -> C:\ProgramData\Microsoft:GRcIMFhEYDrJXZohIQbvsR3ReD
@Alternate Data Stream - 1024 bytes -> C:\ProgramData\Microsoft:uNIyNohlgmVdNQU94q8bHEs

< End of report >
  • 0

Advertisements


#2
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Hi, bordforlyf! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.





Step 1.

We need to do some uninstalls first.

Click Start >> Control Panel >> Programs

Uninstall:

Ask.com
Babylon Toolbar


If they are not in the uninstall list continue to step 2.



Step 2.

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image




  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    IE - HKLM\..\SearchScopes\{DFF809A6-C17E-408B-935D-3ABB37AF862A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...00000268283296c
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000268283296c
    IE - HKCU\..\SearchScopes\{DFF809A6-C17E-408B-935D-3ABB37AF862A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
    FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=110806&babsrc=HP_ss&mntrId=2233337900000000000000268283296c"
    FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=110806&babsrc=adbartrp&mntrId=2233337900000000000000268283296c&q="
    FF - user.js - File not found
    [2012/03/23 18:33:42 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
    [2012/03/23 18:33:38 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    CHR - default_search_provider: Search the web (Babylon) (Enabled)
    CHR - default_search_provider: search_url = http://search.babylo...00000268283296c
    O4 - HKCU..\Run: [CubeDesktop] File not found
    O4 - HKCU..\Run: [DeskSpace] C:\Users\Dom\AppData\Roaming\DeskSpace\deskspace.exe File not found
    O4 - HKCU..\Run: [EPSON NX210 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDA.EXE /FU "C:\Windows\TEMP\E_S1860.tmp" /EF "HKCU" File not found
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
    [2012/03/23 18:33:36 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Babylon
    [2012/01/06 17:09:20 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
    @Alternate Data Stream - 1186 bytes -> C:\ProgramData\Microsoft:w7E36CH2MorARRfpnWvRqGyiX
    @Alternate Data Stream - 1092 bytes -> C:\Program Files\Common Files\Microsoft Shared:DZe337KhTFKtg75WmY4hwi4T
    @Alternate Data Stream - 1079 bytes -> C:\ProgramData\Microsoft:GRcIMFhEYDrJXZohIQbvsR3ReD
    @Alternate Data Stream - 1024 bytes -> C:\ProgramData\Microsoft:uNIyNohlgmVdNQU94q8bHEs
    
    
    :files
    ipconfig /flushdns /c
    
    
    :reg
    
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.



Step 3.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

If it does not run rename it iexplore.exe and try it again.


Step 4.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under Extra Registry select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    C:\windows\*. /RP /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 5.

Please post:

OTL fix log
aswMBR log
OTL.txt
Extras.txt


Please give me an update on your computer issues
  • 0

#3
bordforlyf

bordforlyf

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Thanks so much for your reply!
First off, yes I was unable to find Ask.com and Babylon Toolbar in the uninstall part of the control panel.




Here is the first OTL Scan:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DFF809A6-C17E-408B-935D-3ABB37AF862A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFF809A6-C17E-408B-935D-3ABB37AF862A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DFF809A6-C17E-408B-935D-3ABB37AF862A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFF809A6-C17E-408B-935D-3ABB37AF862A}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
Prefs.js: "http://search.babylo...0000268283296c" removed from browser.startup.homepage
Prefs.js: "http://search.babylo...0268283296c&q=" removed from keyword.URL
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\content\imgs folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CubeDesktop deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DeskSpace deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON NX210 Series deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Users\Dom\AppData\Roaming\Babylon folder moved successfully.
C:\Users\Dom\AppData\Roaming\uTorrent\dlimagecache folder moved successfully.
C:\Users\Dom\AppData\Roaming\uTorrent\apps folder moved successfully.
C:\Users\Dom\AppData\Roaming\uTorrent folder moved successfully.
ADS C:\ProgramData\Microsoft:w7E36CH2MorARRfpnWvRqGyiX deleted successfully.
ADS C:\Program Files\Common Files\Microsoft Shared:DZe337KhTFKtg75WmY4hwi4T deleted successfully.
ADS C:\ProgramData\Microsoft:GRcIMFhEYDrJXZohIQbvsR3ReD deleted successfully.
ADS C:\ProgramData\Microsoft:uNIyNohlgmVdNQU94q8bHEs deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dom\Desktop\cmd.bat deleted successfully.
C:\Users\Dom\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Dom
->Temp folder emptied: 2167668420 bytes
->Temporary Internet Files folder emptied: 131267159 bytes
->Java cache emptied: 2256798 bytes
->FireFox cache emptied: 22351289 bytes
->Google Chrome cache emptied: 372764509 bytes
->Flash cache emptied: 26740 bytes

User: Public

%systemdrive% .tmp files removed: 1149444 bytes
%systemroot% .tmp files removed: 1234432 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 63241728 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 418409141 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36097156 bytes
RecycleBin emptied: 9769659864 bytes

Total Files Cleaned = 12,385.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.42.2 log created on 05012012_204614

Files\Folders moved on Reboot...
C:\Users\Dom\AppData\Local\Temp\amt3.log moved successfully.
C:\Users\Dom\AppData\Local\Temp\E33D.tmp moved successfully.
C:\Users\Dom\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

----------------------------------------------------------------------------------------------------
This is the ASWMBR Log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-01 21:06:39
-----------------------------
21:06:39.002 OS Version: Windows x64 6.1.7600
21:06:39.002 Number of processors: 4 586 0x2502
21:06:39.003 ComputerName: DOM-PC UserName: Dom
21:06:41.238 Initialize success
21:06:48.821 AVAST engine defs: 12050101
21:06:52.421 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:06:52.423 Disk 0 Vendor: Hitachi_ PC4O Size: 476940MB BusType: 3
21:06:52.431 Disk 0 MBR read successfully
21:06:52.433 Disk 0 MBR scan
21:06:52.437 Disk 0 unknown MBR code
21:06:52.447 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
21:06:52.455 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 457560 MB offset 409600
21:06:52.483 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 19076 MB offset 937492480
21:06:52.507 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
21:06:52.542 Disk 0 scanning C:\Windows\system32\drivers
21:07:03.116 Service scanning
21:07:31.127 Modules scanning
21:07:31.140 Disk 0 trace - called modules:
21:07:31.483 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys spnm.sys hal.dll
21:07:31.490 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80070b6060]
21:07:31.498 3 CLASSPNP.SYS[fffff88001d4843f] -> nt!IofCallDriver -> [0xfffffa8006f7cb10]
21:07:31.505 5 hpdskflt.sys[fffff880019f2289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005053050]
21:07:33.142 AVAST engine scan C:\Windows
21:07:35.718 AVAST engine scan C:\Windows\system32
21:11:02.628 AVAST engine scan C:\Windows\system32\drivers
21:11:14.103 AVAST engine scan C:\Users\Dom
21:19:57.586 AVAST engine scan C:\ProgramData
21:26:56.403 Scan finished successfully
21:43:01.096 Disk 0 MBR has been saved successfully to "C:\Users\Dom\Desktop\MBR.dat"
21:43:01.100 The log file has been saved successfully to "C:\Users\Dom\Desktop\aswMBR.txt"
----------------------------------------------------------------------------------------------------------------------
This is the 2nd OTL Log:

OTL logfile created on: 5/1/2012 9:46:05 PM - Run 2
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Dom\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 36.90% Memory free
7.60 Gb Paging File | 4.86 Gb Available in Paging File | 63.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.84 Gb Total Space | 286.63 Gb Free Space | 64.15% Space Free | Partition Type: NTFS
Drive D: | 18.63 Gb Total Space | 2.70 Gb Free Space | 14.51% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 90.62 Mb Free Space | 91.52% Space Free | Partition Type: FAT32

Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/01 20:58:50 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Dom\Desktop\aswMBR.exe
PRC - [2012/04/30 22:12:23 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe
PRC - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/05 10:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2010/05/21 01:28:00 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 01:27:58 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010/03/31 18:53:18 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/26 16:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/02/04 14:39:52 | 000,689,008 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
PRC - [2009/12/08 19:35:50 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/08 19:35:36 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
PRC - [2008/12/04 13:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2007/01/01 14:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Dom\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/12 00:37:34 | 000,444,400 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 00:37:33 | 003,915,248 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 00:36:08 | 000,122,880 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 00:36:06 | 000,220,672 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 00:36:05 | 001,747,456 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012/04/11 10:30:24 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\cdc38572fd6c34cb3033fb419eff3639\System.Web.ni.dll
MOD - [2012/04/11 10:29:59 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/11 10:29:53 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/07 15:39:44 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\966a138f3aed60400472ac415bd16bc8\IAStorUtil.ni.dll
MOD - [2012/04/07 15:33:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
MOD - [2012/04/07 15:33:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012/04/07 15:33:08 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/04/07 15:33:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/04/07 15:33:04 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012/04/07 15:32:53 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/21 11:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/01/05 10:06:43 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\AIM\nssckbi.dll
MOD - [2010/06/15 11:01:12 | 000,057,904 | ---- | M] () -- C:\Windows\SysWOW64\wbload.dll
MOD - [2010/05/04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/12/03 14:05:26 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/26 10:56:02 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/07/18 19:39:56 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/23 07:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2010/02/01 02:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/01/18 15:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2009/12/16 14:51:46 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2011/04/06 16:42:11 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/03/16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/10/21 13:06:45 | 004,208,208 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010/03/31 18:53:18 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/02/26 16:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/02/23 07:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/04 14:39:52 | 000,689,008 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe -- (EgisTec Service)
SRV - [2010/02/01 02:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe -- (STacSV)
SRV - [2010/01/04 11:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/09 09:56:16 | 000,337,200 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe -- (WindowBlinds)
SRV - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2007/12/16 21:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/10 21:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 23:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/08/11 21:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/07/22 20:38:14 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/07/18 20:20:10 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/07/18 19:06:26 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/15 05:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/07 14:39:52 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/27 15:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 02:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/04 22:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/03 00:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/03/03 00:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/02/01 02:29:34 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/11 13:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/10/26 13:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/29 17:16:41 | 000,504,880 | R--- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/08/29 17:16:41 | 000,032,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/08/17 14:58:58 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2008/07/03 22:49:26 | 000,252,928 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTwindrvr6.sys -- (VSTWinDriver6)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/12/31 08:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {1016CC86-1ED3-4059-82A1-AE3C42FBC48B}
IE - HKLM\..\SearchScopes\{1016CC86-1ED3-4059-82A1-AE3C42FBC48B}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\..\SearchScopes,DefaultScope = {E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}
IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\..\SearchScopes\{1016CC86-1ED3-4059-82A1-AE3C42FBC48B}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\..\SearchScopes\{77D5A4D7-FBE8-4688-8B0D-33161A94D186}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKU\S-1-5-21-872871200-901388992-920692641-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}:1.0
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\Firefox [2011/02/02 18:02:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010/07/07 15:05:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/07/27 13:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/04/07 15:09:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/07 10:11:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/07 10:12:32 | 000,000,000 | ---D | M]

[2012/04/07 00:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Extensions
[2011/03/16 23:00:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\qmej6fbq.default\extensions
[2012/04/07 10:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\uxyn99ae.default\extensions
[2012/04/07 10:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\uxyn99ae.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25c}
[2012/04/07 10:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/07 10:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/02/07 22:38:55 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\jar50.dll
[2012/02/07 22:38:55 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\jsd3250.dll
[2012/02/07 22:38:56 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\myspell.dll
[2012/02/07 22:38:56 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\spellchk.dll
[2012/02/07 22:38:56 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\xpinstal.dll
[2012/03/12 21:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/12 21:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylo...00000268283296c
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: MSN\u00AE Toolbar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.32_0\
CHR - Extension: Skype Extension = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
CHR - Extension: Gmail = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/01 20:47:32 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKU\S-1-5-21-872871200-901388992-920692641-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-872871200-901388992-920692641-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-872871200-901388992-920692641-1000..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKU\S-1-5-21-872871200-901388992-920692641-1000..\Run: [googletalk] C:\Users\Dom\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-872871200-901388992-920692641-1000..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-872871200-901388992-920692641-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk = C:\Program Files (x86)\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk = C:\Program Files (x86)\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
O4 - Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-872871200-901388992-920692641-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 132.239.0.252 128.54.16.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35FE35BE-9C04-45B2-B594-242F82B65A23}: DhcpNameServer = 132.239.0.252 128.54.16.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDC94596-2B60-446B-8606-A5575568DFBB}: DhcpNameServer = 132.239.0.252 128.54.16.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\WB: DllName - (C:\Program Files (x86)\Stardock\MyColors\fast64.dll) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8523843c-df14-11e0-8db5-1cc1de8c7d4a}\Shell - "" = AutoRun
O33 - MountPoints2\{8523843c-df14-11e0-8db5-1cc1de8c7d4a}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{d4fedfad-960b-11df-8b11-1cc1de8c7d4a}\Shell - "" = AutoRun
O33 - MountPoints2\{d4fedfad-960b-11df-8b11-1cc1de8c7d4a}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/05/01 20:58:36 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Dom\Desktop\aswMBR.exe
[2012/05/01 20:46:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/30 22:12:21 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe
[2012/04/15 12:22:10 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Curiolab
[2012/04/15 12:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exterminate It!
[2012/04/15 12:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exterminate It!
[2012/04/13 22:24:01 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/04/11 10:01:56 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/11 10:01:56 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/11 10:01:55 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/11 10:01:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/11 10:01:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/11 10:01:54 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/11 10:01:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/11 10:01:53 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/11 10:01:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/11 10:01:53 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/11 10:01:53 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/11 10:01:40 | 005,504,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/11 10:01:40 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/11 10:01:39 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/11 09:57:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/11 09:57:48 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/11 09:57:47 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/09 11:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/04/08 11:01:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/04/08 11:01:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/04/08 10:57:18 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/08 10:57:18 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/08 10:57:18 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/08 10:57:18 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/08 10:57:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/08 10:57:18 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/08 10:57:18 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/08 10:57:18 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/08 10:57:18 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/08 10:57:18 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/08 10:57:18 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/08 10:57:18 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/08 10:57:18 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/08 10:57:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/08 10:57:18 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/08 10:57:18 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/08 10:57:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/08 10:57:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/08 10:57:18 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/08 10:57:18 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/08 10:57:18 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/08 10:57:18 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/08 10:57:18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/08 10:57:18 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/08 10:57:18 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/08 10:57:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/08 10:57:18 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/08 10:57:18 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/08 10:57:18 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/08 10:57:18 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/08 10:57:18 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/08 10:57:18 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/08 10:57:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/08 10:57:18 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/08 10:57:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/08 10:57:18 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/08 10:57:18 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/08 10:57:18 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/08 10:57:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/08 10:57:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/08 10:57:18 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/08 10:57:18 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/08 10:57:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/08 10:57:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/08 10:57:18 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/08 10:57:18 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/08 10:57:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/08 10:57:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/08 10:57:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/08 10:57:18 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/08 10:57:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/08 10:57:18 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/08 10:57:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/08 10:57:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/08 10:57:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/08 10:57:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/08 10:57:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/08 10:57:18 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/08 10:57:18 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/08 10:57:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/08 10:57:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/07 15:40:36 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/04/07 15:40:36 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/04/07 15:40:33 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/04/07 15:40:33 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/04/07 15:40:33 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/04/07 15:40:33 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/04/07 15:40:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/04/07 15:40:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/04/07 15:40:33 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/04/07 14:04:54 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/04/07 14:04:42 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2012/04/07 14:04:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012/04/07 14:04:41 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2012/04/07 14:04:41 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2012/04/07 14:04:41 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012/04/07 14:04:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012/04/07 14:04:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012/04/07 14:04:36 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/04/07 14:04:36 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/04/07 14:04:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/04/07 14:04:35 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/04/07 14:04:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/04/07 14:04:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/04/07 14:04:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/04/07 14:04:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/04/07 14:04:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/04/07 14:04:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/04/07 14:04:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/04/07 14:04:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/04/07 14:04:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/04/07 14:04:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/04/07 14:04:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/04/07 14:04:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/04/07 14:04:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/04/07 14:04:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/04/07 14:04:31 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/04/07 14:04:31 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/04/07 14:04:31 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/04/07 14:04:30 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/04/07 14:04:30 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/04/07 14:04:30 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/04/07 14:04:30 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/04/07 14:04:30 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/04/07 14:04:30 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/04/07 14:04:30 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/04/07 14:04:30 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/04/07 14:04:30 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/04/07 14:04:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/04/07 14:04:27 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/04/07 14:04:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/04/07 14:04:26 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/04/07 14:04:25 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/04/07 14:04:25 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/04/07 14:04:25 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/04/07 14:04:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/04/07 14:04:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/04/07 14:04:22 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/04/07 14:04:22 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/04/07 14:04:22 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/04/07 14:04:22 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/04/07 14:04:22 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/04/07 14:04:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/04/07 14:04:18 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2012/04/07 14:04:18 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012/04/07 14:04:18 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012/04/07 14:04:18 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012/04/07 14:04:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/04/07 14:04:18 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/04/07 14:04:16 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/04/07 14:04:15 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/04/07 14:04:15 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/04/07 14:04:15 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/04/07 14:04:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/04/07 14:04:05 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/04/07 14:04:05 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/04/07 14:03:44 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012/04/07 14:03:43 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/04/07 14:03:41 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012/04/07 14:03:41 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/04/07 14:03:05 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2012/04/07 14:02:56 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012/04/07 14:02:56 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/04/07 14:02:53 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/04/07 14:02:53 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/04/07 14:02:51 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/04/07 14:02:51 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/04/07 14:02:51 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/04/07 14:02:51 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/04/07 14:02:51 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/04/07 14:02:51 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/04/07 14:02:51 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/04/07 14:02:47 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/04/07 14:02:47 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/04/07 14:02:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/04/07 14:02:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/04/07 14:02:47 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/04/07 14:02:47 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/04/07 14:02:47 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/04/07 14:02:47 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/04/07 14:02:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/04/07 14:02:45 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/04/07 14:02:45 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/04/07 14:02:45 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/04/07 14:02:44 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/04/07 14:02:43 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/04/07 14:02:42 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/04/07 14:02:40 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/04/07 14:02:40 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/04/07 14:02:39 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/04/07 14:02:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/04/07 14:02:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/04/07 14:02:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/04/07 14:02:39 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/04/07 14:02:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/04/07 14:02:38 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/04/07 14:02:38 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/04/07 14:02:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/04/07 14:02:38 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/04/07 14:02:29 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/04/07 14:02:29 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/04/07 14:02:28 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/04/07 14:02:28 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/04/07 14:02:27 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/04/07 14:02:27 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/04/07 14:02:25 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012/04/07 14:02:19 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/04/07 14:02:19 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/04/07 14:02:19 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/04/07 14:02:19 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/04/07 14:02:15 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/04/07 14:02:15 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/04/07 14:02:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/04/07 14:02:15 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/04/07 14:02:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/04/07 14:02:14 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/04/07 14:02:14 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/04/07 14:02:13 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/04/07 14:02:12 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/04/07 14:02:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/04/07 14:02:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/04/07 14:02:09 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/04/07 14:02:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/04/07 14:02:07 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/04/07 14:02:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/04/07 14:02:06 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012/04/07 14:02:00 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/04/07 14:01:59 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012/04/07 14:01:59 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/04/07 14:01:55 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/04/07 14:01:54 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012/04/07 14:01:53 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/04/07 14:01:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/04/07 14:01:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/04/07 14:01:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/04/07 14:01:47 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/04/07 14:01:37 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/04/07 14:01:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/04/07 14:01:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/04/07 14:01:34 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/04/07 13:55:39 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/04/07 13:55:38 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/04/06 20:53:54 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Spotify
[2012/04/06 20:53:48 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Spotify
[2012/04/04 14:16:23 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\arc_c7f168a6223596906129c311704b72a4
[4 C:\Users\Dom\Desktop\*.tmp files -> C:\Users\Dom\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/01 21:43:01 | 000,000,512 | ---- | M] () -- C:\Users\Dom\Desktop\MBR.dat
[2012/05/01 21:40:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-872871200-901388992-920692641-1000UA.job
[2012/05/01 21:23:03 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/01 21:10:54 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/01 21:10:54 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/01 21:03:02 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/01 21:02:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/01 21:02:35 | 528,265,858 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/01 21:02:35 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/01 20:58:50 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Dom\Desktop\aswMBR.exe
[2012/05/01 20:47:32 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/05/01 10:40:01 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-872871200-901388992-920692641-1000Core.job
[2012/04/30 22:41:48 | 015,978,768 | ---- | M] () -- C:\Users\Dom\Desktop\Housing Applications.zip
[2012/04/30 22:23:48 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/30 22:23:48 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/30 22:23:48 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/30 22:12:23 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe
[2012/04/30 18:43:23 | 000,144,759 | ---- | M] () -- C:\Users\Dom\Desktop\housing.zip
[2012/04/30 18:16:30 | 000,076,000 | ---- | M] () -- C:\Users\Dom\Desktop\housing2.tif
[2012/04/30 18:15:00 | 000,073,096 | ---- | M] () -- C:\Users\Dom\Desktop\housing.tif
[2012/04/30 17:41:32 | 000,801,947 | ---- | M] () -- C:\Users\Dom\Desktop\LRA-editable (1).pdf
[2012/04/29 22:52:48 | 000,008,814 | ---- | M] () -- C:\Users\Dom\Desktop\image001.png
[2012/04/28 12:31:26 | 006,592,316 | ---- | M] () -- C:\Users\Dom\Desktop\Gotye - Somebody That I Used To Know feat_ Kimbra (TiŽsto Remix)-[www_flvto_com].mp3
[2012/04/28 12:29:30 | 010,431,062 | ---- | M] () -- C:\Users\Dom\Desktop\Erik Arbores - On The Move (Club Mix)-[www_flvto_com].mp3
[2012/04/28 11:52:02 | 011,849,825 | ---- | M] () -- C:\Users\Dom\Desktop\W&W feat_ Bree - Nowhere To Go (Shogun Remix)-[www_flvto_com].mp3
[2012/04/28 11:19:47 | 009,081,263 | ---- | M] () -- C:\Users\Dom\Desktop\David Guetta & Avicii vs_ Laidback Luke - Till Sunshine (Pixel Cheese Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:47:28 | 008,678,142 | ---- | M] () -- C:\Users\Dom\Desktop\Flo Rida ft_ Sia - Wild Ones (VIDA Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:42:50 | 012,976,434 | ---- | M] () -- C:\Users\Dom\Desktop\Ralphie B - Icarus (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:39:18 | 008,266,870 | ---- | M] () -- C:\Users\Dom\Desktop\Avicii feat_ Nervo - You're Gonna Love Again HQ-[www_flvto_com].mp3
[2012/04/28 02:37:10 | 008,918,886 | ---- | M] () -- C:\Users\Dom\Desktop\Michael Woods - 'Airborne' [OFFICIAL]-[www_flvto_com].mp3
[2012/04/28 02:36:17 | 008,475,013 | ---- | M] () -- C:\Users\Dom\Desktop\Hilton Farris f_ Trevor Hastings - Kings (Beat Thrillerz Remix)-[www_flvto_com].mp3
[2012/04/28 02:31:10 | 010,297,524 | ---- | M] () -- C:\Users\Dom\Desktop\Marc Marberg with Kyau & Albert - Megashira (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:29:25 | 006,207,376 | ---- | M] () -- C:\Users\Dom\Desktop\The Naked & Famous - Young Blood (TiŽsto & Hardwell Remix)-[www_flvto_com].mp3
[2012/04/28 02:29:09 | 008,970,922 | ---- | M] () -- C:\Users\Dom\Desktop\tyDi feat_ Dj Rap - Talking To Myself (Maison & Dragen Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:48 | 011,029,789 | ---- | M] () -- C:\Users\Dom\Desktop\LUIGI LUSINI -WATERFALL- - Original mix-[www_flvto_com].mp3
[2012/04/28 02:27:36 | 009,001,642 | ---- | M] () -- C:\Users\Dom\Desktop\Dakota - Gypsy Room (Duderstadt Remix)-[www_flvto_com].mp3
[2012/04/28 02:26:35 | 007,370,974 | ---- | M] () -- C:\Users\Dom\Desktop\Michael Calfan - Resurrection (Axwell's Recut Club Version)-[www_flvto_com].mp3
[2012/04/27 17:28:28 | 040,571,779 | ---- | M] () -- C:\Users\Dom\Desktop\Physics Book!.pdf
[2012/04/15 12:20:27 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2012/04/14 01:20:43 | 000,001,129 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/13 22:24:02 | 000,002,296 | ---- | M] () -- C:\Users\Dom\Desktop\Google Chrome.lnk
[2012/04/13 01:41:59 | 000,001,945 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2012/04/08 11:05:31 | 000,001,433 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/08 10:57:18 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/08 10:57:18 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/08 10:57:18 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/08 10:57:18 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/08 10:57:18 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/08 10:57:18 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/08 10:57:18 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/08 10:57:18 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/08 10:57:18 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/08 10:57:18 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/08 10:57:18 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/08 10:57:18 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/08 10:57:18 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/08 10:57:18 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/08 10:57:18 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/08 10:57:18 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/08 10:57:18 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/08 10:57:18 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/08 10:57:18 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/08 10:57:18 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/08 10:57:18 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/08 10:57:18 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/08 10:57:18 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/08 10:57:18 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/08 10:57:18 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/08 10:57:18 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/08 10:57:18 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/08 10:57:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/08 10:57:18 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/08 10:57:18 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/08 10:57:18 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/08 10:57:18 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/08 10:57:18 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/08 10:57:18 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/08 10:57:18 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/08 10:57:18 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/08 10:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/08 10:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/08 10:57:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/08 10:57:18 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/08 10:57:18 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/08 10:57:18 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/08 10:57:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/08 10:57:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/08 10:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/08 10:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/08 10:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/08 10:57:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/08 10:57:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/08 10:57:18 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/08 10:57:18 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/08 10:57:18 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/08 10:57:18 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/08 10:57:18 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/08 10:57:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/08 10:57:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/08 10:57:18 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/08 10:57:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/08 10:57:18 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/08 10:57:18 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/08 10:57:18 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/08 10:57:18 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/08 10:57:18 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/08 10:55:36 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/07 15:32:18 | 005,004,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[4 C:\Users\Dom\Desktop\*.tmp files -> C:\Users\Dom\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/01 21:43:01 | 000,000,512 | ---- | C] () -- C:\Users\Dom\Desktop\MBR.dat
[2012/04/30 22:41:31 | 015,978,768 | ---- | C] () -- C:\Users\Dom\Desktop\Housing Applications.zip
[2012/04/30 18:49:27 | 000,076,000 | ---- | C] () -- C:\Users\Dom\Desktop\housing2.tif
[2012/04/30 18:49:27 | 000,073,096 | ---- | C] () -- C:\Users\Dom\Desktop\housing.tif
[2012/04/30 18:43:23 | 000,144,759 | ---- | C] () -- C:\Users\Dom\Desktop\housing.zip
[2012/04/30 17:41:30 | 000,801,947 | ---- | C] () -- C:\Users\Dom\Desktop\LRA-editable (1).pdf
[2012/04/29 22:52:47 | 000,008,814 | ---- | C] () -- C:\Users\Dom\Desktop\image001.png
[2012/04/28 12:31:14 | 006,592,316 | ---- | C] () -- C:\Users\Dom\Desktop\Gotye - Somebody That I Used To Know feat_ Kimbra (TiŽsto Remix)-[www_flvto_com].mp3
[2012/04/28 12:28:13 | 010,431,062 | ---- | C] () -- C:\Users\Dom\Desktop\Erik Arbores - On The Move (Club Mix)-[www_flvto_com].mp3
[2012/04/28 11:49:51 | 011,849,825 | ---- | C] () -- C:\Users\Dom\Desktop\W&W feat_ Bree - Nowhere To Go (Shogun Remix)-[www_flvto_com].mp3
[2012/04/28 11:18:47 | 009,081,263 | ---- | C] () -- C:\Users\Dom\Desktop\David Guetta & Avicii vs_ Laidback Luke - Till Sunshine (Pixel Cheese Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:47:12 | 008,678,142 | ---- | C] () -- C:\Users\Dom\Desktop\Flo Rida ft_ Sia - Wild Ones (VIDA Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:42:25 | 012,976,434 | ---- | C] () -- C:\Users\Dom\Desktop\Ralphie B - Icarus (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:39:02 | 008,266,870 | ---- | C] () -- C:\Users\Dom\Desktop\Avicii feat_ Nervo - You're Gonna Love Again HQ-[www_flvto_com].mp3
[2012/04/28 02:36:53 | 008,918,886 | ---- | C] () -- C:\Users\Dom\Desktop\Michael Woods - 'Airborne' [OFFICIAL]-[www_flvto_com].mp3
[2012/04/28 02:36:01 | 008,475,013 | ---- | C] () -- C:\Users\Dom\Desktop\Hilton Farris f_ Trevor Hastings - Kings (Beat Thrillerz Remix)-[www_flvto_com].mp3
[2012/04/28 02:30:50 | 010,297,524 | ---- | C] () -- C:\Users\Dom\Desktop\Marc Marberg with Kyau & Albert - Megashira (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:29:13 | 006,207,376 | ---- | C] () -- C:\Users\Dom\Desktop\The Naked & Famous - Young Blood (TiŽsto & Hardwell Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:52 | 008,970,922 | ---- | C] () -- C:\Users\Dom\Desktop\tyDi feat_ Dj Rap - Talking To Myself (Maison & Dragen Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:26 | 011,029,789 | ---- | C] () -- C:\Users\Dom\Desktop\LUIGI LUSINI -WATERFALL- - Original mix-[www_flvto_com].mp3
[2012/04/28 02:27:19 | 009,001,642 | ---- | C] () -- C:\Users\Dom\Desktop\Dakota - Gypsy Room (Duderstadt Remix)-[www_flvto_com].mp3
[2012/04/28 02:26:20 | 007,370,974 | ---- | C] () -- C:\Users\Dom\Desktop\Michael Calfan - Resurrection (Axwell's Recut Club Version)-[www_flvto_com].mp3
[2012/04/27 17:28:02 | 040,571,779 | ---- | C] () -- C:\Users\Dom\Desktop\Physics Book!.pdf
[2012/04/15 12:20:27 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2012/04/14 01:20:43 | 000,001,129 | ---- | C] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/13 22:24:02 | 000,002,296 | ---- | C] () -- C:\Users\Dom\Desktop\Google Chrome.lnk
[2012/04/13 01:41:59 | 000,001,945 | ---- | C] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2012/04/08 10:57:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/08 10:57:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/07 00:11:33 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/01/04 16:31:33 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/01/01 21:48:55 | 006,908,648 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012/01/01 21:48:55 | 000,017,686 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/08/12 16:27:39 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/08/12 16:27:39 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/08/11 08:00:54 | 000,000,233 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2011/07/07 23:37:28 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/06/11 16:57:55 | 000,000,000 | ---- | C] () -- C:\Users\Dom\AppData\Local\{ED7C6ED9-33DF-42A8-A72E-FDA42B508812}
[2011/05/24 04:03:24 | 000,276,232 | ---- | C] () -- C:\Users\Dom\AppData\Local\ConduitInstaller.exe
[2011/04/06 16:43:09 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/03/27 12:43:08 | 000,096,768 | ---- | C] () -- C:\Users\Dom\AppData\Local\Bloson.exe
[2011/03/21 04:36:30 | 000,026,456 | ---- | C] () -- C:\Users\Dom\AppData\Local\bloson.bmp
[2010/11/13 03:14:46 | 000,062,648 | ---- | C] () -- C:\Users\Dom\AppData\Local\toolbar3.bmp
[2010/11/12 03:09:56 | 000,195,108 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral3.bmp
[2010/11/12 02:44:14 | 000,193,744 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral1.bmp
[2010/11/12 02:10:58 | 000,193,744 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral2.bmp
[2010/09/21 06:30:37 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2010/09/20 17:18:23 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/09/20 17:18:22 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/09/20 17:18:22 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/09/20 17:18:22 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/09/20 17:18:22 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/09/20 17:18:22 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/09/20 17:18:22 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/09/20 17:18:22 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/09/20 17:18:22 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/09/20 17:18:22 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/09/20 17:18:22 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/09/20 17:18:22 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/09/20 17:18:22 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/09/20 17:18:22 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/09/20 17:18:22 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/09/20 17:18:22 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/09/20 17:13:34 | 000,000,044 | ---- | C] () -- C:\Windows\EPNX210.ini
[2010/08/16 20:10:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/07/29 16:09:40 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/29 15:14:10 | 000,667,136 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.dll
[2010/07/29 15:14:09 | 000,414,208 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe
[2010/07/29 15:14:09 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll
[2010/07/22 18:41:52 | 000,038,407 | ---- | C] () -- C:\Windows\scunin.dat
[2010/07/07 14:50:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/07/07 14:42:55 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010/07/07 14:39:11 | 000,000,312 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/07/07 14:39:11 | 000,000,253 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/06/15 15:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/15 11:01:12 | 000,057,904 | ---- | C] () -- C:\Windows\SysWow64\wbload.dll
[2010/05/18 14:46:04 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini

========== LOP Check ==========

[2010/07/23 01:14:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\acccore
[2012/04/09 12:48:38 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Audacity
[2011/07/28 07:16:10 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Avnex
[2011/02/13 18:15:31 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Azureus
[2012/04/15 12:22:10 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Curiolab
[2010/07/22 20:42:20 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DAEMON Tools Lite
[2012/04/06 14:48:03 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Dropbox
[2010/09/21 06:27:57 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Epson
[2012/03/30 18:53:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FileZilla
[2011/05/24 17:39:43 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ijjigame
[2011/11/30 21:39:40 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\JasonRobitaille
[2010/09/20 17:19:10 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Leadertech
[2011/05/24 16:17:39 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\LolClient
[2011/04/25 18:52:32 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ooVoo Details
[2010/11/21 18:31:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OpenOffice.org
[2010/07/28 01:22:15 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OtakuSoftware
[2012/01/04 16:31:33 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\PACE Anti-Piracy
[2011/04/05 21:13:55 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SoftGrid Client
[2012/04/07 10:11:30 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Spotify
[2011/04/22 23:09:04 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/07/28 07:07:28 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\streamripper
[2010/07/28 10:05:26 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Thinking Minds Budiling Bytes
[2010/09/20 07:39:42 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TP
[2010/12/12 03:15:02 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Unity
[2010/12/10 14:35:00 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\WildTangent
[2011/09/22 17:42:27 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Windows Live Writer
[2012/02/02 23:04:14 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/05/18 12:32:33 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/05/18 12:30:13 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/05/18 12:32:33 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/05/18 12:30:13 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/05/18 12:32:32 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/05/18 12:30:13 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/05/18 12:32:33 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/25 23:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/05/18 12:30:13 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/05/18 12:32:33 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/05/18 12:32:33 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010/05/18 12:32:33 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
"DhcpNodeType" = 8
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{35FE35BE-9C04-45B2-B594-242F82B65A23}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
"DhcpNameServerList" = 132.239.0.201132.239.0.202 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{BDC94596-2B60-446B-8606-A5575568DFBB}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
"DhcpNameServerList" = 132.239.0.201132.239.0.202 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{BFF2847F-32E8-418D-B49D-2FD99A73E97E}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 0A 01 04 01 00 01 2A 01 07 01 26 01 29 01 25 01 28 01 27 01 0C 01 24 01 18 01 17 01 23 01 22 01 21 01 20 01 1F 01 1E 01 1D 01 1C 01 1B 01 1A 01 19 01 0E 01 06 01 16 01 15 01 14 01 13 01 12 01 11 01 10 01 0F 01 03 01 0D 01 01 01 0B 01 09 01 08 01 05 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 42
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/07 22:39:02 | 000,450,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/07 22:39:02 | 000,450,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/07 22:39:02 | 000,450,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/02/07 22:38:58 | 007,678,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/02/07 22:38:58 | 007,678,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/07 22:38:58 | 007,678,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Dom\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Dom\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Dom\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Dom\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/04/08 10:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/04/08 10:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/04/08 10:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/04/08 10:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/04/08 10:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/02/07 22:39:02 | 000,450,928 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/02/07 22:39:02 | 000,450,928 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/02/07 22:39:02 | 000,450,928 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/02/07 22:38:58 | 007,678,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/02/07 22:38:58 | 007,678,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/02/07 22:38:58 | 007,678,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\DOM\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\DOM\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\DOM\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\DOM\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/04/08 10:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/04/08 10:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/04/08 10:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/04/08 10:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/04/08 10:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7600
Copyright © 1999-2008 Microsoft Corporation.
On computer: DOM-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 F DVD-ROM 0 B No Media
Volume 1 G DVD-ROM 0 B No Media
Volume 2 H DVD-ROM 0 B No Media
Volume 3 SYSTEM NTFS Partition 199 MB Healthy System
Volume 4 C NTFS Partition 446 GB Healthy Boot
Volume 5 D RECOVERY NTFS Partition 18 GB Healthy
Volume 6 E HP_TOOLS FAT32 Partition 103 MB Healthy

< End of report >
-------------------------------------------------------------------------------------------------------------------
This is the Extras Log:
OTL Extras logfile created on: 5/1/2012 9:46:05 PM - Run 2
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Dom\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 36.90% Memory free
7.60 Gb Paging File | 4.86 Gb Available in Paging File | 63.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.84 Gb Total Space | 286.63 Gb Free Space | 64.15% Space Free | Partition Type: NTFS
Drive D: | 18.63 Gb Total Space | 2.70 Gb Free Space | 14.51% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 90.62 Mb Free Space | 91.52% Space Free | Partition Type: FAT32

Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-872871200-901388992-920692641-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- C:\PROGRA~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- C:\PROGRA~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- C:\PROGRA~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- C:\PROGRA~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04230A5A-8765-464D-B7E8-31FD3DFDD6A8}" = rport=139 | protocol=6 | dir=out | app=system |
"{04AECD38-470C-4E76-8C9B-9B1188A11015}" = lport=37677 | protocol=17 | dir=in | name=oovoo udp port 37677 |
"{0DE9BA60-84C3-4A12-8320-A00220DAB5A1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{188264D9-7899-4F63-A770-D19179E5CF0B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{18FFB05F-A2F1-4F2B-AEEA-B8C39424344B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1CF3CDFB-9973-4728-B981-59AE8828D2AB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{24DF7580-FF86-4EFB-A0D2-B6BBA1F425B5}" = lport=37676 | protocol=6 | dir=in | name=oovoo tcp port 37676 |
"{3024DE78-73BA-40BC-A010-F44C69F26F74}" = rport=138 | protocol=17 | dir=out | app=system |
"{3C42A180-F1D3-483A-A716-89331689D32D}" = lport=137 | protocol=17 | dir=in | app=system |
"{3EC04E2C-5E2A-4117-B662-8B23615262FA}" = lport=445 | protocol=6 | dir=in | app=system |
"{46A66C85-427B-4B99-9CBE-FC325663230D}" = lport=139 | protocol=6 | dir=in | app=system |
"{4B44907E-6D46-464E-80E1-B9DC300EF2B4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{59188A6D-BA0A-4723-A6BE-8C137C0C7B98}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59EF7B31-69C3-4964-AFBB-54E5363F601F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{5C0DCEA7-91F9-4938-B736-242FDA28BE7D}" = rport=445 | protocol=6 | dir=out | app=system |
"{62F4599D-E1F8-4FF8-9AB6-229951BC4002}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{695B7604-68DD-458F-93F6-916B12031F1A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6F628251-ED58-42AA-B37B-0DFDFD10890A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{772CE6BE-E126-4B41-8CA7-A3385DFF1380}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{7DED8721-3697-41F7-AC43-5F82627ABFA4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{842B53B2-3262-41DD-81C3-9466B326D0F5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{89D7138D-100A-4D56-A730-122D755A02B3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93792493-3D6A-44B8-9E69-116DF2A65129}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{95F7013E-C1BB-4A9C-8B33-205B43D3850B}" = rport=137 | protocol=17 | dir=out | app=system |
"{A199BE5F-B4F1-4094-9009-09D274DADCB6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B1913C03-E067-49E5-8F9A-C0829B9FFC3E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B935217B-E90F-4BDB-867B-2BA0E5BFB6FE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C496BB45-D733-42C1-B342-B163F1888F38}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D8C770E2-76C7-44B1-B3A5-B42EB1D62E68}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD2FA075-959C-4630-A4FF-05AB71B5355F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F22FBABD-9F52-4E36-9477-FA7D432A6517}" = lport=138 | protocol=17 | dir=in | app=system |
"{F374C1C8-586D-49B9-AB6D-735068475FCE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8483536-9333-4716-B99E-29F965097B74}" = lport=37676 | protocol=17 | dir=in | name=oovoo udp port 37676 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00587324-8928-4929-844A-5C5ED9138A12}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{02A63CB0-CE3C-40E2-B77E-C825378584CF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{033000DE-68BC-4BB2-B6A1-AF8FF59DE36D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{03A621E8-115B-4665-AA20-309665C2D4C1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{03FF7422-03B0-4ECE-B0C8-3BF154B46880}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0621DA29-47B4-42A9-9748-DDB53A548775}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{06A7D3A9-FA63-42AD-9501-ABD57A527353}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{0E916466-03B3-469D-B452-B69222106F9D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{100ACA78-8D65-43EE-84A2-78D64C559CF5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10A08CC8-D629-4AFC-A1AE-34B81A8E319E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1128E354-2B17-48D6-B290-EE0A23D736CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{13801FBA-5289-40AB-A32F-A84609BADF69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{13EAEA1B-BDCC-4188-BFB1-D4475241DBDC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{146A4E03-461A-43D0-83F9-3642FD2E7D20}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{18BBE6FE-62C3-4C8D-BC49-80A062F13897}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1B4BE740-C74F-428A-818F-44B589110029}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1C1E5C22-34AB-455D-AB7D-EEECE64C6550}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{20E98197-4054-4740-AB36-CAEEE903A18C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21D925DA-CB94-4D69-97BD-9FB11DCD1B5D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{23ACA2D7-F227-48F7-B3CD-68ACC7C02D13}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{258538B2-8DAC-4BC3-AC91-B3690B59FDEA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{277B40B7-84F9-4355-85EB-FC80AAB77C92}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{27F0A580-89B0-428E-A18D-FBD76BDB98A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{283FE5A8-455B-4E10-92BC-75FBDDE696EF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{28D31A88-5AAD-457D-9452-354257A63308}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{2AFD3D83-5EA3-41BA-B7B3-A1471DDB8156}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B26C434-0858-4DB5-B237-B24EC8F77CBE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B496BA2-0576-4E32-9C18-9AC771DE5B8C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\itv\qp.exe |
"{2BEEF413-7A3E-4B14-B881-27044A94F63C}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{2D98912B-4A92-49BD-87A5-7BE99D83B6A0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2E1B40C3-6255-437D-B10B-E809EEC6DC33}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2E4970FA-7C70-469D-80F8-F2A2C481F877}" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{3317ED6A-33FC-47C3-916D-56AB2243D07C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3364E565-4BCA-4501-9EBC-CDF137FA15FF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{36DCCEA8-5258-415D-B821-1E52FF9369B7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3744529F-EBB5-47E0-B109-29175FD23F3D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3B89D6C2-FEE6-4654-806C-F6B95569C9A6}" = protocol=17 | dir=in | app=c:\users\dom\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{3C20E5DA-F7B9-4EB1-AFC1-C4228DCDCAB8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C63A832-94C8-41CA-A771-A53AD4FB7206}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3E38779F-3D07-46F5-A85A-44A6498F08A1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3EC9F38D-EC5F-4462-BA03-E3E18A5C971F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{40B0A8E9-0897-4E79-A55D-88D44E0C0EF0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{412D48D5-FD4B-41E1-94CA-97D97429EDC0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4224C517-D80F-42F3-A140-ADE306A3135F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{42D69D2D-B36A-4080-AD8E-47D236E98AC1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43A07029-FEDE-4B1F-BC98-78EDA25EA1AE}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{44FA0841-4F95-433D-A6F2-BAE103D96760}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{47405631-E94B-4137-8D3F-D8644C368AF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{47617BCC-AFCB-401E-99CF-870307E1B4D2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{47D1E6D7-319F-4C2A-A366-91CE7EB13ED9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4806A191-AD02-4BB7-9468-1DDFDA9C6148}" = protocol=6 | dir=in | app=c:\users\dom\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{485377BC-6ECA-46D9-AD5C-ACBEC2A46CC7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4A38848B-6D34-4EEC-9DD6-9F6EF7EF2454}" = protocol=1 | dir=in | [email protected],-28543 |
"{4A6CAB9F-D83D-4C50-B0BA-9DD717D61116}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4D448330-989A-4080-90BF-241605520480}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4D51CDA3-8D85-41B3-BF8D-723E980C1CB3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4EAB5C07-6099-405D-B4BA-18B732CD5817}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{4FCD4E1F-181A-4794-8A89-1A902B3E9820}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{52DF4B10-4580-492C-9D5C-B15911F4630F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{54B050F5-5F98-4B45-9CBF-C908CBDAB956}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5521F61F-1B4F-4CF6-926D-00F505803F5A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{57B771D5-D2BC-4391-9EA1-51A346514171}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{58D16C6C-F175-44A7-946E-A0C0A7512569}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{598CD0D2-9590-4C6B-BDC3-5733852865DC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{5A0E2193-D7CC-45FA-BF18-B8F5C9B5DD4B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CE583B2-2160-4C0E-8BED-8B0E59559539}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5D27E8C7-BA3C-4884-B5F2-90F1B145A48E}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{5F452356-91E2-477C-8975-2185E03005CF}" = protocol=6 | dir=out | app=system |
"{6222D604-49C5-4F0B-9188-971A1126FE9C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{639D1988-5EAF-4557-8548-619D0C0775EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{63C30407-61F0-44F1-B768-DED60B3E75ED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{64DEA992-F75E-4B1B-8613-FEC2A681AC22}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6676F368-9A2B-4B78-9E18-1511AD5D697F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{667AD821-205C-460B-A7EC-6827BB9B339C}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{67720407-131D-42C9-9574-DFC0DE57236F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67BA9DD5-5E9F-44CA-AD1F-939F744DF5D6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67D0128E-847B-4889-BF16-CBE2AEFD4B31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{68AAD611-A598-447A-9721-3245E486962D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6989024B-6428-45DF-9080-26E5A49E0F18}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{69C7AB9E-2D04-48F5-8D06-31B2C342EECA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A09F138-A4C7-467E-9FCD-32E34B617AB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A463CD5-471F-4D07-A467-4C4D10D057CD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6AC899A6-246E-40A4-949B-BB1730B576DD}" = protocol=6 | dir=in | app=c:\users\dom\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{6DCCCBA9-EB9C-4023-8964-6B31E6BF0B83}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6EA1A45B-582A-4C80-92AE-A1A4967329B9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\itv\hpitv.exe |
"{70D65274-3329-4CAA-935C-70BDB3B7F82A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{730DF158-3404-4952-A5C1-DA3B355C3DB4}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{742C96FB-96F4-4FA8-A61B-BDA0BE61B4D7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{749AFFAB-4F84-4E3C-B737-8D7729BA8671}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7669E09C-EEAA-49CA-B173-2EE978839A82}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{769BFDDC-7937-43C4-8B84-D971B9884643}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{772C5A87-D10F-4925-9BD1-1103C2BCE07D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{78197937-1238-49E3-B709-A6B3226926A1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7A4E934C-28C7-4B61-AED8-D8EB59C67EBC}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{7D5849B6-711F-4B9E-A689-07E6415FD09B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7E83A88F-A37B-453B-98FC-11B80B1E1590}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7E86E936-84AA-4B59-B2F2-DBFE7179F4C0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7FC76C1A-6854-4237-9699-9C8AACAFFD05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{803C75D4-8B36-48E7-A48E-14A0F8E7DB57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{811C3CA5-4366-46CF-8FC9-625D17312503}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{81E2FCD0-73D1-45C2-BAB1-5A0A072E3A61}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{823C9508-1102-4002-A12D-79709E872C53}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{84D0F1C5-C66B-4570-8D6E-7E91D080E62D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{84D75E67-A726-4EC7-80CA-95990958585C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{857C0068-3FF1-4F6D-89BF-64F41397F5D7}" = protocol=1 | dir=out | [email protected],-28544 |
"{860D4D07-B1C3-4591-84FF-43B9C1AA4F91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{862430B8-326C-4204-9679-3995D535D8AE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{876F61AD-EA58-48F5-8D7F-80E4AABD5423}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{890E7380-C67A-4B72-956B-553FCCB46250}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8CE84DCD-73E9-4D8E-BBE6-C46CFD7DB871}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8D38F29D-C03B-4C0C-B834-1ABBB55962AA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8E054178-3A86-465A-9EDE-8B73330D75F3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8E44E4F1-BEAB-408D-884A-364928D12A89}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8E4C3D98-CCFA-4E5C-90D5-D4E53E481937}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8FDB4EF8-0262-46B4-ABBC-E87A08724A13}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8FEB74E3-D9FA-4181-A696-0E8C02BECB5E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{90AE08AE-4F56-46EA-84F0-3534AF5F5099}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{90CCF860-70EC-40C8-98D5-F863E72A50D8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{914AD0E7-7542-49E4-8E2E-84ED231337C3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91D0323B-A416-4BAF-8D49-E5E780D67C2F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92775ABB-9846-4A0E-A205-9740DC76D8CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9365996E-9F91-4563-9D22-FA635E40B060}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{959C02D2-2A35-4BAE-B6CD-0BFFC801BF53}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{95C01E24-60E6-47C8-B7A7-9BFE7292A050}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{96AACA4D-A2BE-448D-8E5F-3A4D586FF5F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{96F66878-C20F-4845-9BD5-5B8D79B1DF6D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{991A32CE-C329-46A4-8604-FA9AC1A2188A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9B8252B9-AAF1-4DA1-B3DE-408378534912}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9D0546C1-83F5-4832-9AEA-B20F1C808068}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9E5C359A-EB94-4A96-B77D-6A8B89466365}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9E96620F-B5D1-4E5C-9A17-03A9147E2F6F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9F6B6A1F-A950-4054-B8D6-D3A9CEB668A2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A08744A2-6E46-4C38-BF76-A2B6B24AE0ED}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{A12945CA-B415-47C6-A652-59DAE7263264}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A15163C0-1AF6-49EE-9C32-B9C823B7B4A2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A38D24FF-4C4E-45FC-833A-34A41B1AFE01}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A42FC6C3-7523-4033-86D2-1028DEF62A51}" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{AC7AFB89-1B2D-4ECE-97FF-FA5049E7C6D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ACA9C17D-E443-4130-B661-74922C475A66}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ADCC9E0D-EAB5-49FC-B607-F8D41978D8BB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AF524B08-4501-49B0-9DA9-9508E6A20B44}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AFB05E82-8814-4965-A676-D699591B5154}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{AFEA40F2-AB88-49E9-B128-6B17EDC17D99}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B048A71A-29DE-4D45-BEC6-F2C32E518730}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B0811AF0-80A1-456B-AEE1-8DAA302142ED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B08FAB97-D4A5-466F-9637-94EF28E90499}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B0AA0F05-0CA9-4E47-AA77-B643F8B733CD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B0D712B2-D858-46B2-9C80-22CBCBFD1B46}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{B31CF8AF-9F8C-48B0-809A-4E49FD60D798}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B363FF44-7AA2-4265-9D46-25BB49D81302}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B5AAF532-5637-494E-80E4-542233D72E63}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\itv\qpservice.exe |
"{B6FE3713-0C19-4E40-B89E-BDDA8E72CDE0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B6FFD2E3-92C3-430D-BEF9-C88C69713C19}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B8D393D7-B490-4040-9D9E-187D6F040E6F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B9707B47-10EE-445F-9A79-877F577EA644}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BB0FB61C-C393-4938-BCDF-808B6EEB5844}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC59A593-7E1C-484A-88E6-6C2404B3B1BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BCEA243F-F4A9-4DB5-AAAF-B1940F82695A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BD067288-6AB6-431D-BAD8-E23ECAA48A79}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C14B4495-DFE6-497C-A1E1-220B02329446}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C420E044-E8CF-4B4D-BD24-9AE872118F31}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4A8AD36-4737-41DB-A995-A8809186F30B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C5889596-4C0B-4076-B784-67F953B640D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C6478D88-32AB-4898-B913-68042CC6A79C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C6A5FC12-4851-4BE8-BA7C-ACD6AB5CB899}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C74CCB50-2EED-4EC4-AC54-720418DD21B5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C95405CA-42D6-41BE-9768-C25A0655E08E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C98EAFAE-57D3-48F3-9BB4-62090F226494}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CA80BEA0-C66F-4A55-8B60-75B3BEB4C004}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAF1E88B-ED07-414A-B4B3-EB399153345C}" = protocol=17 | dir=in | app=c:\users\dom\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{CC32CBE7-5A52-4ABB-997D-DB9078B9A86D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CE6E396E-55D7-4EA3-B9DD-44574AFC7605}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CE6FCAE6-784E-4522-8710-350161F56A85}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D2262D8D-CD4F-4D24-9703-A9351EB96088}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D2550C85-0534-4BF4-9A0B-DDD237E7D0DC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D46114FB-7292-4DA7-8222-79873D109DED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D47E993F-3EE8-4526-8074-FAD5F065E943}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4DB8D8E-4D5B-456D-BA2D-B41E261B93F1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D52D4B86-DE38-487B-80EF-9033FD881D89}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{D5755923-D974-47EE-9B91-85BA7B8EC8FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D5C55EB6-EC42-4CFA-828B-EB4658C3EC26}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D605ABA9-793A-4864-BB42-74F2EB9F189B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D6241736-8574-4424-BC2F-A6175EDE2784}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D89DCB6B-2FCF-40CC-B815-D943A4667E1F}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{D8A040DE-3210-42BF-8A3C-742F490AE4C0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8C13B36-7BF2-4E48-8ECC-F08D81862F7A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DFA35A14-49D0-4320-B8F4-1639A75FC798}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DFC5E3B2-74D6-4707-855F-6FC12270FE15}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E00E90D0-E28E-4A71-9CB9-51230512A3D1}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{E0396D6C-B49E-4193-B8A0-B5354F4D8079}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E1094930-9DF0-496E-95DB-7224FE9C9754}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E565D8E4-BB89-476C-8615-41728AB798F4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E66ED156-63B3-468E-A4F9-99578A342029}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E68A8C9C-A11C-4875-9F81-F552764D518C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E8412B96-0F13-47A0-A65E-4131E24BECDA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E84ADEE9-5A6D-4B3F-9388-BA6AA70DC75B}" = protocol=58 | dir=in | [email protected],-28545 |
"{E905088A-BBB9-482C-9468-4446A41456CB}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{E91A7F10-7B60-4BCD-97A8-54F9F16C0B87}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E94219B9-518D-45B6-90D0-5A4098DA17F3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EA0A152E-E3D3-4DED-8A8B-BE46831BA0F5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EA132D26-1D34-4D51-95FF-33940E5AB78E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EB6773AA-57D5-4244-A48A-F4B3A0981AC1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ED0ABE34-F52A-486B-81FA-DCD3F86A08B1}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{ED4D2B58-0A6E-4BE7-B1AA-20ABC0DCC744}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ED575D50-828E-4359-8A93-23F4218BDF22}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EDC34368-D15C-4F3F-9FA8-C038350F89BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EDFA282F-6A47-4856-B7C2-63BC94D5DE69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EF5887E4-429E-44C6-888C-84A4CC9C6D19}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F0C22A80-9EB2-4B0B-9D06-7117C3E91EB1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F12BB0B0-3DCD-4182-9130-C3B7FB44D731}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{F22904FD-4151-46E3-A104-0D7012BB8103}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F3873F87-3C04-4B3A-802D-DA7C8311772B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F475B243-9EAE-455F-A2E6-B05754FFFC29}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F7ECF4AF-9166-45DF-953D-8E4446A6492C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FA6E04B2-348A-4C09-B72E-F1C6682110CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FA9935C4-E28E-4A14-B33C-453D9E9877AE}" = protocol=58 | dir=out | [email protected],-28546 |
"{FAB9A10A-3213-4B94-9C0B-F98CAA47B346}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FED8DA32-7396-4F2B-BF9D-006FDDD5BCC9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FF789BAC-0EFA-4019-932F-95FAD3891A50}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FFB423C6-76A6-4580-9B84-4609E28D9A26}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{0361C838-236D-4BBA-B8CA-740BD7079EC7}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{1A02F84C-37FC-4A3F-B37E-126DE35007E3}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"TCP Query User{22B180DF-19CF-4592-B287-368BEAEAA60E}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{297E478D-AFBC-4BA8-933F-B44161523F18}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{39064546-F29F-461D-B690-F1E1A62E5F93}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{47124505-5D7A-4BD1-9F2E-71105444BC81}C:\program files (x86)\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"TCP Query User{4A96F14A-8831-4856-A331-7C9FC3F444C0}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{55CA4D75-38FB-47BD-9016-EA9BB0FF8336}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"TCP Query User{5B1A04E7-D97D-40D6-96C0-9C625856F232}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"TCP Query User{6D1BB9F9-580F-428C-A1D0-1CFF649CD875}C:\program files (x86)\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"TCP Query User{863E2BAD-1634-487A-9DD9-15230E18311C}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{9B0B6BD1-A042-40A4-9B72-5991F07F7657}C:\ijji\english\gunz\gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
"TCP Query User{A335DFA2-EF81-492A-ABA6-D51CC3BC6C03}C:\program files (x86)\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
"TCP Query User{A44E8CF8-54FC-483C-9473-2541885820AD}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{AF2E4003-ACAC-493A-9F5A-D46F727C63A4}C:\program files (x86)\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"TCP Query User{BB804C33-AD46-45EB-A30F-0807CAA81E20}C:\program files (x86)\yugioh virtual dueling\yugioh virtual desktop 9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yugioh virtual dueling\yugioh virtual desktop 9.exe |
"TCP Query User{D9B37EBC-C527-474E-8122-8EB5C96463ED}C:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe |
"TCP Query User{E61A9775-A7AA-4A15-A2EB-FC7B634BA6C8}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"UDP Query User{0AEAB738-1094-4A3A-B63D-05351ABB17D4}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"UDP Query User{158F053A-B980-456D-9203-E6C8189BA362}C:\program files (x86)\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
"UDP Query User{23450854-2B72-45FE-93CB-957E34C30563}C:\ijji\english\gunz\gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
"UDP Query User{34C13D8E-45F6-4F55-88B6-C98EF6F01420}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"UDP Query User{39E50EB0-6A9F-4616-AE77-72530C6B7DD8}C:\program files (x86)\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"UDP Query User{7DD5FF9D-AC3C-438E-88E3-507DA1BAEBD3}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"UDP Query User{86FF935C-F46A-4DD7-BAF8-F00AE2CD26D8}C:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe |
"UDP Query User{8717C36B-549A-419E-9635-784466F3DFDC}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{90F93BB6-CAC6-4E32-BFC5-B9F41CCBF200}C:\program files (x86)\yugioh virtual dueling\yugioh virtual desktop 9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yugioh virtual dueling\yugioh virtual desktop 9.exe |
"UDP Query User{96CD3650-BCF0-4B23-8465-81536C6304EB}C:\program files (x86)\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"UDP Query User{9DF015CC-3AE0-4356-9AC2-12676047E8DB}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{B259F254-0572-43D0-AC6B-D1442E5E1E62}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{C4C17587-2F9F-4F1A-AB9F-F050D150684A}C:\program files (x86)\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"UDP Query User{CB10A95F-7446-44CE-8748-8DEB40BC9F9F}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"UDP Query User{DA73557A-C539-4652-B9D6-CD8A00B02EA6}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{E6BEA4C5-EC91-49E4-9595-3F40818BFB85}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{F78F77D9-E9BB-4DE4-96E0-CD8BBFA2E661}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{FAEA9711-0EF8-42B0-819B-FF58C76D4962}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0279C882-B150-44B6-A769-A7C8A2F31CE3}" = HP Wireless Assistant
"{10F539B1-31AF-43BF-9F0C-0EB66E918922}" = HP Quick Launch
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java™ 6 Update 18 (64-bit)
"{2F4F1020-3EA8-945D-AE90-D15972897145}" = AMD Drag and Drop Transcoding
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{426FAE9F-7373-496E-A215-9DB7EF4398CF}" = Validity Sensors DDK
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{58EC015E-BA77-A331-0F49-C344EFF7A5D5}" = ccc-utility64
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83D663BF-E9AF-0C6B-D278-BB8F90EDA304}" = ATI Catalyst Install Manager
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D7A911C-98B0-679F-905E-2E657E9F3203}" = ATI Problem Report Wizard
"{A000F75A-A246-44A7-8079-9E9E7F9054B2}" = BioExcess
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E88F164D-00C1-E9F6-11B3-066F04D3B798}" = ATI AVIVO64 Codecs
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1)
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"EPSON NX210 Series" = EPSON NX210 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{02B0574A-0BC4-D890-1D03-41F05076DD08}" = CCC Help Finnish
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BBB276-3AB4-C7D5-ABAE-623FBA38AA90}" = CCC Help Swedish
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D00B5AD-C23E-8BBC-C4B1-244B1AA838CF}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{223B6018-B8A2-7090-7BA9-4E2002DCAB86}" = Catalyst Control Center InstallProxy
"{223E2363-6643-49CB-A062-59A9858EE8EE}" = HP Software Framework
"{22439E2F-1CF7-4F8B-992A-3AA3C0553929}" = Yu-Gi-Oh! ONLINE 3
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 26
"{287B077B-8EEC-F5E4-35C8-30CB89843909}" = CCC Help Turkish
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30907E89-6E4F-F969-EAE1-006FD1EAC7C2}" = CCC Help Chinese Standard
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{394FA67A-FF0A-4356-BB77-D85E5A300BDE}" = HP QuickWeb Installer
"{39F5C580-450D-6498-A540-4D4B93E53783}" = CCC Help Norwegian
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4123BE4D-C65C-467E-8071-232FB1FBF3B8}" = MSN Toolbar Platform
"{42F6F0C0-E79C-2BDD-BC14-D4FFF427C8F1}" = CCC Help Hungarian
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F6A967-CFD8-8228-64A5-B5A32FD5A388}" = CCC Help Greek
"{57F8108C-886F-9424-DB1D-9A5E51ED13C4}" = Catalyst Control Center Graphics Previews Common
"{586B8062-07BB-44C8-B603-5BDDB0474C85}" = CCC Help German
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5B461E1D-1DB0-0BB2-132F-D77C56838FF3}" = Catalyst Control Center InstallProxy
"{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{61C25DE5-8236-62C2-795F-05DBA452B1B5}" = Catalyst Control Center Localization All
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{658BC6B8-549E-58B3-4FD1-56CF7E3094CB}" = Catalyst Control Center
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69F93CBB-F87B-A9EE-CEB7-6F26557AFBD7}" = HydraVision
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6DB9EA89-7E0D-2456-9E73-B5C1EE9AA3AC}" = CCC Help Chinese Traditional
"{6F7614CC-F33A-4877-8814-49856F441F3C}" = Stardock MyColors
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7228F19F-A06C-6ECB-0B73-EF630A2C9C13}" = CCC Help Dutch
"{76423878-BF55-4C2F-AC25-2A82CE9AFB7A}" = Windows 7 Logon Background Changer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841CF164-F721-52FE-F449-6E1D6F29C194}" = CCC Help Danish
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8AE005C9-87BE-4717-9E27-5A0C7B24FFC8}" = CCC Help Korean
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8A40590-988F-B012-B7F7-08484E3741BE}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skypeô 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC2F16C8-CEFE-A4D5-2C84-581915BBC6C4}" = CCC Help Russian
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.2 MUI
"{AEEC4834-A144-294C-E69C-8B8AB45C2330}" = CCC Help Italian
"{B1CBB2A3-2797-6C12-5317-D100F3BD0A76}" = CCC Help English
"{B25ED472-A072-5623-1575-4B83B2D7E0CA}" = CCC Help Czech
"{B2E3A2C8-283C-4871-A499-B2711F48D64B}" = Yugioh Virtual Dueling
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7BCF3F6-FE66-4D43-B54D-9904C8A0C198}" = HP User Guides 0207
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D3E9CA09-20E8-F218-15F3-3E1CA0EEFB4D}" = PX Profile Update
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4673DE8-58F9-765E-1E4A-72DA4BCAA94D}" = CCC Help Portuguese
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DAA1926D-6D15-66DB-EB53-8F87F636C463}" = CCC Help French
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2831862-F131-4327-B9CC-FA30F587EB6C}" = HP Setup
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5441F69-656A-774B-3488-F93AD5D08293}" = CCC Help Thai
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}" = HP SimplePass Identity Protection
"{ED7CF7FA-8C66-EA0C-8279-01C5740622F3}" = CCC Help Japanese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F483915E-5BB9-47FE-B56C-87D8ABC653A6}" = Logger Pro 3.8.4 Demo
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F96E3A91-FFE9-4486-B3B0-E5B77E712286}" = Alcor Micro USB Card Reader
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"AC3Filter_is1" = AC3Filter 1.62b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIM_7" = AIM 7
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CubeDesktop" = CubeDesktop 1.3.1
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DivX Setup.divx.com" = DivX Setup
"EPSON Scanner" = EPSON Scan
"Exterminate It!" = Exterminate It!
"FLV Player2.0.25" = FLV Player
"Gunz" = ijji - Gunz
"hon" = Heroes of Newerth
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}" = HP SimplePass Identity Protection
"InstallShield_{F96E3A91-FFE9-4486-B3B0-E5B77E712286}" = Alcor Micro USB Card Reader
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JBidwatcher_0" = JBidwatcher 2.1.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20)
"My HP Game Console" = HP Game Console
"NIS" = Norton Internet Security
"ObjectDock Plus" = ObjectDock Plus
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PitchPerfect" = PitchPerfect Musical Instrument Tuner
"ShapeCollage" = Shape Collage
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Starcraft" = Starcraft
"Stardock MyColors" = Stardock MyColors
"StartNow Toolbar" = StartNow Toolbar
"Streamripper" = Streamripper (Remove only)
"uTorrent" = ĶTorrent
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT082122" = Blackhawk Striker 2
"WT082124" = Blasterball 3
"WT082133" = Dora's Carnival Adventure
"WT082141" = FATE
"WT082168" = Penguins!
"WT082170" = Plants vs. Zombies
"WT082171" = Poker Superstars III
"WT082172" = Polar Bowler
"WT082173" = Polar Golfer
"WT082188" = Virtual Families
"WT082189" = Wheel of Fortune 2
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082396" = Diner Dash 2 Restaurant Rescue
"WT082438" = Build-a-lot 2
"WT082442" = Faerie Solitaire
"WT082443" = Jewel Quest 3
"WT082456" = Mystery P.I. - The New York Fortune
"WT082463" = Zuma's Revenge
"WT082468" = Jewel Quest Solitaire 2
"WT083477" = Cake Mania
"WT083484" = Escape Rosecliff Island
"WT083491" = TextTwist 2
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"Xvid_is1" = Xvid 1.2.2 final uninstall
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-872871200-901388992-920692641-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Google Chrome" = Google Chrome
"Salts & Solubility" = Salts & Solubility
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/1/2011 4:58:10 AM | Computer Name = Dom-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3042

Error - 8/1/2011 2:44:02 PM | Computer Name = Dom-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/1/2011 2:44:02 PM | Computer Name = Dom-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 998

Error - 8/1/2011 2:44:02 PM | Computer Name = Dom-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 998

Error - 8/4/2011 6:44:50 AM | Computer Name = Dom-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/4/2011 6:44:50 AM | Computer Name = Dom-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1014

Error - 8/4/2011 6:44:50 AM | Computer Name = Dom-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1014

Error - 8/4/2011 8:51:32 AM | Computer Name = Dom-PC | Source = Application Error | ID = 1000
Description = Faulting application name: jaucheck.exe, version: 2.0.3.1, time stamp:
0x4ccb415f Faulting module name: jaucheck.exe, version: 2.0.3.1, time stamp: 0x4ccb415f
Exception
code: 0xc0000005 Fault offset: 0x0000c940 Faulting process id: 0x2b78 Faulting application
start time: 0x01cc52a53c10cc9f Faulting application path: C:\Program Files (x86)\Common
Files\Java\Java Update\jaucheck.exe Faulting module path: C:\Program Files (x86)\Common
Files\Java\Java Update\jaucheck.exe Report Id: 7a522f46-be98-11e0-ba49-1cc1de8c7d4a

Error - 8/4/2011 9:56:31 AM | Computer Name = Dom-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 8/4/2011 9:58:11 AM | Computer Name = Dom-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy
file "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
on line 2. Invalid Xml syntax.

[ Hewlett-Packard Events ]
Error - 8/29/2011 2:09:35 AM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 9/1/2011 2:09:40 PM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 9/1/2011 2:09:41 PM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 9/22/2011 2:52:26 PM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 9/22/2011 2:52:27 PM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 9/28/2011 11:24:44 PM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 2/23/2012 3:25:55 PM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 2/23/2012 3:25:56 PM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 3/29/2012 12:08:15 AM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 3/29/2012 2:21:29 PM | Computer Name = Dom-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

[ HP Wireless Assistant Events ]
Error - 4/30/2012 10:16:52 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 4/30/2012 10:16:52 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = Unable to access panel brightness tables.

Error - 4/30/2012 10:16:58 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 5/1/2012 2:54:28 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 5/1/2012 2:54:29 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 5/1/2012 7:05:57 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 5/1/2012 7:05:57 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = Unable to access panel brightness tables.

Error - 5/1/2012 7:05:57 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 5/1/2012 11:56:38 PM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 5/2/2012 12:05:14 AM | Computer Name = Dom-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

[ System Events ]
Error - 5/1/2012 11:54:24 PM | Computer Name = Dom-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SRTSP

Error - 5/2/2012 12:02:32 AM | Computer Name = Dom-PC | Source = SRTSP | ID = 524292
Description = Error loading virus definitions.

Error - 5/2/2012 12:02:32 AM | Computer Name = Dom-PC | Source = SRTSP | ID = 524293
Description = Error loading Symantec real time Anti-Virus driver.

Error - 5/2/2012 12:02:54 AM | Computer Name = Dom-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:00:51 PM on ?5/?1/?2012 was unexpected.

Error - 5/2/2012 12:02:58 AM | Computer Name = DOM-PC | Source = BugCheck | ID = 1001
Description =

Error - 5/2/2012 12:03:00 AM | Computer Name = Dom-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SRTSP

Error - 5/2/2012 12:03:32 AM | Computer Name = Dom-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HPWMISVC service.

Error - 5/2/2012 12:04:02 AM | Computer Name = Dom-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HPWMISVC service.

Error - 5/2/2012 12:57:23 AM | Computer Name = Dom-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 5/2/2012 12:57:23 AM | Computer Name = Dom-PC | Source = VDS Basic Provider | ID = 33554433
Description =


< End of report >
-------------------------------------------------------------------------------------------------------



Thanks for your help! Please let me know what to do next!
  • 0

#4
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
P2P Warning!:

IMPORTANT I have noticed that there are signs of uTorrent P2P (Peer to Peer) File Sharing Program on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these program types, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.


Pando Media Booster Advice

You have Pando installed on this computer and if you use certain games it is helpful and in some cases required. However it is a signficant resource hog even when you are not playing games. If it is not required for any of the games you play, I recommend you uninstall it as well.

Step 1.

  • Click the wrench icon to the right of the search bar.
  • Select Options.
  • In the Basics tab, find the Default Search section.
  • Select Google.
  • Click Close.

Step 2.

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


Step 3.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete nor Quarantine unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 4.

Please post:

OTL fix log
GooredFix log
TDSSKiller log


Finally, give me an update on any issues remaining with your computer
  • 0

#5
bordforlyf

bordforlyf

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi, Thanks for the help!
I removed PandoBox, but I kept uTorrent since I never use it anyway in college.

OTL Log:


OTL logfile created on: 5/2/2012 12:04:49 PM - Run 3
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Dom\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 42.46% Memory free
7.60 Gb Paging File | 5.19 Gb Available in Paging File | 68.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.84 Gb Total Space | 288.82 Gb Free Space | 64.64% Space Free | Partition Type: NTFS
Drive D: | 18.63 Gb Total Space | 2.70 Gb Free Space | 14.51% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 90.62 Mb Free Space | 91.52% Space Free | Partition Type: FAT32

Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/30 22:12:23 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe
PRC - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/05 10:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2010/05/21 01:28:00 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 01:27:58 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010/03/31 18:53:18 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/26 16:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/02/04 14:39:52 | 000,689,008 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
PRC - [2009/12/08 19:35:50 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/08 19:35:36 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
PRC - [2008/12/04 13:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2007/01/01 14:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Dom\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/12 00:37:34 | 000,444,400 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 00:37:33 | 003,915,248 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 00:36:08 | 000,122,880 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 00:36:06 | 000,220,672 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 00:36:05 | 001,747,456 | ---- | M] () -- C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012/04/11 10:30:24 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\cdc38572fd6c34cb3033fb419eff3639\System.Web.ni.dll
MOD - [2012/04/11 10:29:59 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/11 10:29:53 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/07 15:39:44 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\966a138f3aed60400472ac415bd16bc8\IAStorUtil.ni.dll
MOD - [2012/04/07 15:33:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
MOD - [2012/04/07 15:33:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012/04/07 15:33:08 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/04/07 15:33:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/04/07 15:33:04 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012/04/07 15:32:53 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/21 11:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/01/05 10:06:43 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\AIM\nssckbi.dll
MOD - [2010/06/15 11:01:12 | 000,057,904 | ---- | M] () -- C:\Windows\SysWOW64\wbload.dll
MOD - [2010/05/04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/12/03 14:05:26 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/26 10:56:02 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/07/18 19:39:56 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/23 07:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2010/02/01 02:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/01/18 15:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2009/12/16 14:51:46 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2011/04/06 16:42:11 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/03/16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/10/21 13:06:45 | 004,208,208 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010/03/31 18:53:18 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/02/26 16:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/02/23 07:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/04 14:39:52 | 000,689,008 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe -- (EgisTec Service)
SRV - [2010/02/01 02:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe -- (STacSV)
SRV - [2010/01/04 11:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/09 09:56:16 | 000,337,200 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe -- (WindowBlinds)
SRV - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2007/12/16 21:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/10 21:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 23:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/08/11 21:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/07/22 20:38:14 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/07/18 20:20:10 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/07/18 19:06:26 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/15 05:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/07 14:39:52 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/27 15:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 02:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/04 22:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/03 00:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/03/03 00:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/02/01 02:29:34 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/11 13:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/10/26 13:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/29 17:16:41 | 000,504,880 | R--- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/08/29 17:16:41 | 000,032,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/08/17 14:58:58 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2008/07/03 22:49:26 | 000,252,928 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTwindrvr6.sys -- (VSTWinDriver6)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/12/31 08:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {1016CC86-1ED3-4059-82A1-AE3C42FBC48B}
IE - HKLM\..\SearchScopes\{1016CC86-1ED3-4059-82A1-AE3C42FBC48B}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}
IE - HKCU\..\SearchScopes\{1016CC86-1ED3-4059-82A1-AE3C42FBC48B}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{77D5A4D7-FBE8-4688-8B0D-33161A94D186}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}:1.0
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\Firefox [2011/02/02 18:02:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010/07/07 15:05:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/07/27 13:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/04/07 15:09:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/07 10:11:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/07 10:12:32 | 000,000,000 | ---D | M]

[2012/04/07 00:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Extensions
[2011/03/16 23:00:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\qmej6fbq.default\extensions
[2012/04/07 10:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\uxyn99ae.default\extensions
[2012/04/07 10:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\uxyn99ae.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25c}
[2012/04/07 10:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/07 10:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/02/07 22:38:55 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\jar50.dll
[2012/02/07 22:38:55 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\jsd3250.dll
[2012/02/07 22:38:56 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\myspell.dll
[2012/02/07 22:38:56 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\spellchk.dll
[2012/02/07 22:38:56 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\xpinstal.dll
[2012/03/12 21:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/12 21:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Dom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: MSN\u00AE Toolbar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.32_0\
CHR - Extension: Skype Extension = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
CHR - Extension: Gmail = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/01 20:47:32 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\Dom\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 132.239.0.252 128.54.16.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35FE35BE-9C04-45B2-B594-242F82B65A23}: DhcpNameServer = 132.239.0.252 128.54.16.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDC94596-2B60-446B-8606-A5575568DFBB}: DhcpNameServer = 132.239.0.252 128.54.16.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\WB: DllName - (C:\Program Files (x86)\Stardock\MyColors\fast64.dll) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8523843c-df14-11e0-8db5-1cc1de8c7d4a}\Shell - "" = AutoRun
O33 - MountPoints2\{8523843c-df14-11e0-8db5-1cc1de8c7d4a}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{d4fedfad-960b-11df-8b11-1cc1de8c7d4a}\Shell - "" = AutoRun
O33 - MountPoints2\{d4fedfad-960b-11df-8b11-1cc1de8c7d4a}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/02 11:59:37 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dom\Desktop\tdsskiller.exe
[2012/05/02 11:59:28 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\GooredFix Backups
[2012/05/02 11:58:29 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Dom\Desktop\GooredFix.exe
[2012/05/01 20:58:36 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Dom\Desktop\aswMBR.exe
[2012/05/01 20:46:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/30 22:12:21 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe
[2012/04/15 12:22:10 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Curiolab
[2012/04/15 12:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exterminate It!
[2012/04/15 12:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exterminate It!
[2012/04/13 22:24:01 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/04/11 10:01:56 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/11 10:01:56 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/11 10:01:55 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/11 10:01:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/11 10:01:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/11 10:01:54 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/11 10:01:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/11 10:01:53 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/11 10:01:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/11 10:01:53 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/11 10:01:53 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/11 10:01:40 | 005,504,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/11 10:01:40 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/11 10:01:39 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/11 09:57:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/11 09:57:48 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/11 09:57:47 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/09 11:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/04/08 11:01:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/04/08 11:01:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/04/08 10:57:18 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/08 10:57:18 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/08 10:57:18 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/08 10:57:18 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/08 10:57:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/08 10:57:18 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/08 10:57:18 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/08 10:57:18 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/08 10:57:18 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/08 10:57:18 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/08 10:57:18 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/08 10:57:18 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/08 10:57:18 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/08 10:57:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/08 10:57:18 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/08 10:57:18 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/08 10:57:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/08 10:57:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/08 10:57:18 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/08 10:57:18 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/08 10:57:18 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/08 10:57:18 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/08 10:57:18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/08 10:57:18 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/08 10:57:18 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/08 10:57:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/08 10:57:18 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/08 10:57:18 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/08 10:57:18 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/08 10:57:18 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/08 10:57:18 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/08 10:57:18 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/08 10:57:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/08 10:57:18 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/08 10:57:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/08 10:57:18 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/08 10:57:18 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/08 10:57:18 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/08 10:57:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/08 10:57:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/08 10:57:18 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/08 10:57:18 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/08 10:57:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/08 10:57:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/08 10:57:18 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/08 10:57:18 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/08 10:57:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/08 10:57:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/08 10:57:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/08 10:57:18 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/08 10:57:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/08 10:57:18 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/08 10:57:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/08 10:57:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/08 10:57:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/08 10:57:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/08 10:57:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/08 10:57:18 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/08 10:57:18 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/08 10:57:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/08 10:57:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/07 15:40:36 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/04/07 15:40:36 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/04/07 15:40:33 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/04/07 15:40:33 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/04/07 15:40:33 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/04/07 15:40:33 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/04/07 15:40:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/04/07 15:40:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/04/07 15:40:33 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/04/07 14:04:54 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/04/07 14:04:42 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2012/04/07 14:04:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012/04/07 14:04:41 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2012/04/07 14:04:41 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2012/04/07 14:04:41 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012/04/07 14:04:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012/04/07 14:04:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012/04/07 14:04:36 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/04/07 14:04:36 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/04/07 14:04:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/04/07 14:04:35 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/04/07 14:04:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/04/07 14:04:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/04/07 14:04:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/04/07 14:04:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/04/07 14:04:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/04/07 14:04:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/04/07 14:04:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/04/07 14:04:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/04/07 14:04:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/04/07 14:04:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/04/07 14:04:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/04/07 14:04:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/04/07 14:04:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/04/07 14:04:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/04/07 14:04:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/04/07 14:04:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/04/07 14:04:31 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/04/07 14:04:31 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/04/07 14:04:31 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/04/07 14:04:30 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/04/07 14:04:30 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/04/07 14:04:30 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/04/07 14:04:30 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/04/07 14:04:30 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/04/07 14:04:30 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/04/07 14:04:30 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/04/07 14:04:30 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/04/07 14:04:30 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/04/07 14:04:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/04/07 14:04:27 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/04/07 14:04:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/04/07 14:04:26 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/04/07 14:04:25 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/04/07 14:04:25 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/04/07 14:04:25 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/04/07 14:04:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/04/07 14:04:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/04/07 14:04:22 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/04/07 14:04:22 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/04/07 14:04:22 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/04/07 14:04:22 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/04/07 14:04:22 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/04/07 14:04:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/04/07 14:04:18 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2012/04/07 14:04:18 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012/04/07 14:04:18 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012/04/07 14:04:18 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012/04/07 14:04:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/04/07 14:04:18 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/04/07 14:04:16 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/04/07 14:04:15 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/04/07 14:04:15 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/04/07 14:04:15 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/04/07 14:04:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/04/07 14:04:05 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/04/07 14:04:05 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/04/07 14:03:44 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012/04/07 14:03:43 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/04/07 14:03:41 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012/04/07 14:03:41 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/04/07 14:03:05 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2012/04/07 14:02:56 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012/04/07 14:02:56 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/04/07 14:02:53 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/04/07 14:02:53 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/04/07 14:02:51 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/04/07 14:02:51 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/04/07 14:02:51 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/04/07 14:02:51 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/04/07 14:02:51 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/04/07 14:02:51 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/04/07 14:02:51 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/04/07 14:02:47 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/04/07 14:02:47 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/04/07 14:02:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/04/07 14:02:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/04/07 14:02:47 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/04/07 14:02:47 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/04/07 14:02:47 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/04/07 14:02:47 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/04/07 14:02:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/04/07 14:02:45 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/04/07 14:02:45 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/04/07 14:02:45 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/04/07 14:02:44 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/04/07 14:02:43 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/04/07 14:02:42 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/04/07 14:02:40 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/04/07 14:02:40 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/04/07 14:02:39 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/04/07 14:02:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/04/07 14:02:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/04/07 14:02:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/04/07 14:02:39 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/04/07 14:02:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/04/07 14:02:38 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/04/07 14:02:38 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/04/07 14:02:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/04/07 14:02:38 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/04/07 14:02:29 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/04/07 14:02:29 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/04/07 14:02:28 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/04/07 14:02:28 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/04/07 14:02:27 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/04/07 14:02:27 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/04/07 14:02:25 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012/04/07 14:02:19 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/04/07 14:02:19 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/04/07 14:02:19 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/04/07 14:02:19 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/04/07 14:02:15 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/04/07 14:02:15 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/04/07 14:02:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/04/07 14:02:15 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/04/07 14:02:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/04/07 14:02:14 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/04/07 14:02:14 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/04/07 14:02:13 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/04/07 14:02:12 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/04/07 14:02:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/04/07 14:02:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/04/07 14:02:09 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/04/07 14:02:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/04/07 14:02:07 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/04/07 14:02:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/04/07 14:02:06 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012/04/07 14:02:00 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/04/07 14:01:59 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012/04/07 14:01:59 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/04/07 14:01:55 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/04/07 14:01:54 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012/04/07 14:01:53 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/04/07 14:01:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/04/07 14:01:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/04/07 14:01:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/04/07 14:01:47 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/04/07 14:01:37 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/04/07 14:01:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/04/07 14:01:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/04/07 14:01:34 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/04/07 13:55:39 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/04/07 13:55:38 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/04/06 20:53:54 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Spotify
[2012/04/06 20:53:48 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Spotify
[2012/04/04 14:16:23 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\arc_c7f168a6223596906129c311704b72a4
[3 C:\Users\Dom\Desktop\*.tmp files -> C:\Users\Dom\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/02 12:00:33 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/02 12:00:33 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/02 11:59:42 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dom\Desktop\tdsskiller.exe
[2012/05/02 11:58:30 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Dom\Desktop\GooredFix.exe
[2012/05/02 11:54:59 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-872871200-901388992-920692641-1000UA.job
[2012/05/02 11:54:59 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/02 11:54:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/02 10:40:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-872871200-901388992-920692641-1000Core.job
[2012/05/01 21:43:01 | 000,000,512 | ---- | M] () -- C:\Users\Dom\Desktop\MBR.dat
[2012/05/01 21:03:02 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/01 21:02:35 | 528,265,858 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/01 21:02:35 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/01 20:58:50 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Dom\Desktop\aswMBR.exe
[2012/05/01 20:47:32 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/04/30 22:41:48 | 015,978,768 | ---- | M] () -- C:\Users\Dom\Desktop\Housing Applications.zip
[2012/04/30 22:23:48 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/30 22:23:48 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/30 22:23:48 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/30 22:12:23 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe
[2012/04/30 18:43:23 | 000,144,759 | ---- | M] () -- C:\Users\Dom\Desktop\housing.zip
[2012/04/30 18:16:30 | 000,076,000 | ---- | M] () -- C:\Users\Dom\Desktop\housing2.tif
[2012/04/30 18:15:00 | 000,073,096 | ---- | M] () -- C:\Users\Dom\Desktop\housing.tif
[2012/04/30 17:41:32 | 000,801,947 | ---- | M] () -- C:\Users\Dom\Desktop\LRA-editable (1).pdf
[2012/04/29 22:52:48 | 000,008,814 | ---- | M] () -- C:\Users\Dom\Desktop\image001.png
[2012/04/28 12:31:26 | 006,592,316 | ---- | M] () -- C:\Users\Dom\Desktop\Gotye - Somebody That I Used To Know feat_ Kimbra (TiŽsto Remix)-[www_flvto_com].mp3
[2012/04/28 12:29:30 | 010,431,062 | ---- | M] () -- C:\Users\Dom\Desktop\Erik Arbores - On The Move (Club Mix)-[www_flvto_com].mp3
[2012/04/28 11:52:02 | 011,849,825 | ---- | M] () -- C:\Users\Dom\Desktop\W&W feat_ Bree - Nowhere To Go (Shogun Remix)-[www_flvto_com].mp3
[2012/04/28 11:19:47 | 009,081,263 | ---- | M] () -- C:\Users\Dom\Desktop\David Guetta & Avicii vs_ Laidback Luke - Till Sunshine (Pixel Cheese Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:47:28 | 008,678,142 | ---- | M] () -- C:\Users\Dom\Desktop\Flo Rida ft_ Sia - Wild Ones (VIDA Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:42:50 | 012,976,434 | ---- | M] () -- C:\Users\Dom\Desktop\Ralphie B - Icarus (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:39:18 | 008,266,870 | ---- | M] () -- C:\Users\Dom\Desktop\Avicii feat_ Nervo - You're Gonna Love Again HQ-[www_flvto_com].mp3
[2012/04/28 02:37:10 | 008,918,886 | ---- | M] () -- C:\Users\Dom\Desktop\Michael Woods - 'Airborne' [OFFICIAL]-[www_flvto_com].mp3
[2012/04/28 02:36:17 | 008,475,013 | ---- | M] () -- C:\Users\Dom\Desktop\Hilton Farris f_ Trevor Hastings - Kings (Beat Thrillerz Remix)-[www_flvto_com].mp3
[2012/04/28 02:31:10 | 010,297,524 | ---- | M] () -- C:\Users\Dom\Desktop\Marc Marberg with Kyau & Albert - Megashira (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:29:25 | 006,207,376 | ---- | M] () -- C:\Users\Dom\Desktop\The Naked & Famous - Young Blood (TiŽsto & Hardwell Remix)-[www_flvto_com].mp3
[2012/04/28 02:29:09 | 008,970,922 | ---- | M] () -- C:\Users\Dom\Desktop\tyDi feat_ Dj Rap - Talking To Myself (Maison & Dragen Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:48 | 011,029,789 | ---- | M] () -- C:\Users\Dom\Desktop\LUIGI LUSINI -WATERFALL- - Original mix-[www_flvto_com].mp3
[2012/04/28 02:27:36 | 009,001,642 | ---- | M] () -- C:\Users\Dom\Desktop\Dakota - Gypsy Room (Duderstadt Remix)-[www_flvto_com].mp3
[2012/04/28 02:26:35 | 007,370,974 | ---- | M] () -- C:\Users\Dom\Desktop\Michael Calfan - Resurrection (Axwell's Recut Club Version)-[www_flvto_com].mp3
[2012/04/27 17:28:28 | 040,571,779 | ---- | M] () -- C:\Users\Dom\Desktop\Physics Book!.pdf
[2012/04/15 12:20:27 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2012/04/14 01:20:43 | 000,001,129 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/13 22:24:02 | 000,002,296 | ---- | M] () -- C:\Users\Dom\Desktop\Google Chrome.lnk
[2012/04/13 01:41:59 | 000,001,945 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2012/04/08 11:05:31 | 000,001,433 | ---- | M] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/08 10:57:18 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/08 10:57:18 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/08 10:57:18 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/08 10:57:18 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/08 10:57:18 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/08 10:57:18 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/08 10:57:18 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/08 10:57:18 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/08 10:57:18 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/08 10:57:18 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/08 10:57:18 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/08 10:57:18 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/08 10:57:18 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/08 10:57:18 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/08 10:57:18 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/08 10:57:18 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/08 10:57:18 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/08 10:57:18 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/08 10:57:18 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/08 10:57:18 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/08 10:57:18 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/08 10:57:18 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/08 10:57:18 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/08 10:57:18 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/08 10:57:18 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/08 10:57:18 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/08 10:57:18 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/08 10:57:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/08 10:57:18 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/08 10:57:18 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/08 10:57:18 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/08 10:57:18 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/08 10:57:18 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/08 10:57:18 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/08 10:57:18 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/08 10:57:18 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/08 10:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/08 10:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/08 10:57:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/08 10:57:18 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/08 10:57:18 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/08 10:57:18 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/08 10:57:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/08 10:57:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/08 10:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/08 10:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/08 10:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/08 10:57:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/08 10:57:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/08 10:57:18 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/08 10:57:18 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/08 10:57:18 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/08 10:57:18 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/08 10:57:18 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/08 10:57:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/08 10:57:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/08 10:57:18 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/08 10:57:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/08 10:57:18 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/08 10:57:18 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/08 10:57:18 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/08 10:57:18 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/08 10:57:18 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/08 10:55:36 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/07 15:32:18 | 005,004,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[3 C:\Users\Dom\Desktop\*.tmp files -> C:\Users\Dom\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/01 21:43:01 | 000,000,512 | ---- | C] () -- C:\Users\Dom\Desktop\MBR.dat
[2012/04/30 22:41:31 | 015,978,768 | ---- | C] () -- C:\Users\Dom\Desktop\Housing Applications.zip
[2012/04/30 18:49:27 | 000,076,000 | ---- | C] () -- C:\Users\Dom\Desktop\housing2.tif
[2012/04/30 18:49:27 | 000,073,096 | ---- | C] () -- C:\Users\Dom\Desktop\housing.tif
[2012/04/30 18:43:23 | 000,144,759 | ---- | C] () -- C:\Users\Dom\Desktop\housing.zip
[2012/04/30 17:41:30 | 000,801,947 | ---- | C] () -- C:\Users\Dom\Desktop\LRA-editable (1).pdf
[2012/04/29 22:52:47 | 000,008,814 | ---- | C] () -- C:\Users\Dom\Desktop\image001.png
[2012/04/28 12:31:14 | 006,592,316 | ---- | C] () -- C:\Users\Dom\Desktop\Gotye - Somebody That I Used To Know feat_ Kimbra (TiŽsto Remix)-[www_flvto_com].mp3
[2012/04/28 12:28:13 | 010,431,062 | ---- | C] () -- C:\Users\Dom\Desktop\Erik Arbores - On The Move (Club Mix)-[www_flvto_com].mp3
[2012/04/28 11:49:51 | 011,849,825 | ---- | C] () -- C:\Users\Dom\Desktop\W&W feat_ Bree - Nowhere To Go (Shogun Remix)-[www_flvto_com].mp3
[2012/04/28 11:18:47 | 009,081,263 | ---- | C] () -- C:\Users\Dom\Desktop\David Guetta & Avicii vs_ Laidback Luke - Till Sunshine (Pixel Cheese Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:47:12 | 008,678,142 | ---- | C] () -- C:\Users\Dom\Desktop\Flo Rida ft_ Sia - Wild Ones (VIDA Bootleg)-[www_flvto_com].mp3
[2012/04/28 02:42:25 | 012,976,434 | ---- | C] () -- C:\Users\Dom\Desktop\Ralphie B - Icarus (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:39:02 | 008,266,870 | ---- | C] () -- C:\Users\Dom\Desktop\Avicii feat_ Nervo - You're Gonna Love Again HQ-[www_flvto_com].mp3
[2012/04/28 02:36:53 | 008,918,886 | ---- | C] () -- C:\Users\Dom\Desktop\Michael Woods - 'Airborne' [OFFICIAL]-[www_flvto_com].mp3
[2012/04/28 02:36:01 | 008,475,013 | ---- | C] () -- C:\Users\Dom\Desktop\Hilton Farris f_ Trevor Hastings - Kings (Beat Thrillerz Remix)-[www_flvto_com].mp3
[2012/04/28 02:30:50 | 010,297,524 | ---- | C] () -- C:\Users\Dom\Desktop\Marc Marberg with Kyau & Albert - Megashira (Original Mix)-[www_flvto_com].mp3
[2012/04/28 02:29:13 | 006,207,376 | ---- | C] () -- C:\Users\Dom\Desktop\The Naked & Famous - Young Blood (TiŽsto & Hardwell Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:52 | 008,970,922 | ---- | C] () -- C:\Users\Dom\Desktop\tyDi feat_ Dj Rap - Talking To Myself (Maison & Dragen Remix)-[www_flvto_com].mp3
[2012/04/28 02:28:26 | 011,029,789 | ---- | C] () -- C:\Users\Dom\Desktop\LUIGI LUSINI -WATERFALL- - Original mix-[www_flvto_com].mp3
[2012/04/28 02:27:19 | 009,001,642 | ---- | C] () -- C:\Users\Dom\Desktop\Dakota - Gypsy Room (Duderstadt Remix)-[www_flvto_com].mp3
[2012/04/28 02:26:20 | 007,370,974 | ---- | C] () -- C:\Users\Dom\Desktop\Michael Calfan - Resurrection (Axwell's Recut Club Version)-[www_flvto_com].mp3
[2012/04/27 17:28:02 | 040,571,779 | ---- | C] () -- C:\Users\Dom\Desktop\Physics Book!.pdf
[2012/04/15 12:20:27 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2012/04/14 01:20:43 | 000,001,129 | ---- | C] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/13 22:24:02 | 000,002,296 | ---- | C] () -- C:\Users\Dom\Desktop\Google Chrome.lnk
[2012/04/13 01:41:59 | 000,001,945 | ---- | C] () -- C:\Users\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2012/04/08 10:57:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/08 10:57:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/07 00:11:33 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/01/04 16:31:33 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/01/01 21:48:55 | 006,908,648 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012/01/01 21:48:55 | 000,017,686 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/08/12 16:27:39 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/08/12 16:27:39 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/08/11 08:00:54 | 000,000,233 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2011/07/07 23:37:28 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/06/11 16:57:55 | 000,000,000 | ---- | C] () -- C:\Users\Dom\AppData\Local\{ED7C6ED9-33DF-42A8-A72E-FDA42B508812}
[2011/05/24 04:03:24 | 000,276,232 | ---- | C] () -- C:\Users\Dom\AppData\Local\ConduitInstaller.exe
[2011/04/06 16:43:09 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/03/27 12:43:08 | 000,096,768 | ---- | C] () -- C:\Users\Dom\AppData\Local\Bloson.exe
[2011/03/21 04:36:30 | 000,026,456 | ---- | C] () -- C:\Users\Dom\AppData\Local\bloson.bmp
[2010/11/13 03:14:46 | 000,062,648 | ---- | C] () -- C:\Users\Dom\AppData\Local\toolbar3.bmp
[2010/11/12 03:09:56 | 000,195,108 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral3.bmp
[2010/11/12 02:44:14 | 000,193,744 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral1.bmp
[2010/11/12 02:10:58 | 000,193,744 | ---- | C] () -- C:\Users\Dom\AppData\Local\lateral2.bmp
[2010/09/21 06:30:37 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2010/09/20 17:18:23 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/09/20 17:18:22 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/09/20 17:18:22 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/09/20 17:18:22 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/09/20 17:18:22 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/09/20 17:18:22 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/09/20 17:18:22 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/09/20 17:18:22 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/09/20 17:18:22 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/09/20 17:18:22 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/09/20 17:18:22 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/09/20 17:18:22 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/09/20 17:18:22 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/09/20 17:18:22 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/09/20 17:18:22 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/09/20 17:18:22 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/09/20 17:13:34 | 000,000,044 | ---- | C] () -- C:\Windows\EPNX210.ini
[2010/08/16 20:10:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/07/29 16:09:40 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/29 15:14:10 | 000,667,136 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.dll
[2010/07/29 15:14:09 | 000,414,208 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe
[2010/07/29 15:14:09 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll
[2010/07/22 18:41:52 | 000,038,407 | ---- | C] () -- C:\Windows\scunin.dat
[2010/07/07 14:50:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/07/07 14:42:55 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010/07/07 14:39:11 | 000,000,312 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/07/07 14:39:11 | 000,000,253 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/06/15 15:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/15 11:01:12 | 000,057,904 | ---- | C] () -- C:\Windows\SysWow64\wbload.dll
[2010/05/18 14:46:04 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini

< End of report >



Goored Fix:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 11:59 on 02/05/2012 (Dom)
Firefox version 2.0.0.20 (en-US)

========== GooredScan ==========

(none)
Removing Orphan:
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\" -> Success!
Removing Orphan:
"{4C0766D3-67A7-45a3-85A2-752F77312F32}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\" -> Success!

========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
[email protected] [07:56 29/09/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [07:11 07/04/2012]

C:\Users\Dom\Application Data\Mozilla\Firefox\Profiles\qmej6fbq.default\extensions\
(none)

C:\Users\Dom\Application Data\Mozilla\Firefox\Profiles\uxyn99ae.default\extensions\
{bb6bc1bb-f824-4702-90cd-35e2fb24f25c} [07:57 29/09/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\Firefox" [22:00 07/07/2010]
"{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}"="C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt" [22:05 07/07/2010]
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"="C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}" [20:58 27/07/2010]
"{27182e60-b5f3-411c-b545-b44205977502}"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\" [22:09 07/04/2012]

-=E.O.F=-


TDSSKiller


12:00:10.0953 9228 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
12:00:11.0325 9228 ============================================================
12:00:11.0325 9228 Current date / time: 2012/05/02 12:00:11.0325
12:00:11.0325 9228 SystemInfo:
12:00:11.0325 9228
12:00:11.0325 9228 OS Version: 6.1.7600 ServicePack: 0.0
12:00:11.0325 9228 Product type: Workstation
12:00:11.0325 9228 ComputerName: DOM-PC
12:00:11.0325 9228 UserName: Dom
12:00:11.0325 9228 Windows directory: C:\Windows
12:00:11.0325 9228 System windows directory: C:\Windows
12:00:11.0325 9228 Running under WOW64
12:00:11.0325 9228 Processor architecture: Intel x64
12:00:11.0325 9228 Number of processors: 4
12:00:11.0325 9228 Page size: 0x1000
12:00:11.0325 9228 Boot type: Normal boot
12:00:11.0325 9228 ============================================================
12:00:11.0869 9228 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:00:11.0941 9228 ============================================================
12:00:11.0941 9228 \Device\Harddisk0\DR0:
12:00:11.0941 9228 MBR partitions:
12:00:11.0941 9228 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
12:00:11.0941 9228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37DAC000
12:00:11.0941 9228 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x37E10000, BlocksNum 0x2542000
12:00:11.0941 9228 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
12:00:11.0941 9228 ============================================================
12:00:11.0982 9228 C: <-> \Device\Harddisk0\DR0\Partition1
12:00:12.0024 9228 D: <-> \Device\Harddisk0\DR0\Partition2
12:00:12.0037 9228 E: <-> \Device\Harddisk0\DR0\Partition3
12:00:12.0037 9228 ============================================================
12:00:12.0037 9228 Initialize success
12:00:12.0037 9228 ============================================================
12:00:44.0469 7724 ============================================================
12:00:44.0469 7724 Scan started
12:00:44.0469 7724 Mode: Manual; SigCheck; TDLFS;
12:00:44.0469 7724 ============================================================
12:00:45.0454 7724 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
12:00:45.0556 7724 1394ohci - ok
12:00:45.0582 7724 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
12:00:45.0599 7724 Accelerometer - ok
12:00:45.0644 7724 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
12:00:45.0671 7724 ACPI - ok
12:00:45.0690 7724 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
12:00:45.0783 7724 AcpiPmi - ok
12:00:45.0841 7724 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:00:45.0871 7724 adp94xx - ok
12:00:45.0895 7724 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:00:45.0913 7724 adpahci - ok
12:00:45.0945 7724 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:00:45.0960 7724 adpu320 - ok
12:00:45.0990 7724 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:00:46.0149 7724 AeLookupSvc - ok
12:00:46.0242 7724 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe
12:00:46.0310 7724 AESTFilters - ok
12:00:46.0384 7724 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
12:00:46.0485 7724 AFD - ok
12:00:46.0516 7724 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
12:00:46.0535 7724 agp440 - ok
12:00:46.0554 7724 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:00:46.0633 7724 ALG - ok
12:00:46.0663 7724 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
12:00:46.0680 7724 aliide - ok
12:00:46.0729 7724 AMD External Events Utility (e040d10507a603ff7c93d196bd8a34e8) C:\Windows\system32\atiesrxx.exe
12:00:46.0801 7724 AMD External Events Utility - ok
12:00:46.0820 7724 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
12:00:46.0837 7724 amdide - ok
12:00:46.0857 7724 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:00:46.0902 7724 AmdK8 - ok
12:00:47.0341 7724 amdkmdag (f209d48a89cb70297d5987d395d7f418) C:\Windows\system32\DRIVERS\atikmdag.sys
12:00:47.0486 7724 amdkmdag - ok
12:00:47.0663 7724 amdkmdap (42c5383d75684229726eb7015d8efa70) C:\Windows\system32\DRIVERS\atikmpag.sys
12:00:47.0726 7724 amdkmdap - ok
12:00:47.0753 7724 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:00:47.0788 7724 AmdPPM - ok
12:00:47.0841 7724 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
12:00:47.0860 7724 amdsata - ok
12:00:47.0893 7724 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:00:47.0907 7724 amdsbs - ok
12:00:47.0917 7724 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
12:00:47.0927 7724 amdxata - ok
12:00:47.0979 7724 AmUStor (37ea167782af19301af9c05804948bb2) C:\Windows\system32\drivers\AmUStor.SYS
12:00:48.0036 7724 AmUStor - ok
12:00:48.0081 7724 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
12:00:48.0177 7724 AppID - ok
12:00:48.0195 7724 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:00:48.0276 7724 AppIDSvc - ok
12:00:48.0302 7724 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
12:00:48.0358 7724 Appinfo - ok
12:00:48.0452 7724 Apple Mobile Device (70d7be78061126dd0c3accdb7e129017) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:00:48.0470 7724 Apple Mobile Device - ok
12:00:48.0515 7724 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:00:48.0537 7724 arc - ok
12:00:48.0569 7724 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:00:48.0588 7724 arcsas - ok
12:00:48.0690 7724 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:00:48.0702 7724 aspnet_state - ok
12:00:48.0720 7724 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:00:48.0780 7724 AsyncMac - ok
12:00:48.0801 7724 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
12:00:48.0811 7724 atapi - ok
12:00:48.0874 7724 AtiHDAudioService (cbe5f8b3e54198f5dfe403a55a95de08) C:\Windows\system32\drivers\AtihdW76.sys
12:00:48.0884 7724 AtiHDAudioService - ok
12:00:48.0904 7724 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
12:00:48.0913 7724 AtiHdmiService - ok
12:00:48.0978 7724 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
12:00:49.0048 7724 AudioEndpointBuilder - ok
12:00:49.0054 7724 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
12:00:49.0097 7724 AudioSrv - ok
12:00:49.0127 7724 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
12:00:49.0241 7724 AxInstSV - ok
12:00:49.0287 7724 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:00:49.0358 7724 b06bdrv - ok
12:00:49.0399 7724 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:00:49.0429 7724 b57nd60a - ok
12:00:49.0637 7724 BCM43XX (35756e37d5fdee22fbf27090a14fe608) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:00:49.0749 7724 BCM43XX - ok
12:00:49.0863 7724 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:00:49.0918 7724 BDESVC - ok
12:00:49.0961 7724 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:00:50.0042 7724 Beep - ok
12:00:50.0108 7724 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
12:00:50.0194 7724 BFE - ok
12:00:50.0273 7724 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
12:00:50.0338 7724 BITS - ok
12:00:50.0377 7724 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:00:50.0391 7724 blbdrive - ok
12:00:50.0489 7724 Bonjour Service (673cf4f6bb1fbe09331b526802fbb892) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
12:00:50.0511 7724 Bonjour Service - ok
12:00:50.0559 7724 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
12:00:50.0624 7724 bowser - ok
12:00:50.0644 7724 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:00:50.0717 7724 BrFiltLo - ok
12:00:50.0735 7724 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:00:50.0750 7724 BrFiltUp - ok
12:00:50.0783 7724 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
12:00:50.0860 7724 Browser - ok
12:00:50.0901 7724 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:00:50.0960 7724 Brserid - ok
12:00:50.0981 7724 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:00:51.0018 7724 BrSerWdm - ok
12:00:51.0035 7724 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:00:51.0072 7724 BrUsbMdm - ok
12:00:51.0101 7724 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:00:51.0137 7724 BrUsbSer - ok
12:00:51.0154 7724 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:00:51.0193 7724 BTHMODEM - ok
12:00:51.0239 7724 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:00:51.0304 7724 bthserv - ok
12:00:51.0342 7724 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:00:51.0397 7724 cdfs - ok
12:00:51.0425 7724 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
12:00:51.0449 7724 cdrom - ok
12:00:51.0478 7724 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
12:00:51.0551 7724 CertPropSvc - ok
12:00:51.0603 7724 CinemaNow Service (2c24db5f78f0aca759803001e6b4f320) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
12:00:51.0615 7724 CinemaNow Service - ok
12:00:51.0635 7724 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:00:51.0671 7724 circlass - ok
12:00:51.0719 7724 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:00:51.0745 7724 CLFS - ok
12:00:51.0834 7724 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:00:51.0847 7724 clr_optimization_v2.0.50727_32 - ok
12:00:51.0898 7724 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:00:51.0912 7724 clr_optimization_v2.0.50727_64 - ok
12:00:52.0001 7724 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:00:52.0041 7724 clr_optimization_v4.0.30319_32 - ok
12:00:52.0078 7724 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:00:52.0094 7724 clr_optimization_v4.0.30319_64 - ok
12:00:52.0125 7724 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:00:52.0157 7724 CmBatt - ok
12:00:52.0179 7724 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
12:00:52.0190 7724 cmdide - ok
12:00:52.0242 7724 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
12:00:52.0323 7724 CNG - ok
12:00:52.0347 7724 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:00:52.0360 7724 Compbatt - ok
12:00:52.0380 7724 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
12:00:52.0416 7724 CompositeBus - ok
12:00:52.0432 7724 COMSysApp - ok
12:00:52.0453 7724 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:00:52.0467 7724 crcdisk - ok
12:00:52.0506 7724 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
12:00:52.0569 7724 CryptSvc - ok
12:00:52.0619 7724 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
12:00:52.0685 7724 DcomLaunch - ok
12:00:52.0715 7724 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:00:52.0774 7724 defragsvc - ok
12:00:52.0809 7724 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
12:00:52.0871 7724 DfsC - ok
12:00:52.0929 7724 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
12:00:53.0021 7724 Dhcp - ok
12:00:53.0045 7724 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:00:53.0124 7724 discache - ok
12:00:53.0186 7724 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:00:53.0207 7724 Disk - ok
12:00:53.0248 7724 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
12:00:53.0295 7724 Dnscache - ok
12:00:53.0328 7724 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
12:00:53.0402 7724 dot3svc - ok
12:00:53.0423 7724 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
12:00:53.0490 7724 DPS - ok
12:00:53.0531 7724 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:00:53.0547 7724 drmkaud - ok
12:00:53.0617 7724 dump_wmimmc - ok
12:00:53.0640 7724 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys
12:00:53.0651 7724 DVMIO - ok
12:00:53.0728 7724 DvmMDES (b66b5b27c8c9881f90435a1f7fe370c3) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
12:00:53.0754 7724 DvmMDES - ok
12:00:53.0880 7724 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
12:00:53.0917 7724 DXGKrnl - ok
12:00:53.0950 7724 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:00:54.0006 7724 EapHost - ok
12:00:54.0203 7724 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:00:54.0294 7724 ebdrv - ok
12:00:54.0417 7724 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
12:00:54.0504 7724 EFS - ok
12:00:54.0625 7724 EgisTec Service (b15b00955c4a4413b1cb3f056d65148d) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
12:00:54.0657 7724 EgisTec Service - ok
12:00:54.0739 7724 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
12:00:54.0812 7724 ehRecvr - ok
12:00:54.0847 7724 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:00:54.0909 7724 ehSched - ok
12:00:55.0034 7724 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:00:55.0070 7724 elxstor - ok
12:00:55.0143 7724 EPSON_EB_RPCV4_01 (b5581646636759d0dafa8b008881c079) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
12:00:55.0168 7724 EPSON_EB_RPCV4_01 - ok
12:00:55.0190 7724 EPSON_PM_RPCV4_01 (1e345f2a2d95da3190596e691cde9342) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
12:00:55.0217 7724 EPSON_PM_RPCV4_01 - ok
12:00:55.0238 7724 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
12:00:55.0263 7724 ErrDev - ok
12:00:55.0327 7724 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:00:55.0389 7724 EventSystem - ok
12:00:55.0425 7724 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:00:55.0483 7724 exfat - ok
12:00:55.0511 7724 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:00:55.0550 7724 fastfat - ok
12:00:55.0597 7724 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
12:00:55.0654 7724 Fax - ok
12:00:55.0672 7724 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:00:55.0699 7724 fdc - ok
12:00:55.0730 7724 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:00:55.0771 7724 fdPHost - ok
12:00:55.0783 7724 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:00:55.0837 7724 FDResPub - ok
12:00:55.0885 7724 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:00:55.0897 7724 FileInfo - ok
12:00:55.0909 7724 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:00:55.0970 7724 Filetrace - ok
12:00:55.0989 7724 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:00:56.0017 7724 flpydisk - ok
12:00:56.0054 7724 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
12:00:56.0070 7724 FltMgr - ok
12:00:56.0183 7724 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
12:00:56.0256 7724 FontCache - ok
12:00:56.0307 7724 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:00:56.0323 7724 FontCache3.0.0.0 - ok
12:00:56.0368 7724 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:00:56.0379 7724 FsDepends - ok
12:00:56.0422 7724 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
12:00:56.0432 7724 Fs_Rec - ok
12:00:56.0485 7724 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:00:56.0504 7724 fvevol - ok
12:00:56.0527 7724 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:00:56.0541 7724 gagp30kx - ok
12:00:56.0626 7724 GameConsoleService (e53ee18a21c025deabcfe0f72fc481bb) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
12:00:56.0645 7724 GameConsoleService - ok
12:00:56.0687 7724 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:00:56.0699 7724 GEARAspiWDM - ok
12:00:56.0765 7724 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
12:00:56.0833 7724 gpsvc - ok
12:00:56.0922 7724 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:00:56.0940 7724 gupdate - ok
12:00:56.0959 7724 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:00:56.0975 7724 gupdatem - ok
12:00:56.0995 7724 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:00:57.0055 7724 hcw85cir - ok
12:00:57.0115 7724 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
12:00:57.0164 7724 HdAudAddService - ok
12:00:57.0182 7724 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:00:57.0231 7724 HDAudBus - ok
12:00:57.0265 7724 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:00:57.0282 7724 HECIx64 - ok
12:00:57.0297 7724 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:00:57.0324 7724 HidBatt - ok
12:00:57.0349 7724 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:00:57.0378 7724 HidBth - ok
12:00:57.0416 7724 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:00:57.0444 7724 HidIr - ok
12:00:57.0462 7724 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:00:57.0524 7724 hidserv - ok
12:00:57.0578 7724 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
12:00:57.0599 7724 HidUsb - ok
12:00:57.0620 7724 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
12:00:57.0676 7724 hkmsvc - ok
12:00:57.0706 7724 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
12:00:57.0761 7724 HomeGroupListener - ok
12:00:57.0787 7724 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
12:00:57.0809 7724 HomeGroupProvider - ok
12:00:57.0898 7724 HP Health Check Service (c84bcc03858daeac4db1e95efcce1934) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
12:00:57.0928 7724 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
12:00:57.0928 7724 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
12:00:58.0004 7724 HP Wireless Assistant Service (a2de0a67c77ebc6dfad3d55232790add) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
12:00:58.0021 7724 HP Wireless Assistant Service - ok
12:00:58.0045 7724 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
12:00:58.0059 7724 hpdskflt - ok
12:00:58.0108 7724 hpqwmiex (ef3ea06057132138b4e5895a61601dbe) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
12:00:58.0129 7724 hpqwmiex - ok
12:00:58.0168 7724 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
12:00:58.0191 7724 HpSAMD - ok
12:00:58.0196 7724 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
12:00:58.0207 7724 hpsrv - ok
12:00:58.0238 7724 HPWMISVC (b6492d01712a22ff3fea25a999dbd321) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
12:00:58.0261 7724 HPWMISVC ( UnsignedFile.Multi.Generic ) - warning
12:00:58.0261 7724 HPWMISVC - detected UnsignedFile.Multi.Generic (1)
12:00:58.0333 7724 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
12:00:58.0421 7724 HTTP - ok
12:00:58.0451 7724 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
12:00:58.0462 7724 hwpolicy - ok
12:00:58.0477 7724 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:00:58.0490 7724 i8042prt - ok
12:00:58.0526 7724 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
12:00:58.0542 7724 iaStor - ok
12:00:58.0610 7724 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:00:58.0623 7724 IAStorDataMgrSvc - ok
12:00:58.0682 7724 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
12:00:58.0709 7724 iaStorV - ok
12:00:58.0812 7724 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:00:58.0855 7724 idsvc - ok
12:00:59.0346 7724 igfx (90afab2b5962b1cd5bb23320675d6174) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:00:59.0515 7724 igfx - ok
12:00:59.0641 7724 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:00:59.0661 7724 iirsp - ok
12:00:59.0707 7724 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
12:00:59.0767 7724 IKEEXT - ok
12:00:59.0836 7724 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
12:00:59.0893 7724 Impcd - ok
12:00:59.0924 7724 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
12:00:59.0941 7724 intelide - ok
12:01:00.0420 7724 intelkmd (90afab2b5962b1cd5bb23320675d6174) C:\Windows\system32\DRIVERS\igdpmd64.sys
12:01:00.0560 7724 intelkmd - ok
12:01:00.0676 7724 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:01:00.0710 7724 intelppm - ok
12:01:00.0746 7724 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:01:00.0816 7724 IPBusEnum - ok
12:01:00.0849 7724 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:01:00.0912 7724 IpFilterDriver - ok
12:01:00.0959 7724 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
12:01:01.0024 7724 iphlpsvc - ok
12:01:01.0053 7724 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:01:01.0080 7724 IPMIDRV - ok
12:01:01.0103 7724 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:01:01.0163 7724 IPNAT - ok
12:01:01.0265 7724 iPod Service (3151d878bb16307ef2cf4cda2463d15e) C:\Program Files\iPod\bin\iPodService.exe
12:01:01.0299 7724 iPod Service - ok
12:01:01.0321 7724 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:01:01.0340 7724 IRENUM - ok
12:01:01.0351 7724 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
12:01:01.0363 7724 isapnp - ok
12:01:01.0394 7724 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
12:01:01.0408 7724 iScsiPrt - ok
12:01:01.0445 7724 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:01:01.0456 7724 kbdclass - ok
12:01:01.0475 7724 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
12:01:01.0502 7724 kbdhid - ok
12:01:01.0535 7724 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:01:01.0549 7724 KeyIso - ok
12:01:01.0560 7724 KMService - ok
12:01:01.0579 7724 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
12:01:01.0593 7724 KSecDD - ok
12:01:01.0613 7724 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
12:01:01.0629 7724 KSecPkg - ok
12:01:01.0647 7724 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:01:01.0705 7724 ksthunk - ok
12:01:01.0745 7724 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:01:01.0814 7724 KtmRm - ok
12:01:01.0857 7724 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
12:01:01.0917 7724 LanmanServer - ok
12:01:01.0950 7724 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
12:01:02.0018 7724 LanmanWorkstation - ok
12:01:02.0057 7724 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:01:02.0119 7724 lltdio - ok
12:01:02.0165 7724 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:01:02.0231 7724 lltdsvc - ok
12:01:02.0251 7724 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:01:02.0288 7724 lmhosts - ok
12:01:02.0373 7724 LMS (dbc1136a62bd4decc3632df650284c2e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:01:02.0396 7724 LMS - ok
12:01:02.0438 7724 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:01:02.0458 7724 LSI_FC - ok
12:01:02.0477 7724 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:01:02.0497 7724 LSI_SAS - ok
12:01:02.0523 7724 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:01:02.0541 7724 LSI_SAS2 - ok
12:01:02.0557 7724 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:01:02.0576 7724 LSI_SCSI - ok
12:01:02.0598 7724 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:01:02.0677 7724 luafv - ok
12:01:02.0723 7724 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
12:01:02.0776 7724 Mcx2Svc - ok
12:01:02.0795 7724 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:01:02.0814 7724 megasas - ok
12:01:02.0842 7724 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:01:02.0867 7724 MegaSR - ok
12:01:02.0952 7724 Microsoft SharePoint Workspace Audit Service - ok
12:01:02.0986 7724 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:01:03.0067 7724 MMCSS - ok
12:01:03.0087 7724 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:01:03.0148 7724 Modem - ok
12:01:03.0187 7724 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:01:03.0229 7724 monitor - ok
12:01:03.0278 7724 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:01:03.0295 7724 mouclass - ok
12:01:03.0315 7724 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:01:03.0344 7724 mouhid - ok
12:01:03.0367 7724 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
12:01:03.0386 7724 mountmgr - ok
12:01:03.0409 7724 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
12:01:03.0430 7724 mpio - ok
12:01:03.0445 7724 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:01:03.0483 7724 mpsdrv - ok
12:01:03.0546 7724 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
12:01:03.0625 7724 MpsSvc - ok
12:01:03.0659 7724 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
12:01:03.0697 7724 MRxDAV - ok
12:01:03.0727 7724 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:01:03.0755 7724 mrxsmb - ok
12:01:03.0795 7724 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:01:03.0827 7724 mrxsmb10 - ok
12:01:03.0865 7724 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:01:03.0887 7724 mrxsmb20 - ok
12:01:03.0896 7724 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
12:01:03.0906 7724 msahci - ok
12:01:03.0938 7724 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
12:01:03.0952 7724 msdsm - ok
12:01:03.0982 7724 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:01:04.0021 7724 MSDTC - ok
12:01:04.0057 7724 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:01:04.0113 7724 Msfs - ok
12:01:04.0120 7724 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:01:04.0172 7724 mshidkmdf - ok
12:01:04.0190 7724 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
12:01:04.0200 7724 msisadrv - ok
12:01:04.0240 7724 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:01:04.0297 7724 MSiSCSI - ok
12:01:04.0299 7724 msiserver - ok
12:01:04.0326 7724 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:01:04.0362 7724 MSKSSRV - ok
12:01:04.0374 7724 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:01:04.0422 7724 MSPCLOCK - ok
12:01:04.0439 7724 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:01:04.0494 7724 MSPQM - ok
12:01:04.0541 7724 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
12:01:04.0557 7724 MsRPC - ok
12:01:04.0570 7724 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
12:01:04.0581 7724 mssmbios - ok
12:01:04.0589 7724 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:01:04.0638 7724 MSTEE - ok
12:01:04.0653 7724 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:01:04.0677 7724 MTConfig - ok
12:01:04.0703 7724 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:01:04.0716 7724 Mup - ok
12:01:04.0755 7724 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
12:01:04.0830 7724 napagent - ok
12:01:04.0893 7724 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:01:04.0945 7724 NativeWifiP - ok
12:01:05.0034 7724 NAVENG - ok
12:01:05.0040 7724 NAVEX15 - ok
12:01:05.0098 7724 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
12:01:05.0136 7724 NDIS - ok
12:01:05.0161 7724 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:01:05.0215 7724 NdisCap - ok
12:01:05.0247 7724 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:01:05.0306 7724 NdisTapi - ok
12:01:05.0329 7724 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
12:01:05.0366 7724 Ndisuio - ok
12:01:05.0382 7724 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:01:05.0420 7724 NdisWan - ok
12:01:05.0441 7724 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
12:01:05.0499 7724 NDProxy - ok
12:01:05.0517 7724 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:01:05.0570 7724 NetBIOS - ok
12:01:05.0594 7724 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
12:01:05.0652 7724 NetBT - ok
12:01:05.0684 7724 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:01:05.0695 7724 Netlogon - ok
12:01:05.0726 7724 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:01:05.0787 7724 Netman - ok
12:01:05.0915 7724 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:01:05.0932 7724 NetMsmqActivator - ok
12:01:05.0936 7724 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:01:05.0947 7724 NetPipeActivator - ok
12:01:05.0985 7724 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:01:06.0074 7724 netprofm - ok
12:01:06.0078 7724 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:01:06.0088 7724 NetTcpActivator - ok
12:01:06.0091 7724 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:01:06.0101 7724 NetTcpPortSharing - ok
12:01:06.0429 7724 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
12:01:06.0544 7724 netw5v64 - ok
12:01:06.0677 7724 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:01:06.0697 7724 nfrd960 - ok
12:01:06.0787 7724 NIS (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
12:01:06.0804 7724 NIS - ok
12:01:06.0849 7724 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
12:01:06.0908 7724 NlaSvc - ok
12:01:06.0917 7724 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:01:06.0969 7724 Npfs - ok
12:01:07.0004 7724 npggsvc - ok
12:01:07.0009 7724 NPPTNT2 - ok
12:01:07.0019 7724 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:01:07.0059 7724 nsi - ok
12:01:07.0078 7724 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:01:07.0128 7724 nsiproxy - ok
12:01:07.0243 7724 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
12:01:07.0301 7724 Ntfs - ok
12:01:07.0404 7724 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:01:07.0479 7724 Null - ok
12:01:07.0514 7724 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
12:01:07.0529 7724 nvraid - ok
12:01:07.0550 7724 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
12:01:07.0567 7724 nvstor - ok
12:01:07.0586 7724 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
12:01:07.0598 7724 nv_agp - ok
12:01:07.0615 7724 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
12:01:07.0640 7724 ohci1394 - ok
12:01:07.0751 7724 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:01:07.0770 7724 ose - ok
12:01:08.0151 7724 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:01:08.0269 7724 osppsvc - ok
12:01:08.0385 7724 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:01:08.0452 7724 p2pimsvc - ok
12:01:08.0493 7724 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:01:08.0520 7724 p2psvc - ok
12:01:08.0572 7724 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:01:08.0591 7724 Parport - ok
12:01:08.0611 7724 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
12:01:08.0630 7724 partmgr - ok
12:01:08.0648 7724 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:01:08.0683 7724 PcaSvc - ok
12:01:08.0708 7724 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
12:01:08.0723 7724 pci - ok
12:01:08.0735 7724 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
12:01:08.0747 7724 pciide - ok
12:01:08.0778 7724 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:01:08.0796 7724 pcmcia - ok
12:01:08.0812 7724 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:01:08.0826 7724 pcw - ok
12:01:08.0867 7724 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:01:08.0948 7724 PEAUTH - ok
12:01:09.0023 7724 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:01:09.0056 7724 PerfHost - ok
12:01:09.0216 7724 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
12:01:09.0308 7724 pla - ok
12:01:09.0378 7724 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
12:01:09.0449 7724 PlugPlay - ok
12:01:09.0473 7724 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:01:09.0509 7724 PNRPAutoReg - ok
12:01:09.0542 7724 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:01:09.0566 7724 PNRPsvc - ok
12:01:09.0616 7724 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
12:01:09.0695 7724 PolicyAgent - ok
12:01:09.0727 7724 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:01:09.0769 7724 Power - ok
12:01:09.0807 7724 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
12:01:09.0893 7724 PptpMiniport - ok
12:01:09.0914 7724 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:01:09.0948 7724 Processor - ok
12:01:09.0984 7724 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
12:01:10.0061 7724 ProfSvc - ok
12:01:10.0093 7724 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:01:10.0107 7724 ProtectedStorage - ok
12:01:10.0130 7724 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
12:01:10.0177 7724 Psched - ok
12:01:10.0216 7724 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
12:01:10.0223 7724 PxHlpa64 - ok
12:01:10.0331 7724 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:01:10.0408 7724 ql2300 - ok
12:01:10.0520 7724 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:01:10.0541 7724 ql40xx - ok
12:01:10.0578 7724 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:01:10.0613 7724 QWAVE - ok
12:01:10.0623 7724 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:01:10.0656 7724 QWAVEdrv - ok
12:01:10.0669 7724 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:01:10.0719 7724 RasAcd - ok
12:01:10.0745 7724 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:01:10.0783 7724 RasAgileVpn - ok
12:01:10.0800 7724 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:01:10.0851 7724 RasAuto - ok
12:01:10.0871 7724 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:01:10.0928 7724 Rasl2tp - ok
12:01:10.0951 7724 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
12:01:11.0020 7724 RasMan - ok
12:01:11.0051 7724 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:01:11.0108 7724 RasPppoe - ok
12:01:11.0132 7724 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:01:11.0171 7724 RasSstp - ok
12:01:11.0197 7724 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
12:01:11.0258 7724 rdbss - ok
12:01:11.0289 7724 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:01:11.0320 7724 rdpbus - ok
12:01:11.0343 7724 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:01:11.0384 7724 RDPCDD - ok
12:01:11.0396 7724 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:01:11.0450 7724 RDPENCDD - ok
12:01:11.0466 7724 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:01:11.0503 7724 RDPREFMP - ok
12:01:11.0542 7724 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
12:01:11.0574 7724 RDPWD - ok
12:01:11.0606 7724 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
12:01:11.0625 7724 rdyboost - ok
12:01:11.0650 7724 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:01:11.0700 7724 RemoteAccess - ok
12:01:11.0725 7724 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:01:11.0779 7724 RemoteRegistry - ok
12:01:11.0795 7724 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:01:11.0856 7724 RpcEptMapper - ok
12:01:11.0876 7724 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:01:11.0890 7724 RpcLocator - ok
12:01:11.0924 7724 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
12:01:11.0971 7724 RpcSs - ok
12:01:11.0994 7724 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:01:12.0049 7724 rspndr - ok
12:01:12.0102 7724 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:01:12.0117 7724 RTL8167 - ok
12:01:12.0151 7724 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:01:12.0165 7724 SamSs - ok
12:01:12.0186 7724 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
12:01:12.0201 7724 sbp2port - ok
12:01:12.0237 7724 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:01:12.0324 7724 SCardSvr - ok
12:01:12.0340 7724 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
12:01:12.0377 7724 scfilter - ok
12:01:12.0471 7724 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
12:01:12.0546 7724 Schedule - ok
12:01:12.0579 7724 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
12:01:12.0621 7724 SCPolicySvc - ok
12:01:12.0665 7724 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
12:01:12.0700 7724 sdbus - ok
12:01:12.0733 7724 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
12:01:12.0811 7724 SDRSVC - ok
12:01:12.0906 7724 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:01:12.0934 7724 SeaPort - ok
12:01:12.0955 7724 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:01:13.0023 7724 secdrv - ok
12:01:13.0039 7724 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
12:01:13.0096 7724 seclogon - ok
12:01:13.0128 7724 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:01:13.0186 7724 SENS - ok
12:01:13.0216 7724 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:01:13.0270 7724 SensrSvc - ok
12:01:13.0294 7724 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:01:13.0327 7724 Serenum - ok
12:01:13.0353 7724 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:01:13.0368 7724 Serial - ok
12:01:13.0389 7724 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:01:13.0421 7724 sermouse - ok
12:01:13.0451 7724 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
12:01:13.0490 7724 SessionEnv - ok
12:01:13.0508 7724 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
12:01:13.0538 7724 sffdisk - ok
12:01:13.0552 7724 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:01:13.0581 7724 sffp_mmc - ok
12:01:13.0613 7724 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:01:13.0628 7724 sffp_sd - ok
12:01:13.0641 7724 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:01:13.0655 7724 sfloppy - ok
12:01:13.0688 7724 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:01:13.0762 7724 SharedAccess - ok
12:01:13.0803 7724 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
12:01:13.0849 7724 ShellHWDetection - ok
12:01:13.0886 7724 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:01:13.0907 7724 SiSRaid2 - ok
12:01:13.0926 7724 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:01:13.0946 7724 SiSRaid4 - ok
12:01:13.0971 7724 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:01:14.0022 7724 Smb - ok
12:01:14.0050 7724 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:01:14.0077 7724 SNMPTRAP - ok
12:01:14.0097 7724 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:01:14.0109 7724 spldr - ok
12:01:14.0171 7724 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
12:01:14.0255 7724 Spooler - ok
12:01:14.0477 7724 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
12:01:14.0563 7724 sppsvc - ok
12:01:14.0664 7724 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:01:14.0715 7724 sppuinotify - ok
12:01:14.0801 7724 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
12:01:14.0801 7724 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
12:01:14.0803 7724 sptd ( LockedFile.Multi.Generic ) - warning
12:01:14.0803 7724 sptd - detected LockedFile.Multi.Generic (1)
12:01:14.0895 7724 SRTSP (56979a80f6f9df788a8bfcc1603da40d) C:\Windows\system32\drivers\NISx64\1100000.088\SRTSP64.SYS
12:01:14.0923 7724 SRTSP - ok
12:01:14.0937 7724 SRTSPX (3c3d82bb245ad1cb00ed48cb2f4ab385) C:\Windows\system32\drivers\NISx64\1100000.088\SRTSPX64.SYS
12:01:14.0945 7724 SRTSPX - ok
12:01:15.0001 7724 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
12:01:15.0053 7724 srv - ok
12:01:15.0091 7724 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
12:01:15.0129 7724 srv2 - ok
12:01:15.0179 7724 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
12:01:15.0204 7724 SrvHsfHDA - ok
12:01:15.0297 7724 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
12:01:15.0350 7724 SrvHsfV92 - ok
12:01:15.0504 7724 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
12:01:15.0542 7724 SrvHsfWinac - ok
12:01:15.0587 7724 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
12:01:15.0620 7724 srvnet - ok
12:01:15.0660 7724 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:01:15.0731 7724 SSDPSRV - ok
12:01:15.0754 7724 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:01:15.0793 7724 SstpSvc - ok
12:01:15.0889 7724 STacSV (7f30633a5aec81140dbc6daaaebd0cbe) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
12:01:15.0925 7724 STacSV - ok
12:01:16.0024 7724 Steam Client Service - ok
12:01:16.0056 7724 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:01:16.0077 7724 stexstor - ok
12:01:16.0125 7724 STHDA (f991751c2477257bbcedb364a0f449b4) C:\Windows\system32\DRIVERS\stwrt64.sys
12:01:16.0171 7724 STHDA - ok
12:01:16.0234 7724 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
12:01:16.0293 7724 stisvc - ok
12:01:16.0318 7724 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
12:01:16.0335 7724 swenum - ok
12:01:16.0432 7724 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:01:16.0463 7724 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:01:16.0464 7724 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
12:01:16.0506 7724 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:01:16.0557 7724 swprv - ok
12:01:16.0615 7724 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
12:01:16.0629 7724 SynTP - ok
12:01:16.0745 7724 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
12:01:16.0816 7724 SysMain - ok
12:01:16.0924 7724 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
12:01:16.0957 7724 TabletInputService - ok
12:01:16.0984 7724 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
12:01:17.0035 7724 TapiSrv - ok
12:01:17.0046 7724 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:01:17.0086 7724 TBS - ok
12:01:17.0227 7724 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
12:01:17.0294 7724 Tcpip - ok
12:01:17.0468 7724 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
12:01:17.0526 7724 TCPIP6 - ok
12:01:17.0573 7724 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
12:01:17.0620 7724 tcpipreg - ok
12:01:17.0631 7724 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:01:17.0685 7724 TDPIPE - ok
12:01:17.0718 7724 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
12:01:17.0747 7724 TDTCP - ok
12:01:17.0783 7724 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
12:01:17.0859 7724 tdx - ok
12:01:17.0958 7724 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
12:01:17.0978 7724 TermDD - ok
12:01:18.0052 7724 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
12:01:18.0133 7724 TermService - ok
12:01:18.0152 7724 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:01:18.0175 7724 Themes - ok
12:01:18.0194 7724 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:01:18.0231 7724 THREADORDER - ok
12:01:18.0246 7724 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:01:18.0296 7724 TrkWks - ok
12:01:18.0356 7724 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
12:01:18.0383 7724 TrustedInstaller - ok
12:01:18.0400 7724 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:01:18.0438 7724 tssecsrv - ok
12:01:18.0464 7724 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
12:01:18.0524 7724 tunnel - ok
12:01:18.0540 7724 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:01:18.0552 7724 uagp35 - ok
12:01:18.0587 7724 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
12:01:18.0623 7724 udfs - ok
12:01:18.0647 7724 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:01:18.0665 7724 UI0Detect - ok
12:01:18.0678 7724 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
12:01:18.0693 7724 uliagpkx - ok
12:01:18.0714 7724 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
12:01:18.0740 7724 umbus - ok
12:01:18.0767 7724 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:01:18.0795 7724 UmPass - ok
12:01:19.0000 7724 UNS (7466809e6da561d60c2f1ce8ede3c73f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:01:19.0062 7724 UNS - ok
12:01:19.0172 7724 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:01:19.0245 7724 upnphost - ok
12:01:19.0322 7724 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
12:01:19.0383 7724 USBAAPL64 - ok
12:01:19.0438 7724 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
12:01:19.0482 7724 usbaudio - ok
12:01:19.0514 7724 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
12:01:19.0590 7724 usbccgp - ok
12:01:19.0622 7724 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
12:01:19.0668 7724 usbcir - ok
12:01:19.0687 7724 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
12:01:19.0717 7724 usbehci - ok
12:01:19.0765 7724 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
12:01:19.0789 7724 usbhub - ok
12:01:19.0806 7724 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
12:01:19.0818 7724 usbohci - ok
12:01:19.0853 7724 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:01:19.0880 7724 usbprint - ok
12:01:19.0914 7724 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:01:19.0958 7724 usbscan - ok
12:01:19.0987 7724 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
12:01:20.0077 7724 USBSTOR - ok
12:01:20.0097 7724 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
12:01:20.0126 7724 usbuhci - ok
12:01:20.0182 7724 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
12:01:20.0248 7724 usbvideo - ok
12:01:20.0276 7724 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:01:20.0346 7724 UxSms - ok
12:01:20.0369 7724 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:01:20.0381 7724 VaultSvc - ok
12:01:20.0527 7724 vcsFPService (2662f24c7aee2a32cebdec907a5366f1) C:\Windows\system32\vcsFPService.exe
12:01:20.0601 7724 vcsFPService - ok
12:01:20.0748 7724 VCSVADHWSer (3a4b01c2bdb07dfef29b0b369487503a) C:\Windows\system32\DRIVERS\vcsvad.sys
12:01:20.0786 7724 VCSVADHWSer - ok
12:01:20.0829 7724 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
12:01:20.0846 7724 vdrvroot - ok
12:01:20.0889 7724 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
12:01:20.0930 7724 vds - ok
12:01:20.0944 7724 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:01:20.0961 7724 vga - ok
12:01:20.0975 7724 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:01:21.0048 7724 VgaSave - ok
12:01:21.0077 7724 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
12:01:21.0093 7724 vhdmp - ok
12:01:21.0103 7724 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
12:01:21.0115 7724 viaide - ok
12:01:21.0134 7724 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
12:01:21.0147 7724 volmgr - ok
12:01:21.0178 7724 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
12:01:21.0198 7724 volmgrx - ok
12:01:21.0250 7724 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
12:01:21.0281 7724 volsnap - ok
12:01:21.0321 7724 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:01:21.0338 7724 vsmraid - ok
12:01:21.0459 7724 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
12:01:21.0513 7724 VSS - ok
12:01:21.0667 7724 VSTWinDriver6 (e72b7f6ad60ec55b2bbef6c6202cde2a) C:\Windows\system32\drivers\VSTwindrvr6.sys
12:01:21.0713 7724 VSTWinDriver6 - ok
12:01:21.0733 7724 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:01:21.0771 7724 vwifibus - ok
12:01:21.0791 7724 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:01:21.0818 7724 vwififlt - ok
12:01:21.0852 7724 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:01:21.0879 7724 vwifimp - ok
12:01:21.0922 7724 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:01:21.0978 7724 W32Time - ok
12:01:22.0002 7724 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:01:22.0031 7724 WacomPen - ok
12:01:22.0062 7724 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:01:22.0129 7724 WANARP - ok
12:01:22.0133 7724 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:01:22.0171 7724 Wanarpv6 - ok
12:01:22.0291 7724 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:01:22.0350 7724 WatAdminSvc - ok
12:01:22.0451 7724 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
12:01:22.0576 7724 wbengine - ok
12:01:22.0687 7724 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:01:22.0723 7724 WbioSrvc - ok
12:01:22.0775 7724 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
12:01:22.0829 7724 wcncsvc - ok
12:01:22.0843 7724 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:01:22.0905 7724 WcsPlugInService - ok
12:01:22.0936 7724 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:01:22.0953 7724 Wd - ok
12:01:23.0006 7724 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:01:23.0040 7724 Wdf01000 - ok
12:01:23.0053 7724 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:01:23.0088 7724 WdiServiceHost - ok
12:01:23.0091 7724 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:01:23.0110 7724 WdiSystemHost - ok
12:01:23.0145 7724 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
12:01:23.0171 7724 WebClient - ok
12:01:23.0210 7724 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:01:23.0301 7724 Wecsvc - ok
12:01:23.0321 7724 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:01:23.0379 7724 wercplsupport - ok
12:01:23.0410 7724 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:01:23.0451 7724 WerSvc - ok
12:01:23.0483 7724 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:01:23.0538 7724 WfpLwf - ok
12:01:23.0557 7724 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:01:23.0568 7724 WIMMount - ok
12:01:23.0594 7724 WinDefend - ok
12:01:23.0703 7724 WindowBlinds (8258726d076c8fff994f468712ddfbab) C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe
12:01:23.0726 7724 WindowBlinds - ok
12:01:23.0733 7724 WinHttpAutoProxySvc - ok
12:01:23.0785 7724 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:01:23.0852 7724 Winmgmt - ok
12:01:23.0988 7724 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
12:01:24.0082 7724 WinRM - ok
12:01:24.0234 7724 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
12:01:24.0280 7724 WinUSB - ok
12:01:24.0358 7724 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:01:24.0417 7724 Wlansvc - ok
12:01:24.0607 7724 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:01:24.0667 7724 wlidsvc - ok
12:01:24.0777 7724 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:01:24.0799 7724 WmiAcpi - ok
12:01:24.0849 7724 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:01:24.0888 7724 wmiApSrv - ok
12:01:24.0936 7724 WMPNetworkSvc - ok
12:01:24.0974 7724 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:01:25.0014 7724 WPCSvc - ok
12:01:25.0034 7724 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
12:01:25.0104 7724 WPDBusEnum - ok
12:01:25.0127 7724 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:01:25.0207 7724 ws2ifsl - ok
12:01:25.0248 7724 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
12:01:25.0296 7724 wscsvc - ok
12:01:25.0301 7724 WSearch - ok
12:01:25.0460 7724 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
12:01:25.0578 7724 wuauserv - ok
12:01:25.0693 7724 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
12:01:25.0768 7724 WudfPf - ok
12:01:25.0800 7724 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:01:25.0839 7724 WUDFRd - ok
12:01:25.0862 7724 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
12:01:25.0917 7724 wudfsvc - ok
12:01:25.0945 7724 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:01:25.0966 7724 WwanSvc - ok
12:01:26.0016 7724 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
12:01:26.0066 7724 yukonw7 - ok
12:01:26.0106 7724 MBR (0x1B8) (a880366ed4da298086de4df4ad79ea54) \Device\Harddisk0\DR0
12:01:26.0184 7724 \Device\Harddisk0\DR0 - ok
12:01:26.0214 7724 Boot (0x1200) (2d1786c1790f32f78ba3ac573fb04524) \Device\Harddisk0\DR0\Partition0
12:01:26.0215 7724 \Device\Harddisk0\DR0\Partition0 - ok
12:01:26.0222 7724 Boot (0x1200) (a27a76a2c33525c2c8b48e87f8aace4d) \Device\Harddisk0\DR0\Partition1
12:01:26.0223 7724 \Device\Harddisk0\DR0\Partition1 - ok
12:01:26.0250 7724 Boot (0x1200) (138f11ad3fb2d4eea2b8a9aa81d750c5) \Device\Harddisk0\DR0\Partition2
12:01:26.0251 7724 \Device\Harddisk0\DR0\Partition2 - ok
12:01:26.0265 7724 Boot (0x1200) (51c7648780b3f6db8c52bbc25c367956) \Device\Harddisk0\DR0\Partition3
12:01:26.0266 7724 \Device\Harddisk0\DR0\Partition3 - ok
12:01:26.0267 7724 ============================================================
12:01:26.0267 7724 Scan finished
12:01:26.0267 7724 ============================================================
12:01:26.0283 9852 Detected object count: 4
12:01:26.0283 9852 Actual detected object count: 4
12:02:22.0293 9852 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:22.0293 9852 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:22.0294 9852 HPWMISVC ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:22.0294 9852 HPWMISVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:22.0296 9852 sptd ( LockedFile.Multi.Generic ) - skipped by user
12:02:22.0296 9852 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
12:02:22.0298 9852 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:22.0298 9852 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:37.0542 0652 Deinitialize success



Thanks so much for your help! I'm actually not sure if anything is wrong, but it does look like my computer is fine now.
Is there anything else that you see wrong in the logs? Furthermore, do you have any suggestions to make my computer faster?
  • 0

#6
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now. We just want to run it on demand.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


mbam log
eset log
security check log


Please give me an update on how your computer is doing!
  • 0

#7
bordforlyf

bordforlyf

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi! Thanks for getting back to me so shortly. I really appreciate it. I can't tell if there is anything wrong honestly. Nothing seems out of the ordinary.

MBAM:


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.02.09

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Dom :: DOM-PC [administrator]

5/2/2012 4:59:07 PM
mbam-log-2012-05-02 (16-59-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203844
Time elapsed: 2 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\FREEzeFrog\FREEzeFrog (Adware.HotBar) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Dom\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> Quarantined and deleted successfully.

(end)


ESET:


[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=43b7618c59fbbf48aa746ff478d7ab36
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-03 01:55:01
# local_time=2012-05-02 06:55:01 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=3588 16777214 85 85 54949851 84764243 0 0
# compatibility_mode=5893 16776573 100 94 0 87548269 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=377788
# found=3
# cleaned=3
# scan_time=5282
C:\Program Files (x86)\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Dom\Desktop\logisysus.com\catalog\images\.x\m.help Win32/Mechbot.NAA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Dom\Downloads\XvidSetup (1).exe Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C


SECURITY CHECK:

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 26
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (2.0.0 Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
ESET ESET Online Scanner OnlineCmdLineScanner.exe
``````````End of Log````````````



thanks for your help!!
  • 0

#8
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

thanks for your help!!

You are welcome! :thumbsup:


We have some updates to do to improve your security.

Step 1.
  • Open User Accounts by clicking the Start button Posted Image, clicking Control Panel, clicking User Accounts and Family Safety (or clicking User Accounts, if you are connected to a network domain), and then clicking User Accounts.
  • Click Turn User Account Control on.Posted Image Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.


Step 2.

Update Java

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Step 3.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

Uninstall all previous versions.
Download the latest version from: http://www.adobe.com.../readstep2.html

If you already have Adobe Photoshopģ Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshopģ Album Starter Edition.


Step 4.

Update Mozilla FireFox

Your version of FireFox is 2 and the current release is 12

Please uninstall the version you have and go here to download the latest version and install it.


Step 5.


Please confirm you are still running well or if there are any issues you have noticed since my last post.
  • 0

#9
bordforlyf

bordforlyf

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi, I believe everything is fine. If there is nothing else you see wrong, then I guess we're done? Thanks so much for your time and effort!
  • 0

#10
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
You do not have Service Pack 1 installed. Keeping your computer up to date using windows update is a critical piece of improved performance, increased stability, and resistance to malware attack.

Windows Update (Win 7)


Click Start >> Control Panel >> System and Security >> Under Windows Update click Check for updates >> Check for updates

Install the update for SP1 first and then install a few more at a time until you are completely up to date.

Finally set Windows update to update you automatically.
Instructions are here to set it up correctly.

Once this is complete come back and give me an update on your computer.
  • 0

#11
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#12
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP